MARC WILSON
Hamden, CT 917-***-****
***** ac1nf4@r.postjobfree.com
SR IDENTITY ACCESS MANAGEMENT PROGRAM MANAGER/SME/SOLUTIONS ARCHITECT
Summary:
Innovative, Sr. Identity Access Management SME with Project/Program Management, Implementation Solutions Engineering and Architect background. 20+ years of strong technical working knowledge coupled with strong project management skills with a financial, commodities and software background. Very strong experience with information security and concepts with an emphasis on IAM Governance, IAM Program Management, IAM Architecture, Privilege Access, RBAC, Unstructured Data, engineering/analysis/administration of enterprise systems, access provisioning, access review, single sign on and federation. Background covers multiple industries, including financial, healthcare/biotech pharma and in depth trading floor experience with a solid understanding of overall IT infrastructure and SDLC. Quick problem solver in fast paced environments and works well under pressure, with a focus on root cause analysis and incident resolution. Motivated team player with ability to function independently. Well organized and consistently meets deadlines. Excellent interpersonal and communication skills with the ability to effectively interact with both technical and non-technical staff along with global clientele. Strong focus on customer service, along with strong oral, written and presentation skills.
Professional Profile
Alexion Pharmaceuticals – Cybersecurity/Information Protection – New Haven, CT Nov 2016 - Current
Sr. Program Manager/IAM SME
Responsibilities:
Reporting to the CISO, assist in overseeing a quickly growing Information Security team focused on supporting current and future information security solutions for Alexion globally
Program Manager for the Privilege Access Management initiative utilizing CyberArk PAM solution, consisting of identifying and assessing privileged account security risks, developing policies and prioritizing then onboarding target accounts
Detailed focus on cybersecurity, security of various cloud platforms and partners, leading information security practices, and project management
Provide guidance across multiple business units on leading practices around information security for business projects with a strong focus in identifying and assessing controls for contracted cloud services and meeting regulatory compliance requirements
Act as a trusted advisor on Information Protection initiatives, including full lifecycle Identity and Access Management
Manage the Identity and on-boarding of all new staff across our services utilizing SailPoint IIQ Identity Governance
Partner with DevOps function to deliver IT to support our Engineering Teams (development and delivery pipeline)
Serve as the Information Security Officer for the BUs, responsible for influencing the business leadership at all levels regarding Information Protection
Bank of America/Merrill Lynch –Technology Infrastructure/Security Engineering – NY Nov 2015- Nov 2016
Sr. Technical Program Lead/Project Manager CyberArk Implementation Coordinator
Responsibilities:
Project/Program lead responsible for managing and overseeing cross functional teams in undertaking an expanded remediation program to address control weaknesses associated with bank wide audit issue for Privileged Access
Responsible for the overall direction, coordination, implementation, execution, control and completion of remediation efforts, centered around implementing 9 control objectives for Privileged Access Accounts across hundreds of Product Sets, including applications, network devices, storage devices, databases, servers, middleware
Thoroughly engages Subject Matter Expert (SME) for device/product set to review accounts and plug-in design as well as verification of lab device existence for ATP and lower level testing
Assist CyberArk engineering team with creation of plug-in request forms and works with CyberArk vendor regarding Statement of Work and needed Professional Services (PS) for plug-in creation
Created prerequisite questionnaire for Product Set Risk Leads that assists as starting point for several Program milestones, including Password Vaulting, Multi-Factor Authentication, Logging and Monitoring and Local Authentication Stores
Monitor and effectively report on progress of the project to all stakeholders including communicating project status
Present status reports and provide regular project updates to Program Manager and Stakeholders
Assemble, coordinate and provide direction and support to project staff
Define project tasks and resource requirements and track project deliverables using Microsoft Project and other tools
Mange project budget, project resource allocations, and address project financial variances
Establish project repositories (SharePoint) and store project artifacts
Deutsche Bank – CISO, Identity and Access Management May 2015- Nov 2015
Sr Project Manager/IAM SME
Responsibilities:
Leading the Vendor Adoption and Risk Assessment domain of the Unstructured Data Governance program – a program set to identify and assess risk associated with the unstructured data within Windows File Share, UNIX Shares, SAMBA/NFS, SharePoint and Exchange Shared Mailboxes (Data Repositories).
Project lead responsible for the adoption and implementation of the FSAM (File Share Access Management) program in the IBM, ATOS and HP outsourced environments under the UDAM (Unstructured Data Access Management strategy
Organize workshops with outsourced Vendors
Provide analytical and technical guidance to the team and recommend and/or take action to direct the analysis and solutions required
Communicate and work closely with DB information security group, IT policy owners, end user technologies specialists, and application architects
Support the development of a budget plan for the adoption
Build the engagement and implementation plan
Support and drive the execution of the implementation plan
Generate a project MIS and communications plan
Present status to stakeholders and senior management
Develop KPIs to measure success of the implementation
Assist in redefining existing IBM, ATOS and HP MIS dashboards and reports
TEKsystems - Global Services March 2015-May 2015
Sr. Identity Access Management SME
Responsibilities:
Evaluate the current IAM environment and regulatory requirements and challenges for the Bank of Oklahoma
Define business requirements for the Sailpoint IIQ platform and outline the expected features and functionality
Provided architecture, design and subject matter expertise on onboarding targeted applications and directory sources, i.e. CyberArk, Active Directory, HP ArcSight Logger, etc
Interview key stakeholders and application owners, and capture current state information and data for review
Perform an IAM assessment and provide an actionable plan to achieve the future-state IAM vision
Road mapped a multiyear Identity and Access Management initiative of projects and activities designed to achieve the stated IAM vision
Proposed access review risk analysis and RBAC process improvements with Bank of Oklahoma
RSA The Security Division of EMC – Clear Bridge Technology June 2014 – Feb 2015
Sr. IMG (Aveksa) Implementation/Solutions Engineer/IAM SME
Responsibilities:
Interpret and apply IAM architecture and designs to build Identity and Access Management solutions to support and advance the effectiveness and efficiency of client operations, personnel and customers
Experienced in implementing/leading/managing RSA IMG (Aveksa) Suite (Access Fulfillment Express, Access Certification Manager, Business Role Manager, Access Request Manager and Data Access Governance)
Installed and configured IMG/Aveksa (Identity, Account, Entitlements) collectors for Active Directory via LDAP
Designed requests and workflows, including provisioning, in IMG/Aveksa
Work with affiliate and corporate managers to understand business requirements, enterprise IT standards and other considerations that determine how IAM solutions and services should perform and operate
Technical specialization in Identity Management & Governance 6.5/6.8/6.9 and IBM WebSphere Application Server 7/8 including migration and configuration
Work as technical lead/SME in Enterprise Password Vault engagements (CyberArk)
Participate in defining architecture and process standards for the identity management platform; contribute to ongoing evolution and development of IAM strategies
Engineer solutions to ensure that IAM solutions, processes and services perform according to defined standards, meet defined policies and comply with information security requirements and ISO policy and procedures
Assists with integration of IAM systems with in-house and third party applications for provisioning, identity authentication and developing connectors between IAM tools and system resources
Troubleshoot and resolve complex authentication, authorization and integration problems
Lead and/or execute of daily, weekly and monthly support activities to maintain the overall IAM environment(s)
Co-ordinate with architect and BA to write the test scenarios and test cases for various requirements
CIGNA – Bloomfield, CT March 2012 - April 2014
Cigna Information Protection/Access Management and Governance
Sr. Business Analyst, Manager/IAM Engineer
Oracle Database Automation IAM Provisioning Project
Siteminder/WebSphere Application Server Upgrade Project
Responsibilities:
Implemented a new, large scope automated access provisioning/de-provisioning process of Oracle database entitlements into IBM Tivoli Federated Identity Manager /Access Manager/Scheduler and RSA Aveksa, with the objectives of efficient on-going administration and adherence to both security and audit requirements
Provided comprehensive consultation to business units and IT management at the highest technical level on all phases of the project development lifecycle
Provided high level and in depth presentations to application team heads, business stakeholders and cross functional units on the access provisioning automation process, highlighting the objectives and benefits
Identification and documentation of the project requirements based on Charter and SOW
Communicated extensively and interfaced with DBA’s, application owners, data stewards, and related technical staff
As part of the (ITIM) team, performed hands on configuration changes in ITIM in order to connect 500+ Oracle instances
Provisioned and monitored the Oracle Database Entitlements in the Aveksa Access Request product
Worked closely with Information Protection Compliance team in investigating and resolving scheduled Oracle data collection issues
Performed SQL Developer data analysis and execute command scripts that isolate data differences and discrepancies in multiple Aveksa ETL tables, and make updates where necessary
Translated operation business needs through the assistance in developing and implementing the information technology architecture and design around CA Siteminder
Test and troubleshoot problems with the Siteminder software in development, test and production environments
Manage RBAC and the Access Management tool to automatically provision access for all internal applications based on new CA Siteminder security architecture
Act as an expert technical resource to client and development management and staff in all phases of the development and CA Siteminder implementation process and provided support and implementation resources
Provided assistance with CA Siteminder policy server and agent installation, configuration and security protocol support
Analyzed business requirements and defined and provided enterprise Identity Management solutions
Performing the data root cause analysis to determine how each application role fits into the RBAC environment
Created and assigned the new Global Groups to the existing RBAC primary job roles across applications in scope
Creating new sub roles where applicable and assigned the new Global Groups to the newly created sub roles
Determined those roles that are deemed Outside of Role (OOR) through in depth analysis
RBAC level 3 support for both pre and post implementations for outstanding access issues
Regular face to face communication and recurring project status checkpoint with all key project stakeholders
Develop and publish detailed functional specifications, project documentation, current/future state analysis, training documents, and other necessary systems documentation for changes, enhancements, and new systems
J.P. Morgan Chase Bank – Northeast Region Nov 2011 - Feb 2012
Team Lead Manager/Consultant – 2011 Software Upgrade/PC Refresh Project
Brought into J.P Morgan to lead Software Upgrade initiative.
Ensure all software and peripherals are installed and functioning properly
Monitored software installation process upgrade (Win XP to Win 2007) via HP Client Automation OS Monitor
Manage corporate computer and communications infrastructure in efficient and effective manner
Provide support for servers and other corporate equipment/systems while onsite
Administer and support all infrastructure applications and framework necessary to ensure successful online connectivity and testing in Production
Managed a team of 3 or more IT staff members, along with issues and escalations and expectations
Communicate team status to Banking Center Desktop Support Bridge and Insight Command Center
Constant assistance and communication with internal corporate management and other banking representatives
Glencore LTD – Stamford, CT Apr 2011 - Nov 2011
Sr. Application Support Systems Analyst/Consultant
Provide front-line trade floor user support for Glencore applications, primarily Commodity XL (CXL), applying best practice incident management procedures, with particular focus on interdepartmental applications and processes
Identify issues and possible resolutions, and communicate with global IT organization to coordinate back-end technical support and initiate change management requests
Test problem resolutions and assist in testing major product releases
Conduct integration testing and UAT with all the relevant IT product teams and business stakeholders
Contribute to knowledge base by documenting and communicating issues, resolutions, and enhancements
Triple Point Technology– Westport, CT June 2008 - Feb 2011
Sr. Application Support Systems Analyst/Client Lead
•Provide both functional and technical support of multiple, propriety, Windows-based Client-Server Cross Commodity Trading Software product called CXL (Commodity XL) to global clientele
•Client lead in regards to troubleshooting and assisting with all Commodity Xchange (product with ICE/NYMEX connectivity) issues as it relates back to the software.
•Provided technical support for Middleware software issues (TIBCO, SOAP)
•Provide root cause analysis and liaise with internal development to troubleshoot software problems and identify solutions
•Maintained client specific support environments, including upgrades, restores and configuration changes to databases and application servers utilizing SQL scripting and various query tools for data extractions, such as TOAD and MSSQL
•Assist with application unit and regression testing and prepare and package releases and release instructions
•Utilized Remote Desktop and Citrix for troubleshooting, installing and modifying configurations on application servers
•Competency with configuration management and issue tracking software (StarTeam)
•Document client support issues via SalesForce call tracking software
•Compile reports and statistics relating to client call history
•Entrusted with the most complex customer service issues, including that of client front office trading desks, as a result of exceptional ability to promptly resolve concerns and satisfy customers
ING Investment Management – Hartford, CT March 2007 - May 2008
Sr. Systems Analyst/Project Manager (Consultant)
•Assists VP of Accounting Policy in monitoring, analysis and application developments with the use of PAM (Princeton Financial Systems) Accounting System Administration
•Administers report creation, testing and implementation utilizing Portia (Thompson Financial) Transaction Reporting System Administration
•As Project Manager, managed the process for obtaining quarterly representations from key personnel to CAO, meeting required deadlines and documentation requirements
•Plan, manage and execute internal training, including trading floor personnel in NYC headquarters
•Provided early morning, overnight and weekend support of mission critical accounting and transaction processing
•Created and maintained new jobs and regularly support existing jobs with Tidal Enterprise Scheduler
•Facilitates process and control walkthroughs with management testing team and external auditors for new processes
•Created and maintained documentation of previously undocumented functions for current reference and knowledge transfer
•Constant communication and troubleshooting with upper management and related business groups via weekly meetings
•Performs and documents quarterly meetings with asset managers
•Performs follow up of outstanding deficiencies to assure timely implementation of remediation plans and ensure proper resolution
•Collecting and analyzing complex data, evaluating information and systems, and drawing logical conclusions
Sempra Energy Trading, Inc. – 58 Commerce Road. Stamford, CT Apr 2000 - Jan 2007
Assistant Vice President/Manager - Sr. Systems Analyst-Administrator
•Managed an IT team of 5 within the Americas and 2 overseas in order to efficiently provide and maintain 1st through 3rd level system and electronic trading production support for 1,000+ users on all desktops, 7 days, 24 hours globally
•Communicated regularly with upper management regarding IT infrastructure improvements, strategic moves and budgets Support of Microsoft NT, 2000, XP, 2003 and Windows 7 Operating Systems and Microsoft Outlook email system
•Worked and communicated with all phases of development when issues arose and troubleshooting various system errors and roadblocks across Front-Middle-Back Office applications by performing in-depth root cause analysis and debugging practices.
•Maintained and supported proprietary commodity trade capture software along with granting and/or restricting access rights in addition to the maintenance and technical support of FIX Protocol messaging
•Utilized VMWARE remote access software to troubleshoot problems and support overseas offices and remote users
•As administrator, oversaw, installed, and maintained all trading and marketing applications (Reuters, Bloomberg, CQG, Nymex) in addition to the development of strong relationships with the corresponding vendors
•Manage all computers, groups and users via Active Directory via Group Policy Administration
•Installed Citrix software on clients and monitored load balance and processes on Citrix WinFrame servers
•Installed and maintained all software and hardware pertaining to PDA’s, such as Blackberry and Palm Pilots
•Logged all day to day work flow specifics in Remedy ticket tracking system to ensure proper and timely troubleshooting
•Issued and maintained laptops along with updating and installing needed software and service packs, including VPN software when needed
•Provide 1st through 3rd level support/diagnosis for the IPC Turret system and phone service including NICE recording logger and provided application support for software developers
•Thoroughly tested new software installs and rollouts to ensure compatibility with current desktop build;
•Engaged in all Microsoft, proprietary and 3rd party related upgrades and/migrations on both desktop and server level
•Coordinate office moves as related to system, voice and network
•Provided executive level support, those including V.P.’s, Presidents, Managing Directors, straight up to the CEO.
•Performed Shell scripting/commands and/or predefined Shell variables in order to access user directories, and would add, modify, or delete users based on user’s status and role within the company
•Utilized SQL/Unix scripting and TOAD query tool to troubleshoot various Oracle/Sybase based errors and issues
•Strong knowledge and understanding of internet connectivity, networks, firewall, routers and FTP, TCP/IP protocol
Technologies
Hardware/Platforms: Software: Marketing Software/Trading Platforms:
•WebSphere Application Server (7/8)
•Microsoft Exchange Server
•Exchange Shared Mailboxes
•Citrix Server
•IBM DB2
•Sun Solaris
•CyberArk Privileged Account Security Solution Administration
•SailPoint Identity IQ
•Okta Single Sign-On
•AWS Platform
•T-Systems Cloud Services
•PKI (Intercede MyID)
•Docusign Electronic Signature
•Intercede MyID
•ServiceNow
•JIRA software development tool
•PowerBroker Management System
•IBM Tivoli Federated Identity Manager
•IBM Tivoli Access Manager
•IBM Tivoli Scheduler
•RSA - Identity Mgmt & Governance
•RSA - Aveksa Certification Manager
•RSA - Access Fulfillment Express
•RSA - Access Request Manager
•HP ArcSight Logger (SIEM)
•SharePoint
•CA Siteminder
•LDAP
•SAP
•Windows XP - 2010 Operating Systems
•Microsoft Office 2003 - Office 365
•Active Directory
•Commodity XL Software
•Mercury Tool Suite
•Quick Test Pro (8.0)
•Citrix
•SQL Server Management Studio
•StarTeam
•Remote Desktop Connection (RDC)
•VMWARE
•Visio
•Remedy Ticketing System
•Cisco AnyConnect Secure Mobility Client
•DOS, SQL, VBA, HTML, DHTML
•Access, Unix Shell, Java Script, ASP
•TOAD, MS SQL
•TIBCO
•SOAP
•Inter Continental Exchange (ICE)
•Reuters
•CQG
•Bloomberg
•CQG
•Nymex Access
•Chase Banking System
•Trade Capture
•SupportPoint
•SalesForce
•FIX Protocol
•NICE recording logger
•
•Trading Turret system
•Princeton Financial Systems
•
•Thompson Financial Systems
•Tidal Enterprise Scheduler
•
•DACS Server
•
Education/Certifications
(ISC) 2 Central New York Chapter, LLC
Certification: CISSP
Netlan Technology Center – New York, NY 2000-2006
Certification: (MCSE) Microsoft Windows Servers (multiple releases)
Futures In Information Technology - New York, NY 1999
Subject Matter: Web Development/Database Administration
Classes: HTML, DHTML, ASP, Visual Basic, SQL, Windows NT, Access, Java Script
Queens College, City University of New York 1985-1989
Bachelors Degree in Accounting/Business Administration
Major: All aspects of both manual and computerized accounting
Related Classes: Business Law, Business Management, DOS, Basic computer programming