SUMMARY

• Implemented streamlined on - boarding and access request process for Confidential ’s high-volume, high-turnover call center resources, reducing request turnaround from an average of 3 weeks to 3 days. More than 80K requests have been submitted through this process since early 2014.
• Built and developed an in-house team of MSS engineering resources, eliminating prior dependency on costly professional services resources.
• Developed and implemented metrics (KPIs & KRIs) for assessment and management visibility around the performance and risk posture of Confidential ’s Identity Management program.
• Significantly expanded the footprint of Confidential ’s enterprise Identity Management/Governance services by improving service offerings and actively promoting of program benefits to business and technology leadership.
• Implemented cross-training for Confidential ’s IdAM support resources, ensuring scalability and eliminating single points of failure. Resources have remained mostly flat despite significant growth in volume.
• Managed successful implementation of identity provisioning solution for Confidential, including product selection, project management, professional services engagement, requirements, design and implementation.
• Worked with various business units to develop and implement role-based access requests for Chase Card Services call center staff, significantly streamlining the on-boarding process.
• Successfully managed the onboarding and access provisioning for ~10,000 users across multiple business units and 25 systems and applications as part of the Bank One/Chase merger. The cutover had executive level visibility and was executed with almost no issues.

PROFESSIONAL EXPERIENCE

Sr. Program Manager

Confidential

Responsibilities:

• Own and manage enterprise IdAM applications and infrastructure, including CA Identity Manager, CA Directory, CA Identity Governance, CA SSO (Siteminder), CA PIM, Ping Federate, and Symantec VIP.
• Manage a team of 15 MSS Identity Management analysts and engineers responsible for support and development of enterprise IdAM solutions.
• Manage day to day operations of the Identity Management platform supporting 200K active users
• Manage execution of 60 quarterly user access reviews.
• Manage intake and agile development lifecycle for automated provisioning, self-service workflows, user access review workflows and SSO/Federation.
• Provide technical and architectural leadership to engineering staff, and review/approve design for key deliverables.
• Track resource capacity, identity & address resourcing gaps or challenges and project future resource needs based on growth.
• Define, produce and review metrics to track program performance.
• Maintain budget for resources, product licensing/maintenance, and professional services ensure accurate tracking of spend and budget projections based on growth.
• Define strategic program roadmaps, and present to senior management for review and approval
• Define goals for the IdAM program, and periodically review progress toward goals with team members.
• Maintain productive relationships with product vendors, and ensure product needs or gaps are communicated and addressed.
• Build and develop productive, strategic relationships with key stakeholders to ensure the solutions provided meet or exceed expectations.
• Assess MSS staff performance and make resource changes to optimize team performance.
• Continually evaluate existing products against evolving needs, maintain an awareness of competitors products, perform formal product evaluations and suggest replacements as needed.
• Manage professional services engagements and resources from definition of scope & requirements through tracking & completion of SOW deliverables.

IT Risk Program Lead

Confidential

Responsibilities:

• Managed a team of FTE responsible for Data Loss Prevention, Key Management, and Identity Management systems & processes.
• Identity Management - Supported Confidential ’ Oracle Identity Manager 9.1.0 application and infrastructure, including: maintenance of request forms; maintenance of approval/provisioning workflows for ~300 existing systems/applications; on-boarding of new systems/applications into OIM, including XML creation/modification, testing, and post-import resource configuration; ongoing user lifecycle maintenance (joiner, mover, transfer, leaver) for OIM user records; maintenance of periodic reconciliation of identities from the PeopleSoft HR system; maintenance of OIM automated provisioning connectors to Active Directory and Exchange; troubleshooting/issue resolution for OIM and associated systems; creation/generation of scheduled and ad hoc identity and access related reports.
• Key Management - Provided operational management and oversight of the cryptographic key management program, including: maintenance of cryptographic solutions inventory, documenting ownership and technical details for each solution; end to end management of annual assessment process for existing cryptographic solutions, including distribution of information to stakeholders, tracking of responses, updating inventory based on stakeholder feedback, and tracking of related correspondence for future evidencing; maintenance of cryptographic key inventory, tracking all cryptographic keys and certificates in use with the environment, and ensuring all keys/certificates are renewed prior to expiration or based on risk.
• Program Management & Oversight - Managed vendor relationships for third party systems and services; maintained budgeting, expense tracking, and forecasting for future expenses based on analysis of existing expenses and projected growth; allocated resources to projects and tasks based on availability and existing workload; assessed compliance of each function to applicable Corporate policies and standards, and maintained awareness of any changes to policies/standards and associated impacts to IDP operations; documented and maintained Risk and Controls Assessments (RCA) for each functional area; developed and maintained program related process documentation; developed and maintained strategies/roadmaps for each functional area; established team goals, and performed periodic assessments of team member performance against goals.

Senior Analyst

Confidential

Responsibilities:

• Managed the Access Certification program, coordinating access certifications for over 50 applications and systems annually.
• Managed the “Security Liaison” program, maintaining security contacts within all business and IS areas for support of key Access Security processes and initiatives.
• Participated in review of development projects, ensuring compliance with general Information Security policies, and providing consulting specific to access entitlements, authentication and authorization.
• Performed data analysis and provide ad hoc Access Security related reports for various security initiatives.
• Serve as “Subject Matter Expert” for the TSYS Card Processing security system, providing related consulting and design solutions for all Business and IT areas.
• Responsible for Access Security process design, implementation, improvement and automation, as well as support of existing automated processes.
• Responsible for development and maintenance of scripts, tools, applications (using VB .NET, VB 6, VBA and VBScript) and databases to automate administration tasks, reporting and report distribution.
• Provided guidance and training for the Access Administration team and serve in a leadership role in the absence of the group manager.
• Designed and implemented user entitlement structure for the TSYS card processor system, and managed the conversion of user access from the FDR card processor system to TSYS for over 7000 clients.
• Developed applications to automate key security administration tasks and security reporting tools.
• Responsible for user access administration of various bank systems, platforms and applications, including NT4, Windows 2000/Active Directory, Exchange 5.5 & 2000, RACF, ACF2 and FDR.
• Second level support of all administered systems via telephone calls and tickets transferred from first level support.
• Created and maintained process documentation for various Access Administration functions.