SUMMARY

• As an Enterprise Architect and Technical Project Manager, I spend most of my time at the intersections between multiple business operations and technologies. Working with business stakeholders and product engineering teams, I help develop actionable requirements, data models, flows, uses cases, test cases, etc. Additionally, I support stakeholders and engineers through iterations of prototyping, implementations & deployments.
• Most of my work is the integration of Security, Identity and Access Management, Telemetry, and GRC. As a Full Stack Systems Integrator, I’ve broad experience across many technology domains and deep expertise in the spaces where technologies and products must interact to create a complete solution.
• With a lead from the front approach to work, I am accustomed to performing many roles during a customer engagement.
• I’ve managed budgets from $800K to $79.6M, developed and lead teams from 12 people up to 350, and managed multi­vendor integrations which required significant levels of product development from multiple organizations to meet customer requirements and achieve industry standards/regulatory compliance.
• Many of my projects developed new products or launched new revenue services which were integrated with IDM, CRM, SFA, BSS, OSS, and ERP applications. Additional components of these solutions included Telemetry, Security, Registration and Provisioning, Authentication and Authorization, Transaction Services and Transaction Management, Billing, Content Management, SQL applications, Directory Services, Event Services, Messaging, and customer facing Application Services.

TECHNICAL SKILLS

Enterprise Architecture: Modeling of Business Process, Application Services, and Supporting Infrastructures. Discovery and documentation of “as - is” architectures. Strategic planning and modeling of “to-be” architectures and IT Roadmaps. GAP analyses and development of transitions plans. Establishment of system inventories for traceability of responsibilities, integration dependencies, investment management, and architectural change control. TOGAF, Zachman, Federal Enterprise Architecture Framework (FEAF), and CMS Technical Reference Architecture. Requirements management, capital planning (CPIC), and OpEx rationalization. Data Modeling and Application Service Design. Running hands-on architecture labs to conduct proof-of-concept tests, feasibility studies, and validation of architectural blueprints. Conducting pilot projects and supporting technology implementations until hand off to operations.

Identity and Access Management: LDAP, DEN, LCUP, LDUP, OpenLDAP, SAML, OAUTH, Federation, Single Sign-On, SSO, RBAC, Privileged Access Management, Governance/SOX/GRC, AAA and AAAA, Registration, Attestation, and Recertification Processes, Schema Design & Extension, API Development. X.400/X.500, ASN.1, LDIF, CIM/ MOF, and DirXML. Integration of PAM modules, integration of cryptographic libraries, development of custom user lifecycle management (registration and account management) solutions.

Security Architecture: Encryption and Key Management, Certificate Authorities, Token Management, PKI, X.509, Kerberos, ISO, SSH VPN, IPSEC VPN, L2TPv3 MPLS VPN, SSL, TLS, Application Firewalls, API Gateways, SSL Acceleration Appliances, HSM Appliances, PCI, Data Classification, HIPaA, FIPS-140, NIST SP 800 Series, Data Protection and Electronic Records Management, Risk Assessments and Threat Assessments, Monitoring and Analysis Tools, Business Continuity and Disaster Recovery Planning, Remediation of Vulnerability and Penetration Testing results.

Project Management: Project Planning, Scope Development and Change Control, Activity and Schedule Planning, Resource and Cost Management, Team Development, Communications Planning and Management, Risk Management, Procurement Planning and Management (Vendor Management), Documentation and Reporting.

Systems Development: Project Planning, Analysis and Requirements Specifications, System Design and Functional Specification, Solutions Architecture, Data Modeling, System Modeling, Unit Testing, Alpha and Beta Implementation Testing, Joint Development Programs and Early Field Trials, User Acceptance Testing, Interoperability Testing, User and Administrator Training, Systems Support and Maintenance, Change Management, Configuration Management, Performance and Scalability Testing, Defect Management, Release Management.

Cisco: Management, Security, CNS (Cisco Network Services), EMS, DEN, VPN, QoS, RADIUS, L2TPv3, MPLS, Cisco ISE, Cisco ACE, Access Registrar, Network Registrar, Cisco Prime, Identity Services Engine, 6500 Series Switches, 7600 and 12000 Series Routers, Nexus Switches. Custom development and integration with Service Provider OSS/ BSS systems. Have also managed Cisco Advanced Services teams, TAC and Partner services, procurement and contract administration, and manufacturing scheduling (for large orders).

Microsoft: Windows Server, Active Directory, HyperV, VMM2012, WSUS, Exchange, O365, Access, Excel, Visio, Project.

Novell: SuSe Linux, NetWare 5.1, 4.2, and 3.2, GroupWise, BorderManager, NDS for NT, NDS for Solaris, NDS e- Directory, ManageWise, intraNetWare for sAa, Z.E.N.Works, DirXML, Nsure Identity Manager (IDM).

IBM - Z/OS, OS/390, MVS, JES, TSO, TSS, CICS, JCL, RACF, Z, Power Series, WebSphere, MQ Series, Rational, Curam.:

Oracle/Sun: Solaris, Oracle Linux, Sun Java System Directory Server (DSEE), i-Planet Directory Services, Innosoft IDDS, Netscape Directory Server, SPARC. Experienced with Oracle’s DB & MySQL, but not a DBA. Also experienced (used to be certified) with their coffee programming language, but limit my coding to a proof of concept that can be handed off to full time developers.

Other Identity products/tools (not listed above): UnboundID, PING Federated, ApacheDS & Directory Studio, JXplorer.

Apple: Xcode, iOS, iPhone and iPad device management, OS X Server, Objective-C.

Virtualization: VMware ESX, ESXi, vSphere and vCenter, Horizon (aka VDI VMware View) and ThinApp, Fusion, VirtualBox, Citrix XenServer, XenDesktop, Citrix Receiver, KVM, XEN, HyperV, VMM2012.

Application Performance Analysis & QA Tools: Selenium, YSlow, Firebug, GreaseMoneky, SLAMD, Mercury.

Others: Event Services, Application Messaging, Protocol Analysis, Sniffer, Wireshark, OPNET, SNMP, HP ALM, OpenView, BMC, Mega, Fortran, Perl, F5 Big IP, Riverbed, Safenet HSM, Jira, Confluence, AWS, Apigee.

PROFESSIONAL EXPERIENCE

Principal Consultant / Enterprise Architect / Technical Project Manager

Confidential

Responsibilities:

• Virtual CTO/CIO services for organizations in transition (such as growth, acquisitions, or market shifts).
• Developing IT strategies, roadmaps, budgets, and transition plans.
• Feasibility analysis of new/emerging technologies, proof - of-concept tests, and pilot projects. o Evaluation, selection, and implementation of Cloud services (Public-Private-Hybrid per data classification). o Design and implementation of application workflows and data models.
• Custom Identity Management solution for an international pharmaceutical (~$30B/yr). This began as a Sailpoint project and evolved into custom development and integration of applications and services which facilitate enrolling patients into clinical drug trials and enabling communications between patients and their medical service providers.
• Custom IDM/OAUTH, web, and mobile iOS app integrations for Retail/B2C (~$5B/yr). This began as an UnboundID project and evolved into an OAUTH/SAML Identity & Access Management “hub” for customers, employees, and partners. It included developing web, cloud, and mobile applications for customer enrollment, lifecycle management, mobile ordering, and mobile payment. A few of the components included PING Federated, AWS EC2, Apigee, ElastiCache, and Cloud HSM. We also built the customer a full Agile / Continuous Development / DevOps stack.
• Project Management and Business Analysis for SailPoint IdentityIQ implementations and custom integrations.
• IV&V for a Federally funded State IT project (one of the state healthcare exchanges).
• Technical Audit of a Tier 1 Service Provider’s (~$130B/yr) Identity Management, Access Control, and Attestation solutions and workflows across all production/revenue systems.
• Hands on development and integration with many technologies and products.
• Performing roles of EA, BA, PM, Vendor Mgt, QA Mgr, and Development Mgr as needed.

Enterprise Architect

Confidential

Responsibilities:

• a portfolio of 138 application systems. a $60 Billion per year mortgage operation. a CRM for 10 Million farming operations. an “underwriter / market maker” for portions of the US commodities markets and insurance industries. all aspects of infrastructure for 150,000 users over 3,000 locations.
• Architecture of security solutions for VDI, Application Services, and Network services. Included IDM, SSL Acceleration and Offload, XML Gateways, Mobile VPNs, TLS, Two Factor Authentication, classification and protection of PII, and combinations of Host Based and Network Based Security.
• Architecture of virtualization infrastructures including VMware ESX, Microsoft HyperV, and XenServer.
• Architecture of VMware View (VDI) solutions for workforce mobility, telework, and DR/COOP requirements.
• Evaluation and implementation of Apple iPads and VMview for workforce mobility.
• Planning and execution of EA engagements with Business and Governance organizations.
• Architecture and Technical Project Management for USDA OCE, an OMB300 investment of 28 sub-projects.
• Implementation of an EA Repository (Mega) for 138 Agency developed Application Systems. By modeling Business Processes, Application Services, and Supporting Infrastructures within the repository, a direct line of sight and path of traceability was established for investment management and architectural change control.
• Development of custom software to diagnose and correct configuration issues across 9,000 Cisco devices.
• Establishment of Performance Analysis and Monitoring of infrastructures and application services using WebTrends, OpenView, i3, Opnet, MRTG, Cisco, Riverbed, and other analysis tools.
• Establishment of an Application Analysis Lab for code analysis, QA, and performance optimizations.
• Development, testing, security analysis, and deployment of iOS applications with Xcode and Objective-C.
• Architecture of Enterprise Management solutions for iPhones, iPads, and iOS apps.
• Hands on operations of an Architecture Lab for technology assessments, feasibility studies, proof of concept designs, preparation of technology pilots, and isolation/analysis of production issues as needed.

Solutions Architect & Technical Project Manager

Confidential

Responsibilities:

• Alltel’s upgrade to Sun DS 5.2 SP4 to support growth of Wireless Subscriber aAa traffic.
• Windstream’s upgrade to Sun DS 5.2 SP4 for management of internal IT assets.
• Sprint/Nextel’s merger and migration to Sun DSEE v6.2 for support of subscriber growth and domain consolidation.
• Negotiating customer requirements, project schedules, resource assignments, SOWs and Change Orders.
• Prioritizing orders and tracking equipment deliveries, installation, test, and turn-up.
• Compiling and reporting resource utilization and financial reports for project accounting.
• Managing completion of Solution Architectures, Detailed Designs, and Implementation Plans.
• Managing system integration verification, performance, user acceptance, compliance, and regression testing.
• Managing system turn-up, data migration, and application cutover processes and events.
• Providing Check Point reviews to Sun’s IDM practice team and maintaining AIM-PM project information.
• Coordinating with customer TSPM (Technical Services Project Management) and PMO (Project Management Office) organizations to manage cross-functional, multi-organizational resources, activities, and reporting.
• Coordinating Systems Management requirements, development, integration testing, and implementation.
• Additional duties included mentoring client developers integrating Service Provider OSS/BSS applications with the Identity Management solutions.

Solutions Architect & Technical Project Manager

Confidential

Responsibilities:

• negotiated with Ordering, Provisioning, Field Installations, Activations, Test and Turn-Up, and Operations to establish new procedures (TOAs/SLAs) to order, activate, and OPAC new GMPLS circuits, and L2TPv3 Tunnels. managed the provisioning process from equipment order to final operational acceptance (OPAC) of tunnels. created detailed OCx circuit and MPLS/l2tPv 3 tunnel topologies. Prepared diagrams and mapping tables as documentation of the new network architecture for the NDDD, FTRD, and presentation to affected organizations. developed software to facilitate forecasting, planning, and ordering of GMPLS Circuits and L2TPv3 Tunnels. This software provides a repository for information necessary to initiate installation work orders, place circuit orders, and functions as a tool for validating, formatting, submitting this information to downstream Provisioning and Service Management applications. Achieved 90% reduction in order processing errors and 60% decrease in order turn-up times.
• As Project Manager for Network Services, my responsibilities included Project Management, Vendor Management, and Technical Infrastructure Architecture for development and implementation of an enhanced call processing solution for dynamic network announcements and media service revenue opportunities.
• Deployment of this new national platform service included development, testing, and deployment of a new WIN Service, new ISCP tables, feature enhancements to the Lucent and Nortel switch software, new software from Comverse, new software from Sprint’s ITS (back office) organizations, updates to the ASMS, ISCP, and HLR software, establishment of multiple distributed run-time sites, and many network transport, routing, security, and management enhancements.

Consulting Architect & Technical Project Manager

Confidential

Responsibilities:

• Representing Cisco’s Directory Services requirements to standards bodies (DMTF, IETF, and The OpenGroup) and Directory Service and Messaging vendors (Innosoft, Microsoft, Novell, Sun, and TibCo).
• Performing due diligence technical reviews for strategic partnerships, licensing agreements, and acquisitions.
• Developing Statements of Work and Budgets in reply to customer RFPs.
• Managing the delivery of Cisco Network Advanced Services contract services to Service Provider customers.
• Served as Engagement Manager to Account Teams and Service Providers in need of a technical “Single Point of Contact” across multiple Cisco product lines and business units.

Founder and Principal Consultant

Confidential

Responsibilities:

• Assisted an ISV with development, launch, and marketing of a systems management product.
• Assisted Jackson County, Missouri with enhancements to their messaging and disaster recovery systems.
• Assisted Buchanan County, Missouri with application, security, and metropolitan ethernet services.
• Assisted a national law firm with implementation of application management and security services.
• Assisted a financial services call center with development of push-to-talk, application, and desktop services.
• Assisted Sprint PCS with retail site, regional office, and distribution site network service implementations.
• Assisted an ISV with the development of AAA & VoIP Bill Processing software.
• Assisted an ISP with planning and deployment of Metropolitan 802.11 services.