Career Overview

Insightful, results-driven IT professional with notable success directing a broad range of corporate IT security initiatives, while participating in planning, analyzing, and implementing solutions in support of business objectives. Excels at providing comprehensive, secure network design, systems analysis, and full lifecycle project management. Hands-on experience leading all stages of system development efforts, including requirements definition, design, architecture, testing, and support. Outstanding project and program leader; able to coordinate and direct all phases of project-based efforts while managing, motivating, and guiding teams.

Skills

Identity and Access Management Lifecycle (Aveksa, Tivoli, CA E-Trust, inControlSA, CA-IDM)

Role-based Access Control (Oracle Identity Analytics, Aveksa, Tivoli, Sun)

Virtualization & Cloud Technologies (Azure/Office365, RSA, Box Enterprise, Workday)

Regulatory Compliance (HIPAA, PCI, SOX & GLBA)

Risk & Vendor Security Assessments

Linux and Unix hardware and operating system installation, configuration and maintenance

Network and Systems Security (Active Directory, LDAP, Cisco, McAfee DLP & NDLP)

Research and Development / Cost Benefit and Gaps Analysis

Technical Specifications Development (Delegated Administration, Single Sign-on & Federation)

Team and Project Leadership & Training

Technical Proficiencies

Security: CA-TopSecret, CA-ACF2, RACF, HPNSK-Safeguard/Guardian, Active Directory, RSA and CA-Arcot

Tools: RSA, Microsoft Azure, McAfee Enterprise, Cisco Web Security Appliances, VMware, Microsoft Office Suite, Access, MS Project, MS Visio, SnagIT, E-Discovery, EnCase

Databases: Oracle, SQL, LDAP, DB2, Sybase

Platforms: Windows 7/8/8.1/10, Windows Server, UNIX (Solaris, AIX, HP-UX), Linux (Suse, Red Hat, Ubuntu), Mainframe (Z/OS, OS/400, HPNSK)

Networking: Web Services (SOAP), SAML2, OAuth, LAN / WAN Administration, VPN, TCP/IP, 100BaseT Ethernet, SecureID, Cisco Routers & Switches

Work Experience

Blue Cross Blue Shield of North Carolina, Durham, North Carolina 2/2013 – 4/2016

Information Security Architect

Architect secure solutions for identity and access management applications with a focus on RSA Via (Aveksa), Oracle Identity Analytics, IBM Tivoli (TFIM and ISAM) products. Proven ability to conduct security assessments of vendors (domestic & off-shore), implement application and hardware security configurations. Provided consultation services for HIPAA, PCI and SOX regulation compliance.

Recommended Network Security and Hardware Configuration (IronPort, McAfee Endpoint Encryption & PGP). Negotiated Network Protocol design and configuration standards (SAML and TCPIP) with Vendors/Business Partners. Developed Information Security and Networking Policies, Standards and Procedures (SSO, Web Attributes, IdM and RBAC).

Key Achievements:

Hired as FTE to provide SME for implementation, administration and maintenance of Identity and Access Management tools and applications.

Spearheaded the migration and transformation of the Role-based Access Control program to Identity and Access Management Lifecycle & Governance.

Developed Cost benefit and Gap analysis to migrate from Oracle Identity Analytics to Aveksa applications; and implementation of Box compared to One-Drive Cloud Technologies Performed proof of concept and piloting of the Aveksa and Box Enterprise applications Instrumental in developing and implementing roadmap strategy for role-based access control provisioning.

Conducted computer hardware forensic investigations using EnCase, Discovery Accelerator, e-Vault and Tea-Leaf applications.

Redesigned and architected the Forensic environment by upgrading EnCase application components and servers.

Provided hands-on experience leading all stages of system development efforts, including requirements definition, design, architecture, testing, and support for Aveksa and Encase applications, O365 and Box Cloud Technologies.

Created company policies and procedures governing corporate security, email and Internet usage, access control, and incident response for Box Cloud computing for internal employee population (Terms of Use, Roles & Responsibilities).

Developed and implemented security configuration standard for underlying Linux servers.

Installed and configured all RSA appliance Linux servers and RSA application to run in a lights out environment.

Negotiated Security Addendum, Security Exception requests and SSO implementation agreements with security vendors and business partners (such as Workday, RSA, Genesys and various Business Units within the enterprise).

Coordinated firewall configurations and server upgrades for 3 Cisco Security Appliances, 3 RSA (Aveksa) appliances, Mainframe and Active Directory connectivity nodes.

Matrix Resources Inc, Durham, North Carolina 10/2012 – 2/2013

Technical Consultant - Blue Cross Blue Shield of North Carolina

Key Achievements:

Acted as subject matter expert for implementation, administration and maintenance of RBAC applications and tools such as Oracle Identity Analytics.

Developed, implemented, monitored and maintained enterprise security standards, policies and procedures based on PCI, PHI and SOX regulations.

Provided consultative services for strategy, planning, implementation and utilization of all Identity and Role-based Access Control applications, including Oracle Identity Analytics.

Developed and delivered security guidance and training to technical staff members.

Performed security program presentations, both internally and externally as needed.

TSYS Inc., Columbus, Georgia 10/2006 – 10/2012

Identity and Access Management Consultant

Key Achievements:

Responsible for provisioning and security functions for HP Non-Stop Kernel systems and 3 HPNSK subsystems across 14 HPNSK nodes.

Conducted and administered periodic review of logical access to HP Non-Stop Kernel (HPNSK) and IBM Mainframe platforms and/or distributed systems and applications.

Performed user provisioning activities of HP Non-Stop Kernel (HPNSK) and IBM Mainframe platforms and/or distributed systems and applications.

Developed, implemented, monitored and maintained information security standards, policies and procedures based on PCI, HIPAA, FFIEC and Visa/Mastercard regulations.

Coordinated and conducted corporate training courses in information security technologies, tools and practices for new, or less-experienced team members.

Served as subject matter expert for Identity and Access Management applications and systems such as IBM Tivoli Identity Manager and IBM Tivoli Access Manager, BMC Identity Management suite, CA-Arcot Authentication, Aveksa Compliance Manager, HPNSK/Safeguard, Linux/Unix, LDAP and CA-ACF2.

Provided consultative services for strategy, planning, implementation and utilization of all identity and access management applications. These include Tivoli Access Manager, Tivoli Identity Manager, Aveksa Compliance Manager, CA-Arcot authentication application, BMC Identity Manager, CA-eTrust Access Control and CA-Identity Manager.

Planned, conducted and directed research and development work on complex projects such as: integration efforts of CA-ACF2, HPNSK and CICS platforms into the Tivoli and Identity Management suite.

Planned, conducted and directed decommissioning project to uncouple applications and platforms from BMC Identity Management control and migrate into ITIM/ITAM environments. These platforms include CA-ACF2, CICS, HPNSK, LDAP and Active Directory.

Planned, conducted and directed project to replace CA-Unicenter Security application with new third-party application (Comforte' - Safepoint), and implementation of Safeguard/guardian security on HP Non-Stop Kernel platform to comply with Corporate Security Policies and Standards.

Provided consultative services to Information Security Management for conducting GAP analysis of existing and new Security technologies and applications, which mitigate security exposures through solutions and/or alternatives for compliance with Corporate Security Policies.

Coordinated, directed and conducted on-going support efforts of Legacy Identity Management applications, network and hardware components such as servers, switches and routers; Remote Access System(s) and User Authentication systems of direct reports.

Coordinated, conducted and directed research and evaluation efforts to provide recommendations and/or solution alternatives to replace existing Legacy Identity Management application with newer Identity Management applications and technologies. Products tested included: CA-eTrust Identity Manager, Oracle Identity Manager, SUN Identity Manager, and Tivoli Identity Manager.

Coordinated and maintained firewall configurations and server upgrades for 14 HPNSK nodes.

TSYS Inc., Columbus, Georgia 7/2003 – 10/2006

Associate Director – User Services

Management position, promoted to work under the general direction of the Risk and Compliance Division - Senior Director, responsible for the delivery of Information Security User services and logical access administration.

Key Achievements:

Hand-selected employees from Information Security department to build User Services Team charged with analyzing and provisioning logical access for internal employees and external partners and customers. The scope of which includes: core systems and applications, as well as information in electronic, print and other formats.

Coordinated, conducted and directed research efforts of 10 direct reports to provide recommendations and/or solution alternatives to mitigate risks for internal customers and end-users.

Directed and coordinated day-to-day user provisioning and access management activities of direct reports.

Maintained productivity level of direct reports to comply with established contractual obligations of Service Level Agreements.

Coordinated the development and delivery of education and training programs on Information Security and privacy matters for direct reports and other authorized team members.

Exceeded assurance levels by protecting information created, acquired or maintained by TSYS and its authorized users.

Worked with various business units to comply with corporate standards and policies, as well as, statutory and regulatory requirements (such as PCI, PHI/PII, GLBA, SOX) regarding information access, security and privacy.

Developed and maintained Performance Improvement Plan of Information Security Team members via training modules, and matrices.

Coordinated, directed and conducted support efforts for the Remote Access System(s) and User Authentication systems of direct reports. These systems include RSA/ACE, Radius and AT&T.

TSYS Inc., Columbus, Georgia 1/2004 – 1/2007

Lead System Software Analyst

Position created to implement and maintain all corporate approved vendor hardware and software enabling the developmental and operational groups to perform their assigned tasks.

Key Achievements:

Served as corporate and departmental technical resource responsible for resolving issues with the hardware and software utilized.

Coordinated and directed Information Security projects and implementations.

Performed troubleshooting and analysis of software and network designs and configurations to solve customer, client and employee problems.

Planned advanced and functionally defined assignments and goals, with alternatives, actions, and results clearly specified.

Assisted senior management by providing accurate estimates of work effort and impact of projects and tasks.

Technical Consultant to business units within area(s) of expertise and determined impact of system/software changes within assigned functional area.

Leadership role in respect to on-call responsibilities and managed junior team members when appropriate.

Successfully installed, maintained and monitored department operating systems, applications and databases. These include operating systems such as Solaris (version 2.6 - 9), AIX and Windows (2000, 2003 and higher); databases include Sybase, SQL, LDAP and Oracle; applications include BMC Identity Manager Suite (ACF2 Agent integration, HPNSK agent integration, Solaris (UNIX) agent integration, and Active Directory Integration); As well as CA-eTrust Access Control for UNIX and Windows, PriceWaterhouseCoopers-Enterprise System Assessment and Security governance.

Installed, maintained and monitored Hardware racks, Servers and network hardware. These include all SUN hardware, AIX hardware, Windows hardware, CISCO routers and hubs, and Mail routing and encryption hardware such as Ironmail.

Coordinated, directed and conducted implementation of Enterprise and X-networks to allow for central management of UNIX applications for Information Security, its' customers and numerous external clients.

Coordinated and maintained firewall configurations and server upgrades for 24 Security Unix servers and 3 Windows servers, 6 vendor appliances.

Prepared detailed project requirements, specifications and timelines for project management role for Information Security hardware, software and databases. These projects included: Proof-Of -Concept for CA-eTrust Access Control, and inControl-SA by BMC Software,

Built out Unix & Linux network infrastructure for Security applications.

Developed, Directed and Conducted presentations of funds and design documents to technical and administrative teams, and all levels of management. These corporate project initiatives included: CA-eTrust Access Control for Windows and Unix, inControl-SA IdM Suite and HP (f.k.a Baltimore Technologies) SelectAccess for UNIX, Windows and WebSphere on IBM Mainframe.

Instructed, directed, and verified the work of external vendor support personnel. This included Flow-charting IS processes, conduct training segments for all Information Security and Helpdesk personnel, for utilizing password management techniques and technologies.

Planned, conducted and directed projects to integrate applications and platforms into BMC Identity Management environments. These integration platforms include CA-ACF2, CICS (custom and proprietary applications), HPNSK (required negotiation of professional services and coordinating internal programming resources), 32 Solaris platforms, 4 iPlanet LDAP and 2 Active Directory (Primary and Secondary Domain Controllers from Windows 2000 - Windows 2008x86).

Coordinated, directed and conducted support efforts for the Remote Access System(s) and User Authentication systems of direct reports. These systems include RSA/ACE, Radius and AT&T.

TSYS Inc., Columbus, Georgia 7/2002 – 1/2004

Information Security Specialist

Promoted to provide support of all security programs and processes.

Key Achievements:

Coordinated, researched and directed security product evaluations of CA-eTrust Access Control for Unix and Windows, and Enterprise Security Auditing System (ESAS by PWC).

Coordinated and directed review of new Information Security technologies such as Access360 and BMC Identity/inControl-SA applications to provide recommendations and strategy for implementing centralized user and password management functions to Information Security team.

Interacted with internal and external auditors to ensure that corporate security systems have appropriate level of migrating or compensating controls.

Ensured compliance to corporate Information Security policies through audit reviews, department briefing sessions, security education, and other methods as appropriate.

Enforced IS policies through review and monitoring management violation reports, security education and awareness, and taking appropriate action when security offenses occur.

Served as subject matter expert (SME) when answering questions or providing guidance on complex projects to internal and external customers. This included negotiating project dates, business and resource requirements with internal and external clients to ensure project timelines are met.

Coordinated and maintained firewall configurations and server upgrades for Unix hardware for ESAS, CA-Etrust and BMC Identity/inControl-SA applications to ensure appropriate enterprise network connectivity.

Participated in On-call support rotation for assigned systems under the responsibility of the department.

Mentored junior colleagues to analyze business and/or technical requirements to assist in formulating implementation plans and concepts. These include concepts for centralized user administration, centralized password management and access controls for UNIX and Windows systems.

TSYS Inc., Columbus, Georgia 1/1999 – 7/2002

Information Security Senior

Hired to provide non-technical and limited technical support of all security programs and processes.

Key Achievements:

Processing computer access forms, process password resets for ACF2, CICS, HPNSK, UNIX and Remote Access platforms.

Performed security model updates for custom and proprietary CICS applications.

Ensured logonid terminations are handled in accordance with corporate standards and policies.

Monitored and reviewed access violation and security maintenance reports.

Analyzed business and/or technical requirements to formulate a project plan.

Performed risk assessment and scenarios to mitigate risk while still meeting required timelines.

Assisted with the development, implementation, monitoring and maintenance of all information security standards, policies, and procedures.

Provided consultative services to department management and IT project teams to help raise awareness of Information Security issues and concerns affecting the corporation.

Participated in the system/application development life cycle to ensure Information Security processes and concepts are incorporated into all applicable enterprise applications, systems and software environments.

Ensured appropriate and timely responses are provided on all Audit concerns, and participates in the timely resolution of open audit concerns.

Served as mentor to less experienced colleagues.

Conducted and provided Information Security training and/or briefings to all employee levels as required.

Participated in department on-call support rotation.

Demonstrated a broad knowledge of the multiple environments.

Metamor-ITS, Springfield, Illinois 1/1997 – 1/1999

Technical Consultant – State Farm Insurance Company

Contractor who served as a technical resource for on the State Farm Insurance account, responsible resolving issues for the client and performing all Information Security functions as required.

Key Achievements:

Developed, planned and coordinated project to migrate Life insurance platform from RACF to ACF2 mainframe.

Provided telephone support services to end-users regarding user administration and password management for RACF, ACF2, UNIX, Remote and OS2 applications and subsystems.

Performed research and analysis of security applications and modifies procedures to solve clients' complex problems, considering computer equipment capacity and software limitations.

Planned advanced and functionally defined assignments and goals, with alternatives, actions, and results clearly specified.

Prepared detailed project specifications and timelines. These projects include merging all internal Life insurance systems, and convert select RACF LPARs to ACF2.

Assisted management by providing accurate estimates of work effort and impact of projects and tasks.

Performed limited supervision junior contract team members.

Handleman Company Inc., Troy, Michigan 1/1999 – 7/2002

Information Security Manager

Management position, promoted to work under the general direction of the Risk and Compliance Division - Senior Director, responsible for the delivery of Information Security User services and logical access administration.

Key Achievements:

Acted in a liaison capacity with internal departments, executive management and third-party vendor responsible for operational and networking infrastructure of Handleman Company.

Participated in the system/application development life cycle to ensure Information Security processes and concepts are incorporated into all applicable systems and software.

Reviewed audit recommendations, analyzing the situation, perform gap analysis and initiate recommendations for remediation of identified exposure(s).

Coordinated and direct day-to-day operations and activities of 6 direct reports (both internal and outsourced). These activities include user administration of ACF2, AS/400, EMAIL, LAN and CICS-PRISM/Ideal access.

Coordinated and trained direct reports to perform project management and customer support responsibilities.

Coordinated and directed workload management activities to maintain expected request processing goals as defined in the Company Security policy.

Coordinated and conducted change management reporting and activities of Handleman Company in accordance with established standards and policies.

Electronic Data Systems., Troy, Michigan 1/1991 – 12/1995

Information Security Analyst

Promoted to provide non-technical and limited technical support on all security programs and procedures. This includes: Processing computer access forms, password resets for RACF, ACF2, CICS, HPNSK and UNIX platforms.

Key Achievements:

Ensured terminations are handled in accordance with Corporate Policies and Standards Monitor and review access violation and security maintenance reports.

Analyzed business and/or technical requirements to formulate a project plan.

Performed analysis and issues resolutions of business and project requirements.

Assisted with the development, implementation, monitoring and maintenance of all information security standards, policies, and procedures.

Coordinated and enforced compliance to corporate Information Security policies department briefing sessions, security education, and other methods as appropriate.

Participated in the system/application development life cycle to ensure Information Security processes and concepts are incorporated into all applicable systems and software.

Facilitated the timely responses provided on all Audit concerns, and participated in the timely resolution of open audit concerns.

Provided Information Security training and/or briefings to all employee levels as required.

Participated in On-Call support for assigned systems under the responsibility of the Department.

Demonstrated a broad knowledge of the multiple environments.

Established inter-relationships between the various functional components of the systems and the business, technical and project requirements.

Coordinated and scheduled project assignments within the team environment as needed.

Electronic Data Systems. (F.K.A Secure Data Corporation), Troy, Michigan 12/1989 – 1/1991

Information Security Analyst

Operated and monitored mainframe and midrange computer equipment and peripheral devices.

Observed control panels for malfunctions and errors in operation messages.

Key Achievements:

Initiated and monitored all computer software and prioritizes the job streams to ensure all processing deadlines are met, making adjustments to correct operational problems or meet special conditions.

Assured appropriate use of computer equipment and ensures that client service expectations are met.

Provided diagnosis in common error situations to determine point of equipment or program failure.

Coordinated with technical personnel when error requires a change of instructions or sequence of operations.

Applied knowledge of computer operations principles, practices, and procedures to assignments that are complex in nature.

Identified and researched problems to determine better utilization of mainframe resources and the impact on daily production cycle.

Recommended process improvements to ensure computer equipment is functioning correctly.

Ensured procedures are followed and standards are met while tracking all jobs and maintaining the appropriate documentation.

Education and Training:

2014 - North Carolina State University, Raleigh North Carolina - Software Security Course

2014 - RSA Software, Durham North Carolina, RSA Fundamentals Training Course

2010 - University of Phoenix, Columbus Georgia, Bachelor of Science/Business Administration

1992 - Pontiac Technology Institute, Pontiac Michigan, Computer Data-Entry/Key Punch

1985 – Clarkston High School, Clarkston Michigan, Diploma

Contact this candidate