SUMMARY:

• Overall 6+ years of experience in IT and 4+ years of experience in RSA Archer Implementation, configuration, administration and business analysis.
• Strong experience on RSA Archer GRC platform with good understanding of GRC concepts and Architecture.
• Expertise in implementation, Customizations and Integrations of eGRC RSA Archer 5.5 and 6.
• Knowledge on eGRC Archer 6.1, 6.2, 6.3, 6.4, 6.5.
• Core working knowledge on RSA Archer implementation and integration experience, handled implementing of RSA Archer 6.x individually and responsible for all the solutions configurations in 5.x/6.x version in both Production and Non - Production environments.
• Highly experience in configuring access control, record permissions, events and notifications in Archer
• Good working experience on Questionnaire, Applications, Fields, Events, Notifications, Reports, iView’s, Dashboards, Complex Calculated Fields and Data feed
• Experience in Microsoft SQL Server relational database (Dynamic SQL, stored Procedures, performance tuning, etc.)
• Expertise on Archer solution design and Configuration, Data flow design, testing of both On Demand and Core Solutions.
• Worked in Archer’s Enterprise Management, Risk Management, Policy Management, Business Continuity Management, Threat Management, Global Security Management and Vendor Risk Management.
• Expertise in Enterprise Governance, Risk and Sox Compliance.
• Good Knowledge on Threat Management, Vendor Management, Vulnerability Risk Management (VRM), Risk Management, Business Continuity Management, Compliance Management, Incident Management, Policy-Management, Audit Management.
• Scripts and Applications codes in Selenium RC, WebDriver, QTP and T-SQL Transactions.
• Experience in Automations Tools like Selenium, SOAPUI, QTP/UFT 10.0 and Exposure on QTP/UFT 11.5 UFT.
• Expert in Defect Reporting and Tracking using Test Director/HP Quality Center, JIRA, IBM Rational Clear Quest.
• Experience in setting up Access Roles, Groups, and Security Parameters to control the user from accessing the framework.
• Hands on experience creating and importing packages, mapping fields and deploying packages from one environment to another.
• Evaluate and maintain up-to-date knowledge of the effectiveness of GRC standards and compensating controls in mitigating IT risk.
• Knowledge of information security principles and industry's technologies
• Performed highly complex analysis and design with good understanding of the methodologies used in requirements gathering, usability testing, and documentation
• Work with internal and third-party IT security partners to stay current on industry trends, controls and security technologies and services.
• Strong leadership skills and ability to work well in large and diverse organizations.
• Nurtured client confidences by working closely with stakeholders to gather requirements, develop Questionnaires create process flows, craft notification matrices and document workflows.
• Skilled in developing security approaches, policy and standards, IT projects, project management, electronic documentation, instructional design, technical writing, document control, compliance documentation, and business analysis.
• Proficient in packaging and migration process.
• Experienced in developing On Demand Application.
• Strong Understanding of Archer Data Feeds, questionnaires, calculated fields, work flow, reports, dashboards, I-views, Packaging.
• Strong knowledge of Data Warehousing concepts and Dimensional Modelling and exposure to Data Modelling, Normalization, and Business process Analysis.
• Proficient in MS Office Excel, Access, PowerPoint, Visio.
• Proficient in the implementation of production change management techniques and service delivery disciplines.
• Expert experience with RSA Archer GRC platform - research and industry.
• Hands on Experience in Agile-SCRUM and waterfall methodology Development and Release Process.

SKILL:

Application: RSA Archer Version 5.3, 5.4, 5.5, 6.1 and 6.2, 6.3, 6.4, 6.5

SQL Server Tools: Enterprise Manager, Profiler, Query Analyzer, Export & Import (DTS)

Databases: MS-SQL Server 6.5/7.0/8.0/9.0/10.0 , MS Access 97 & 2000

Reporting Tools: MS SQL Server, Reporting Services, Integrating Services, Crystal Reports, Informatica, Analysis Services, Micro strategy.

Testing Tools: HP Quality Center, SmartBear, Selenium RC Junit, WebDriver JUnit, QTP/UFT 10.0, ITKO, SeeTest, Perfecto, Eggplant, Jamo.LoadRunner, Appium, MonkeyTalk.

Languages: MS SQL Server 2005(9.0)/2000(8.0)/7.0/6.5, T-SQL, VB.NET, C#, ASP.NET, BPF, AJAX,XML,PL/SQL, VB Script, JavaScript, Turbo C, C++, Java.Informatica.COBOL.MS CRM Dynamics.VisonPlus, RSA Archer Platform 5.5/6

Tools: MS SourceSafe, Legacy mainframes, MS Office 97/2000/XP, MS FrontPage 98/2000, MS Outlook 97/2000

Operating System: Windows 2000 Advanced Server/Server 2003/Professional/ NT 4.0, Win XP Prof/Standard, Win 98. Mac OS, IPhoneOS, IPad, Tablet, Android OS.

EXPERIENCE:

RSA Archer Developer

Confidential, Malvern, PA

Responsibilities:

• Involved in analysis, design and implementation of business requirements.
• Field creation and configuration - cross-reference fields, calculated fields, custom value lists.
• Managing access control of the users on Archer. Adding new users to the platform rapid application development tools.
• Designed and created On Demand Applications (ODA's) for Global Security Operations group which involved in creating Solutions, Applications, Fields, Notifications, Sub-forms, Dashboards, iViews, Workflow, Advanced Workflows.
• Using Packaging and Data Feeds, integrated Archer with third party applications such as Veracode, Qualys (Vulnerability Scan results), and ServiceNow (System of Record).
• Configured and troubleshoot data communications - Notifications, Discussion Forums, Training and Awareness, Mail Merge to increase Archer usability.
• Configured and trouble-shoot integrations to import data using Data Imports, Data Feeds, and Publications.
• Involved in Customization and Maintenance of ITIL modules such as Incident, Change, Problem, and Knowledge base Service Catalog, and CMDB in ServiceNow.
• Workflows based on dynamic record permissions, events and notifications.
• Creating fields, reports, iView’s and dashboards and Creation of questionnaire from scratch.
• Enhancements to Calculated Fields as per the requirement.
• Configuring access control using application-level, record-level and field-level access control functionalities of archer Migration of application from staging to production environment.
• Created and changed field behaviors and triggers
• Provide Archer operational support, including troubleshooting issues, and report and data request support.
• Created Workspaces, Reports and I-Views as well as Dashboards and Executive Dashboards
• Created and updated Notifications and scheduled report distribution
• Industry research on security trends for potential improvements in our own processes or tools.
• Coordination of incident response activities, including written and verbal communication with other IT groups and IT management.
• Implementing end-to-end Service Catalog, Incident Management, Configuration Management (CMDB) & Asset Management (ITAM), Change Management and Release Management with Knowledge of Content management
• Drive Archer platform development requests from design configuration, system development, through service implementation to application and usability to scale and adapt to future requirements.
• Administration of Archer to include creating groups, permissions both application and field level. Lead events escalated as potential security incidents.
• Extensive experience in creating workflows, business rules, script includes, UI Policies, Client Scripts, Inbound Email actions, UI Actions, UI Macros, UI Pages and Notifications

Environment: Archer eGRC SmartSuite Framework 5.X, 6.1, 6.2, 6.3, 6.4, 6.5 IT Service Management, Global Application Platform

RSA Archer Consultant

Confidential, Boston, MA

Responsibilities:

• Worked on Archer 5.4X, 5.5 X, 6.1, 6.2 Environments.
• Responsible for integration, customization, and full engineering life cycle support for RSA Archer GRC platform
• Experience with data scrubbing, migration, cleansing, and analysis
• Responsible for requirements gathering and analysis, business process modelling, workflow development, system customization, software upgrades, maintenance, and documentation
• Implement all phases of RSA Archer GRC (Governance, Risk, and Compliance) platform
• Professional experience with RSA Archer data feeds, questionnaires, calculated fields, custom workflows, custom objects, reports, and dashboards
• Consult auditors and Information Security leaders on all GRC tasks
• Provided extensive contract acquisition research, support, and other related professional services
• Approval workflow build & maintenance.
• Create or modify existing iView’s, reports, and dashboards.
• Worked on Data Import.
• Coordinate Archer application package.
• Worked on various types of Record permission Field
• Modification / enhancement of existing application as per client's requirement.
• Worked on Data Driven events And Actions Associated with these Data Driven events.
• Create new dashboard, new reports, iView and new fields as needed.
• Creating New Report and Arranging the Reports under IView and Rearranging the IView under the Dashboards and Configuring the Dashboards under the Workspace.
• Checking All the Defects under UAT Testing and correcting these defects.
• Working on Integration Data Import and Data Feed.
• Worked on Calculated Fields, especially all types of Functions which we basically use in Assessment.

RSA Archer Consultant

Confidential, Stamford, CT

Responsibilities:

• Develop and maintain a formalized GRC framework, utilizing standards-based controls aligned to business specific threats.
• Assess, prioritize and update existing IT security policies and standards to reflect the GRC framework
• Perform risk assessment of new IT projects, identify areas of potential technical and process vulnerability, recommend compensating controls and maintain the IT risk register
• Review existing systems and processes against the GRC framework and prioritize remediation plans based on business risk
• Evaluate and maintain up-to-date knowledge of the effectiveness of GRC standards and compensating controls in mitigating IT risk
• Integrating ServiceNow with Third Party and In-house Applications using SOAP and REST API.
• Interact with Internal Audit and IT teams to ensure on-going compliance with company IT security policies and standards
• Define GRC framework metrics and key risk indictors, maintain a management dashboard and produce an annual GRC framework compliance report for executive management
• Provide training and support to management and employees regarding GRC programs and requirements
• Work with internal and third-party IT security partners to stay current on industry trends, controls and security technologies and services
• Review and enhance existing evergreen documentation to meet application IRM and audit requirements
• Create and/or review new control to fill compliance gaps. Provide monthly IRM compliance updates
• Manage MCP transition into new enterprises IRM tool
• Engage all necessary parties to successful conclude all IRM responsibilities/task create data gathering processes/scripts
• Assist with audit preparation and execution. Backup for IRM support of PRC applications

Environment: RSA Archer, Netegrity SiteMinder 5.x/6.x, Sun Identity Manager 7.x, .Net, Web Agents 5.x/6x, IBMWebSphere Application Server 5.x, Apache 2.x, IIS 5.0/6.0, Solaris (10), iPlanet 6.0, Unix shell scripts, Python, Struts, Hibernate, Java/J2SE 1.4, J2EE 1.3, Eclipse, SOAP, JDK 1.5/1.4

RSA Archer Developer (Intern)

Confidential, Danville, KY

Responsibilities:

• Expertise in Configuring the Operations Controls Platform RSA Archer Platform. Involved in Setting up Subscription Notifications.
• Managed User Access and Importing/Exporting Data.
• Interacted with various stake holders and created applications for Use case solutions for Risk management and Policy management, Vendor Management, Incident Management
• Configured the I views, Reports, Dashboard and Assigned to various Groups. Configured the Access controls for Various Roles and Groups.
• Interacted with several technical teams across organization to gain partnership. Involved in creating solutions for RSA Archer Use Case Modules
• Maintained and updated the various Policy Management Documents relevant to RSA Archer Platform
• Played a key role in Applications Architecture to work with client Governance teams to align with the Enterprise Architecture standards and roadmaps.
• Designed best practices assessment campaigns to measure compliance across the organization.
• Imported existing information from legacy systems into RSA Archer Applications and questionnaire.
• Worked with Data Import Manager and Data feed Manager. Integrated the RSA Archer Product with external data sources to consolidate enterprise information.

Environment: RSA Archer, Windows, Agile Methodology, SQL, MS Visio.

Confidential

Business analyst

Responsibilities:

• Identified high-level requirements for developing and documenting detailed business requirements
• Analyzed the system from Business perspectives and prepared Business Requirement Document (BRD).
• Involved in meetings with SME (Subject Matter Experts) and users for requirements gathering.
• Created Sequence Diagrams.
• Utilized RUP (Rational Unified Process) to create Use Cases, Activity and Workflow Process Diagrams.
• Followed established formats and procedures, Created New Formats, as well as researched, created, edited technical and Business Data Documents.
• Prepared the Prototype and Mockup Screens.
• Verified the correlation between the UML Diagrams and Developed Detail Diagrams.
• Worked closely with software engineers, internal and external customers to gather comprehensive testing criteria and plan requirements to ensure accuracy and timeliness of projects.
• Performed informal benchmarking to analyze how competitors conducted business.
• Performed Gap Analysis.
• Performed Smoke testing before starting the major testing effort.
• Assessed potential risks in the project and analyzed issues of importance with project managers.
• Actively participated in status reporting meetings and interacted with development team to discuss the technical issues.