- Highly organized, innovative, & results - driven professional offering over 25 years of experience in teh information technology industry, with emphasis on information security, architecture, engineering & consulting.
- Dedicated leader driving change & transformation, recognized for strategic & proactive management approach in identifying complex solutions, directing & coordinating team efforts toward teh attainment of business & operational goals. Known for thought leadership, expertise in managing overall aspects of information security functions including strategy planning & implementation, policy development & execution, & objective conceptualization leveraging People, Process & Technology. Managing & driving Enterprise IT Security Portfolio, Architecture.
- Engineering, Operations, Security & Threat Intelligence, Event & Incident Response, Governance, Risk & Compliance, Policies & Standards. Armed with excellent oral & written communication skills; with strong interpersonal, problem-solving, & critical thinking aptitudes. Effective at collaborating & establishing positive working relationships with clients, key leaderships, stakeholders, & upper management, partners & vendors within global & local Fortune 500 companies.
Confidential, Rocklin, CA
Manager - Enterprise
- Provide leadership & direction to overall aspects of global security practice, services, & operations while managing security architecture & engineering. Provide supervision, guidance, mentoring, & coaching to security team.
- Build & drive enterprise security practice, deliver business value, design & implement security solutions. Provide leadership, enterprise vision, strategy, direction, roadmap, guidance, service framework & support to teh organization.
- Propose & lead IT change & transformation efforts & processes, continuous growth & maturity, development of business cases, CBA, total cost of ownership (TCO), & return on investment (ROI) to drive company change.
- Perform business unit planning for budgets, resources, security program & projects, key goals & objectives
- Hold responsibility in deploying security services, support, operations, & business services delivery models for security tools, cloud technologies, network, infrastructure, data & application security, risk & vulnerability management, identity & access management, Global Security Operations Center (GSOC), EDR, incident response, & forensics.
- Contribute in DevOps efforts, secure SDLC & establish business direction, objectives, projects & programs. Drive Enterprise Architecture & Design Reviews. Drive defense-in-depth strategy for cyber security & privacy.
- Build Enterprise Security Practice & Team responsible for 24/7 services & security operations, SLAs, Metrics, & Reports
- Create & lead security information & event management (SIEM) & GSOC functions, correlation rules, artificial intelligence, business use cases, playbooks, log source integration, cybersecurity, threat intelligence, evidence collection, incident response, network security, vulnerability management, IAM practice, security testing, application & infrastructure scans, & tools for EDR, cloud, data (at-rest & in-motion, PII, PHI, PCI & business critical, sensitive data etc.) & application security, & endpoint security.
- Overseeing various key functions which include:
- Global security incidents, offenses & events of interest, triage, threats & mitigation, VM Scans, vulnerabilities & risk management, Prioritization, Remediation, incident response management, APTs, DDOS attacks, Malicious Payloads, Virus, & Malware, IAM solutions, SSO, user access controls, privileged user accounts etc.
- Security services engagement with local/offshore partners; set business priorities, delegation of tasks/activities;
- Governance, risk & compliance (GRC) & audit requirements, process, controls, review, analysis, & updates;
- Enterprise Security & Network Architecture & Design, Perimeter Security, Firewalls, Rules Management, Intrusion Analysis & Prevention, SSL Decryption, URL Filtering, WildFire & Malware Analysis & Management, Global Protect, Mobile & VPN Security, Network Changes, Upgrades, Migrations, & Consolidations
- Enterprise security portfolio budgets & resources planning, forecasting, projects, & programs;
- Tools & technologies which involve product lifecycle management, upgrades, patch management, migrations, consolidations, portfolio rationalization, onboarding new tools, & new services development; &
- Business Communications, Resource Planning & Management, Skills & Competency Development, Training & Development, Business Services Delivery, Project & Program Management, Collaboration & Partnership with IT Infrastructure, Technology, Applications & Business Teams, Stakeholders, Executive Management;
- Design & enforce organizational security policies, standards (PCI DSS, SOX, NIST, CIS, SANS, ISO 2700x, HIPPA, & GDPR etc.) & controls, processes & procedures, work in-take process, execution models, process improvement, reports, & knowledge base. Manage Risk, Compliance & Audit issues, Problem, Change & Release Management.
Confidential, Novato, CA
Senior Enterprise Architect - Enterprise Security and Architecture
- Worked with IT & business leadership while driving enterprise’s IT strategy & architecture & engineering initiatives for security & privacy, Infrastructure, application & data, cloud & mobile computing, IAM solutions & services, SSO/FSSO.
- Spearheaded initiatives in reducing cost & complexity, optimizing IT infrastructure & resources, & identifying key areas for quality improvement. Perform current state & target state analysis. Lead, drive & guide business units.
- Established plans for financial & business goals, budgets, resources, service improvement programs, & IT & security transformation to build an efficient IT organization.
- Solely supervised new & existing business capabilities, processes, & services, risk & gap analysis.
- Provided leadership, direction, guidance, solutions in alignment with teh overall architecture & engineering strategy.
- Displayed competency in successfully managing teh following:
- Major & complex enterprise global & local projects for business, technology roadmaps, IT operations, security & privacy, governance, risk & compliance, enterprise security policy, standards, process & procedures;
- Enterprise security risk appetite, residual & inherent risk, posture, risk/threat assessment & mitigations, audits, & awareness programs, & management of enterprise security for network, application & data, IAM, SAP, cloud etc.
- Infrastructure foundations for servers, storage, network, data, & applications to analyze & recommend improvements on IT projects & processes in native, cloud & mobile models.
- Coordinated with leadership & business owners to contribute to teh conceptualization & implementation of enterprise architecture communication plans, business initiatives, risk management, DR/BCP,
- Organized datacenter consolidation & migration as well as developed service catalogs for provision, virtualization, scalability, flexibility, adaptability, security, network, storage, replication, service management, service level agreements (SLA), monitoring, & reporting.
- Managed enterprise business capabilities in cloud & mobile computing technology/services with private & public cloud, master data management (MDM), master data services (MDS), BYOD, & mobile applications development.
Confidentia, Valhalla, NY, USA
Senior Strategy Advisor - Global Security
- Offered leadership & management consulting services to teh company’s global business & IT leaderships in setting up global applications & IT security & privacy standards, approach, processes, & policies.
- Expertly developed & executed strong security model for core business applications.
- Devised enterprise security strategies to onboard existing & future SAP, portal, & human resources (HR) applications.
- Deployed frameworks for global & various onshore & offshore capabilities for enterprise IT security.
- Keenly analyzed business needs for global security & formulated & reviewed strategies with teh executive management; global chief information officers (CIO), chief technology officers (CTO), & chief information security officers (CISO); stakeholders; senior leadership teams; IT managers; & project management office (PMO).
- Provided direction to various business areas including project & program planning & life cycle strategies, budget administration, global resource modeling/planning, policies & procedures development, deliverables, capacity & performance planning, staff training/education, customization, reference architecture, solution patterns, & reference documentation.
- Led onshore & offshore development teams in devising, building, & deploying solutions with IAM, role-based access control (RBAC), separation of duties (SoD), autantication/authorization, & lightweight directory access protocol (LDAP) integrations for enterprise applications & users.
- Directed project managers, outsourcing partners, technical & operations support teams, & PMO, including implementation of product life cycle management (PLM) processes.
- Led teh execution of global IT initiatives, security strategy & practice, global & local security policies, & operations support framework.
- Delivered governance structure & metrics key performance indicators (KPI).
Confidential, Atlanta, GA
Senior Manager - Enterprise Security and Architecture
- Provided leadership, vision, strategy, direction, roadmaps, & implemented enterprise product & applications vision, N-tier architecture design, engineering & integration models.
- Coordinated & oversaw business point of view across multi-team projects & programs as well as initiatives to determine efficient portfolios for enterprise architecture framework, governance, & standards.
- Managed Enterprise Security & Infrastructure Architecture & Engineering portfolio, operations & IT teams while enforcing best practices & delivering business value to clients with product quality & efficiency.
- Partnered with executive management in dealing with project proposals; request for information (RFI), request for proposal (RFP), & request for quotation (RFQ) administration; pre- & post-sales engagements; business development & planning; statement of work (SOW) development; project planning, scheduling & delivery; & budget preparation.
- Worked closely with other architecture disciplines for solution designing, promoting Lean, efficient, & quality-driven environment. Applied standard architecture frameworks & methodologies for application development across SDLC.
- Delivered business & management consulting services which involved defining business requirements & solutions.
- Managed enterprise security; products & system architecture; application design, development, & deployments; & end-to-end solution delivery, IAM practice, SSO & federation, user provisioning/de-provisioning, access controls.
- Developed enterprise IT application & security/privacy solutions for state healthcare Medicare/Medicaid management information system (MMIS) applications, data, & GRC while enforcing standards & policies which included NIST, CIS, SANS, Open Web Application Security Project (OWASP), ISO 2700x, & Control Objectives for Information & Related Technology (COBIT).
- Analyzed business requirements, strategies, & trends as well as delivered complete IT & business solutions to support state & federal regulations for healthcare.
Confidentia, Atlanta, GA
Senior Architect - Enterprise Security and Architecture
- Coordinated with executive management in dealing with business requirements, capabilities, & processes; enterprise security & architecture strategy; pre- & post-sales & marketing; IT operations, services, & solutions.
- Displayed competency in spearheading effort in performing & accomplishing key functions for architecture & engineering, security & privacy, web applications/portals, middleware, infrastructure, which included teh following:
- Strategic business/technology management & consulting for key global accounts. Leading of Confidential projects in strategic business, technology, & management consulting for government & Fortune 500 companies;
- Management of IT portfolio & IT governance;
- Delivery of innovative solutions to strengtan customer relationship & identify key opportunities
- Partnered with key leadership to develop & execute innovative solutions & implementation that serves business needs, goals & objectives for systems/services availability, integrity, functionality, performance, reliability, & scalability.
- Drove strategic efforts in managing teh following:
- Datacenter, 24x7 IT operations, planning, migrations & consolidation, optimization, virtualization, capacity & performance planning, application analysis, & DR/BCP; &
- Business services, enterprise infrastructure, security & privacy, asset management, & service-level agreements
- Directed & resolved business needs, reference architecture, & architecture analysis for current & target state, gap analysis, transition plan, dependency, architecture & engineering designs, & IT & security standards.
- Rendered effective processes for incident, problem, change, release, or configuration management.
- Provided keen oversight to global IT systems operations for large accounts, systems or network, security & application services & support, information & asset protection, audits, & reports.
- Conducted extensive analysis of solutions, tools or technologies, risks, & issues, while delivering best practices & solutions to meet challenges. Oversaw & facilitated global resource model with diverse, lean, & effective teams, staff, business partners, associates, vendors, & outsourcing.
- Administered business & technology accounts in marketing with pre & post sales for industrial sectors, banking, finance, & insurance verticals. Coordinated with leaders regarding business needs in IT solutions & services delivery.
- Liaised with management regarding visions & strategies, business capabilities, architectures, IT operations, application designs, as well as developments & deployments.
- Oversaw turnkey solution, software support, contracts agreement, IT services strategy, data center operations, & solution deployments. Trainings of customers & staff for technical and professional development.
- Managed pre & post sales engagement for large accounts, industry verticals, government sectors, & business developments.
- Cultivated strong relationships with leadership & management. Delivered end-to-end & software solutions for complex networks including various platforms, hardware, software, & applications.
- Took charge of planning & managing large data center along with national technical lead, subject-matter expert (SME) on HP systems, & computer-aided design (CAD)/ computer-aided manufacturing (CAM) software.
- Handled critical issues & escalations on HP systems, CAD/CAM software workstations, & Novell Netware based networks.
Oracle: Broadly Experienced Architect (BEA) Certified Architect - WebLogic Enterprise Architecture
Technology: Web 2.0 | WebSphere Application/Portal/Process/Commerce Server | SOA | ESB | EAI | MQ | MQSI | WMB | WID | WTX | Apache | Microsoft SharePoint | MOSS | WebLogic | iPlanet | IHS | IIS | DB2 | MDM | Oracle | SAP R/3 | PeopleSoft | SQL | ERP | BPM | BI/DW | CRM | ECM | IaaS /PaaS/SaaS | Mobile | MDS
Security Privacy: GRC | EDR | FIM/SCM | SIEM | QRadar | LogRhythm | Tenable | Qualys |Aperture | MessageLabs | UpGuard |CASB | Forensics |Mimecast | WAF | Perimeter Security |DMZ| IDS/IPSI Cisco/Palo Alto Networks (PAN) Firewalls| Switches| Routers| End-Point Protection | Privacy/Data Protection | Data Security | Imperva | Varonis | DLP | Web Services | Encryption | Global IAM/PIM | SSO/FSSO | Okta | CyberArk | SailPoint | Tivoli Identity & Access Manager | TFIM | TDI | Sun/Oracle/McAfee/ Microsoft/Cloud Identity Manager | TAM WebSEAL | Web Proxy | DataPower | Tivoli/Sun Directory Server | AD | SiteMinder | ISAM | SoD | RBAC | NPPI | PCI DSS | CIS | SOX | NIST | OWASP | ISO2700x | COBIT | GDPR | PI/PHI | EMR/HER | VPN |
Tools: Microsoft Office Applications (Project, Visio, and Exchange) Lotus Notes/Domino | ITM | ITCAM | HP Open-view | RSA | RAD | Control-M | TSM | ETL | Informatica | Cognos | FileNet | DocFinity | FairIssac | ILOG | VMware | FTP/SFTP | SSH | Netskope | Salesforce.com | O365 | Box