Security Manager
Resume:
Gabriel A. Diaz
Email: acxhqj@r.postjobfree.com
Mobile: 815-***-****
SUMMARY OF QUALIFICATIONS
Over eight years of experience working in Cybersecurity, focusing on securely enabling clients’ business to reduce costs and generate revenue
Proven abilities to lead, manage a team, and deliver projects on time and within budget
Diverse project work with multi-year implementations and strategic roadmap assessments
Demonstrated communication of complex technical concepts to business audiences
Creative, task-oriented, hard-working, and community-minded
EDUCATION & CERTIFICATIONS
B.S. Cum Laude, Computer Engineering, University of Notre Dame, May 2008
Certified Information Systems Security Professional (CISSP) Certification, February 2015
Oracle Identity Governance Suite 11g Essentials, December 2013
Oracle Certified Java Associate (previously SCJP from Sun), March 2012
Security Systems Certified Practitioner (SSCP), November 2011
ITIL v3 Foundation Certification, August 2009
ACHIEVEMENTS
Average performance rating of 1.25 (five point scale, 1 highest) over eight years
Offering Manager for Cybersecurity Practice, December 2015 to Present
New-Hire Training coordinator for Cybersecurity Practice, July 2010 to September 2015
Eagle Scout, Boy Scouts of America
EMPLOYMENT HISTORY:
PricewaterhouseCoopers (PwC)
Full-Time: September 2008 to Present
Internship: June to August 2007
Position: Manager, July 2013 to Present
Client: Large Privately-held Telecommunications Provider
Project: Web Access Management Framework & Application Integration
Description: Developing a web access management (WAM) framework for protecting client applications from unauthorized access through internal and external network entry points.
Role: Solution Architect, daily project manager for WAM solution, scope, budget, delivery timeline, and reporting to executive stakeholders.
Impact: Standardizing WAM integration models for repeatable, consistent access security, while enabling end-user productivity to complete job duties with single login for application access.
Client: PwC Internal
Project: Offering Manager for Implementation & Operations within Cybersecurity Practice
Description: Assisting in leading the Cybersecurity practice with PwC
Role: Reporting to Cybersecurity practice leaders and responsible for practice management activities such as strategic direction, internal communications, financial reporting, deployment, training, knowledge management, vendor partner relations, and investment.
Impact: The Cybersecurity practice achieved 28% YoY revenue growth while increasing 32% in headcount. This role has expanded my network while working with more partner and director leaders and increased my exposure to all Cybersecurity domains.
Client: Privately-held multinational with subsidiaries in manufacturing, trading, and investments
Project: Identity & Access Management Strategic Roadmap Assessment
Description: Performed IAM assessment across client’s people, process, and technology lenses to document current state, future state, roadmap, and organizational impacts.
Role: Facilitated executive and leadership stakeholder meetings, compiled all deliverables, and list of roadmap projects to mature client’s overall security posture.
Impact: Increased visibility into client’s current IAM-related processes/capabilities and high-level strategic plan for improving the security around onboarding, modifying, offboarding user access.
Client: Fortune 100 Consumer Electronics Retailer
Project: Integration and Support of Identity and Access Management Systems
Description: Aided client in integrating applications with new IAM systems, involving user data stored in an LDAP directory, automated role-based access control, and web access management (SSO and federation).
Role: Sole lead manager with team of 10 on/off-shore resources, responsible for coordinating application integrations with design, configure/develop, implement, release/operate/review phases on an iterative basis.
Impact: Client shutdown unsupported legacy IAM systems, new IAM systems reduced costs by needing 75% fewer resources to support, decreasing incident tickets by 63%, and providing two issue-free (no P1 or P2 incidents) black Fridays for client product sales
Client: Driver & Vehicle Services Department of a Local State Government
Project: Identity & Access Management Implementation Assessment
Description: Assessed client’s in-flight IAM implementation of provisioning and access management systems.
Role: Main client contact responsible for interviews and compiling report deliverable by using lessons learned from past projects and implementation best practices.
Impact: Client was able to modify approach after reviewing report output that included project strengths and areas for improvement.
Client: Fortune 50 Store/Online Discount Retailer
Project: Project Plan and Defector Coordinator - IAM Provisioning Upgrade
Description: Aided client in upgrading their user provisioning tool to the latest currently available version. This was major upgrade project that extended for more than a year.
Role: Main areas of assistance included project management and defect resolution.
Impact: Upgraded provisioning tool provided improved stakeholder reporting and additional functionality to facilitate access requests, revocation, and certification.
Project: Production Support in Engineer Role - Assisted Client with OIM Production Support Issues
Description: Client required assistance with production support for their existing OIM environments.
Role: Worked mainly to support employee facing OIM environment. Grouped similar and redundant end-user tickets to investigate root cause, design both short-term and long-term solutions, discuss pros & cons with client’s IAM manager and provide recommendations, and then implement solutions based on client’s decision.
Impact: Automated OIM scheduled tasks to reduce operations team workload; fixed SAP bulk-load issue to reduce manual access request completion and helpdesk tickets.
Position: Senior Associate, May 2011 to June 2013
Client: Fortune 50 Store/Online Discount Retailer
Project: Integration and Support of Identity Provisioning Systems
Description: To facilitate the client’s expansion into new foreign country, assisted client in providing foreign team members, contractors and non-user IDs requestable access, that can be approved, fulfilled, and subsequently certified as needed. The project included multi-release SDLC phase approach for integrating the client's existing OIM/OIA infrastructure with applications.
Role: Lead solution architect designing custom and out-of-the-box provisioning connectors, facilitated testing and production deployment.
Impact: Enabled automated provisioning for point of sales access, decreasing onboarding time for new employees and access removal time for terminated employees.
Project: Assessment of E-Commerce Channel Security Preparation and Execution after Go-Live
Description: Performed objective assessment regarding the security of client’s online channel, as they prepared to insource this function.
Role: Reviewed current and planned information security capabilities, including security controls associated with people/process, organizational structure, tools/solutions, and data; compiled report output and presented to client executives.
Impact: Client was better prepared during availability issues at initial launch of new online channel; client has maintained a top 10 online shopping website.
Project: Analysis of User/Role Access Discrepancies
Description: Performed analysis of role and access discrepancies discovered during certification process for client to discover root causes and remediation steps.
Role: Communicated analysis findings to client project stakeholders during formal meetings.
Impact: Users are now correctly assigned access to perform their job responsibilities.
Client: Major Automotive Manufacturer
Project: Directory Migration Projects - Policy Store and User Store
Description: Aided client in migrating Identity Management directory infrastructure from out of support technology to Microsoft's Active Directory Lightweight Directory Service (AD LDS). Project difficulty stems from integrating new store technology with existing SiteMinder, PingFederate, and Web/Application infrastructures.
Role: Drafted runbook guides to convert policy/user stores and tested process in lower environments.
Impact: Reduced costs by utilizing updated and vendor-supported directory software.
Project: Business-to-Consumer SSO Federation Project - Consumer Portal Application
Description: Assisted client in integrating Single Sign-On (SSO) federated connection with Consumer Portal application hosted at third-party vendor. Client leveraged existing PingFederate (product from Ping Identity) infrastructure to facilitate federated connection and control user access to the Consumer Portal.
Role: Drafted architecture and design documents; configured PingFederate in lower environments.
Impact: Secured user authentication and reduced number of logins by customer users through SSO.
Position: Associate, September 2008 to June 2010
Client: Major Automotive Manufacturer
Project: B2D Server Reduction
Description: Migrated client’s CA SiteMinder policy servers and Sun directory servers out of the production dealer-network to reduce infrastructure costs.
Role: Used Capacity Analysis System (see below) reports to make business case for server reduction to client executive leadership. Responsible for managing seamless coordination of server shutdown
Impact: 15 non-production and production servers were planned for decommissioning, providing potential annual savings of $360,000.
Project: Capacity Analysis System (CAS)
Description: Monitored stability of client's Identity Management infrastructure (SiteMinder, Secure-Proxy, Directory, and Ping severs) through consolidation and analysis of daily log files from multiple environments critical to client operations.
Role: Subject matter expert on CAS for client and PwC teams; responsible for report generation and troubleshooting/resolving technical system issues.
Impact: Visibility into server usage for audit and infrastructure reduction purposes.
TECHNOLOGY CAPABILITIES:
Databases/Directories - MySQL, MS Access, Microsoft AD and AD LDS, SunOne Directory Server, ForgeRock OpenDJ
Web/Application Servers - Apache, IIS, Oracle WebLogic Server, IBM HTTP Server (IHS)
Programming Languages - C, C++, Java, PERL
Operating Systems - Windows 95/98/NT/NT Server/2000/XP, Solaris, UNIX, Linux
Development/Audit Software - ECLIPSE, TRAC issue tracking, Subversion Source Control
Web Access/Federation Solutions - Oracle Access Manager (OAM), Oracle Adaptive Access Manager (OAAM), CA SiteMinder Web Access Control, Ping Identity PingFederate, ForgeRock OpenAM
Provisioning Solutions - Oracle Identity Manager (OIM), CA IdentityMinder, Microsoft Forefront Identity Manager
Web Filtering Solutions - Websense Web Filter
Role-Based Access Control Solutions - Oracle Identity Analytics
Contact this candidate