SUMMARY:

• Confidential has 20 years’ experience engineering, designing and leading cutting edge technologies spanning several industries.
• He has excellent leadership skills enabling technology teams to remain agile while meeting complex business requirements.
• He has a proven track record for delivering in a leadership position for technology programs exceeding $100 million.
• Successfully led the migrations and implementations of 45 companies moving the the Azure/AWS Coud
• Advised clients as vendor neutral architect presenting cloud architectures with financial estimates utilizing AWS/Azure technologies
• Experienced working within the AWS/Azure consoles setting up VM/EC2 instances, secure S3 environments, Lambda Functions, RDS/Cosmos databases and most cloud features. Experienced with Powershell, Bash, Python.
• Successfully planned and led the dev/ops migration of 146 applications migrating to a hybrid cloud
• Trained and certified by the Chicago HIPAA Academy for PHI security in the cloud.
• Trained and certified by CyberArk for mitigating Ransomware attacks.
• Responsible for facilitating and mentoring devops teams to adopt secure development practices
• Lead consultant defining a security program for corporate headquarters and two newly purchased medical companies.
• Updated all security and privacy controls for $300 million - dollar subsidiary reporting to the CIO. Achieved SOC2 accreditation.
• Lead security architect for several medium size companies including Confidential, GMAC/RFC, Donaldson, Ingenix, Confidential and University of Minnesota.

TECHNICAL SUMMARY:

Security: Identity Management- Provisioning, Single- Sign On, Carbon Black, Meta Directory, Federation, Digital Rights Management, FedRAMP, HIPAA, HITECH Act, GLBA, ITIL, Jenkins, SOX 404, ERISA, PIPEDA, ISO 17799, OCTAVE, COSO, COBIT, Disaster Planning, SOC2, SOC3, ISO 27001, NIST 800 Series

Cloud: Azure, AWS EC2, AWS S3, AWS S3 Glacier, AWS RDS, AWS Redshift, AWS Aurora, AWS Dynamo DB, AWS CloudFront, AWS Lambda, EC2 Container Service, AWS Elastic Beanstalk, GoogleCloud

PROFESSIONAL EXPERIENCE:

Confidential

Cloud Practice Lead

Responsibilities:

• Cloud leader engineering the migrations for a portfolio of 45 companies migrating from private data centers to the Azure/AWS Cloud.
• Designed and setup Microsoft Azure environment to facilitate a Soc2 control assessment
• Responsible for Dev/Ops Strategy, Cloud Migration Cost Estimates, Architecture solutioning, Active Directory, Cyberark, Azure PIM, Load Balancers, Application migrations and security scores.
• Mentored Dev/Sec/Ops team for 6 billion dollar company experiencing repeated security breaches
• Consulted with teams on the features available from Chef, Puppet, Ansible, Github and Jenkins versus native AWS tools.

Confidential

Principal Technical Program Manager

Responsibilities:

• Led and mentored team of ten junior project managers, devops/security engineers. Defined 22 workstreams and secure agile methodology for hybrid data center delivery
• Managed the technical requirements and development of 146 applications migrating to datacenter and hybrid cloud.
• Successfully negotiated application and cloud go-live requirements with executive leadership

Confidential

CyberSecurity Consultant

Responsibilities:

• Assigned as technical lead for the following projects: Oracle Identity Management, Firewall, Web Application Development, Data Encryption, Data Masking, Data Classification and PCI compliance
• Defined the OWASP Mod-security ruleset to fine-tune it as per customer needs, and prevent from the well-known attacks like SQL Injection, Cross-Site Scripting, command injection etc.
• Responsible for defining OWASP remediation projects based on internal security audit and risk assessment

Confidential

Security Consultant

Responsibilities:

• Assessed Information Technology processes and created a remediation plan to correct deficiencies for PCI compliance, security, change management, off-boarding, on-boarding and the SAP ERP system
• Architected PCI compliance for SAP ERP system and integration with XIpay token technology
• Security analyst responsible for performing SQL Queries to identify private information and reclassify
• Identified PCI gaps and recommended technology solutions Paymetric to mitigate credit card risk
• Defined the OWASP Mod-security ruleset to fine-tune it as per customer needs, and prevent from the well-known attacks like SQL Injection, Cross-Site Scripting, command injection etc.

Confidential

Security Architect

Responsibilities:

• Successfully integrated Single-Sign On and federated identity for datacenter purchased by United Health International

Confidential

Security Architect

Responsibilities:

• Responsible for security program requirements for the merger of Confidential
• Defined security and privacy requirements and facilitated the remediation requirements for business, infrastructure, software development and data center
• Ensured Web architecture met security and privacy requirements for PCI digital dozen
• Successfully delivered security requirements for infrastructure and development to meet PCI and HIPAA requirements

Confidential

Security Architect

Responsibilities:

• Designed roadmap and project methodology to facilitate applications and infrastructure modifications to meet security and privacy requirements
• Facilitated the definition of 103 security procedures utilized by information technology to meet ISO 27001 requirements
• Worked with the Joint Commission (JCAHO) to map their security and privacy requirements as they would affect Confidential and subsidiaries
• Delivered a secure infrastructure and development environment to meet internal audit requirements based on ISO 2 002 security and privacy requirements

Confidential

Technical Project Manager

Responsibilities:

• Identified technology deficiencies and managed internal resources to correct for SAS 70 audit
• Updated and tested disaster recovery approach for data center and main office
• Responisble for 3rd party intrusion detection testing and remediation
• Updated all security and privacy controls for $300 million-dollar subsidiary reporting to the CIO
• Utilized the following frameworks: COSO/COBIT for controls and ITIL for infrastructure and BS17799 for security
• Successfully completed all infrastructure and security requirements for SAS 70 audit

Confidential

Enterprise Arhitect

Responsibilities:

• Reviewed, approved and monitored over 200 IT security remediation projects for Backup / Recovery, Incident Management, Change Management, SDLC, Physical Security, Batch Scheduling, Operating Systems, Authentication Sign on, and User Access
• Project managed lifecycle remediation schedules to ensure the completion of 3rd party audits
• Successfully managed delivery of 200 security related remediation projects spanning all seven IT Domains before deadline

Confidential

Enterprise Arhitect

Responsibilities:

• Responsible for data center infrastructure delivery
• Coordinated the move of all infrastructure hardware for data center move
• Reported program status updates to the CIO for IT Operations and CFO for Business Operations
• Successfully passed internal and external audit control objectives within 90-day remediation timeframe
• Aligned governance with the following frameworks: ITIL, ISO17799, and COSO/COBIT for controls

Confidential

Technical Project Manager

Responsibilities:

• Information Technology consultant for $25 million Ariba implementation program
• Managed infrastructure and development artifacts coordinating 60 shared technology resources
• Development and integration deliverables: Buyer 8.1, 8.2, Ariba Enterprise Sourcing, Category Management, Analysis, Contract Procurement, Receiving, Settlement, and invoicing
• Lawson ERP responsibilities included the facilitation of workflow among business, finance, support, and infrastructure
• Component upgrade included Lawson Accounts Payable, General Ledger and integration with PeopleSoft and Confidential .com
• Architected IBM Data-warehouse project utilizing information integrator to gather single view from separate platforms
• Enterprise Identity Management architect for Confidential Business Groups spanning the United States, Germany, Netherlands, United Kingdom and Mexico
• Responsibilities included Oblix Identity Management solution integrateing with Microsoft Active Direcotory.
• SOX 404, GLBA, HIPAA alignment, and security updates to the Chief Security Officer CSO
• Established Security office promoting enterprise best practices and IT governance utilizing COSO and COBIT process framework

Confidential

Information Techology Lead

Responsibilities:

• Led a portfolio of 8-12 enterprise projects for finance, legal, Infrastructure, and retail stores
• Primary project responsibilities included engaging (referee) the Business and IT infrastructure/development groups (Firewall, Encryption, s, Router, Switch, Wintel, UNIX, Datacenter, SOX 404, Disaster Recovery)
• Represented the development team at weekly CRB (Change Review Board) and EPS (Engineering & Production Services) board meetings
• Projects included BestBuyForBusiness.com, Ariba upgrade, RDS Reporting Services, Credit Card Subscriptions, and projects on disaster recovery program