Security Engineer Access Management
Resume:
Career Highlights: Highly experienced architectural security engineer with global project experience, exceptional technical skills and experience in diverse technologies and operating environments.
Privileged Identity Management Solution Architect
oRFP to Sales, Discovery to Architecture / Global Implementations
oMastery of communications and presentation skills addressing Executives to End Users
oMastery of the required documentation skills for Low to High Level Design, Implementation, & Operations Guidesx
Global CyberArk Architecture & Implementations
oComplex Business Continuity requirements
oSecure Hosting Environments (SHE)
oUser Experience (UX) approach to Functional Solutions
Recognized Security Consultant with senior level engineering and team leadership experience
Experience leading global projects comprised of culturally diverse engineering resources
CyberArk Shadow / Mentor Representative
PROFESSIONAL EXPERIENCE SUMMARY:
GCA, Inc 2020 -2022 Privilege Access Management (PAM) Architect
Position Summary
Privileged Access Management Practice Lead spearheading the development of a PAM Team. Performed the Managed Services for five (5) Latin American based entities with stand-alone BeyondTrust Password Safe implementations.
SecureITsource, Inc. Jan 2019 – 2020
Position Summary
Senior Consultant, Privileged Access Management
CyberArk SME for global privileged access deployment
Strategy, scope, and deployment analysis including CyberArk Component selection
Development of CyberArk Architecture & Interdependency system design, Deployment & Implementation
Work collaboratively with client representatives for Explore & Discovery and leading customer design reviews focusing on load requirements, user experience (UE) and User Acceptance (UA)
Perform complete deployment, implementation, testing, user acceptance testing, transition to production & operationalizing the environment, including managing daily administration tasks, trouble-shooting, and on / off boarding request processes
Provide knowledge transfer and conduct training to client’s permanent staff
DXC Technology (EDS, HP, HPES & CSC Merger) 1994 – Present
Position Summary for EDS/HP/HPE/DXC:
February 2015 – Present Security Advisory Services IAM Practice
February 2012 – 2015 ESS-IAM Senior IAM Consultant
February 2011 – February 2012 Architect IAM & SSO
January 2010 – February 2011 Security Tower Lead (Fortune 500 client)
October 2008 – January 2010 Lead Security Engineer ID Expedite (IAM)*
October 2007 – October 2008 Integrated Lab management
October 2006 – October 2007 Engineer Perimeter Access Control
April 2003 – October 2006 Lead Engineer IDM Access Control
June 2001 – April 2003 Security Engineer Dow Mergers & Acquisitions
April 1996 – June 2001 Microsoft Engineering Group
February 1994 – April 1996 TPD Client Server Sales & Marketing
Position details:
FEBRUARY 2012 – 2018
Enterprise Security Services (ESS) IAM
Implementation of CyberArk for a Global Automotive Financial Corporation including Business Continuity and Di
Implementation of CyberArk Privileged Identity Management and Privileged Session Monitoring for Public Sector Financial entity. Design and deployment for Disaster Recovery and Backup and Restoration procedures.
Provided the Architectural Consulting for HP Clients to have the HP Portal / Enterprise Service Portal (ESP) Single Sign-On. Provided Architectural assessments of client environments and Identity Provider (IdP) configuration readiness. Managed the rollout and implementation of the rollout, organized the testing and rollout phases.
Implemented performed an upgrade of CA IdentityManager and JBoss, enhancements to CA IdentityManager and added custom endpoints and PowerShell scripting for data normalization.
FEBRUARY 2010 – 2012
Architect Identity & Access Management
Started on the project at the end of the Design Phase through completion:
GE-QMS Documentation
Training collateral for Levels 1 thru 3
Purchase requisition processes
Troubleshooting network & firewall problems
Led the certificate: request, answer, installation & configuration process
Lead the offshore team through the Design & Build Phases Work Product Review processes and received approvals. Performed as lead engineer for the customer on-boarding process and completed the first customer successfully.
Architected Phase II Connectors for:
oSAP; SAP / UME; Oracle Database; Custom Application Connector
Architecting the Access Management and Single Sign On infrastructure for HP hosted web applications.
JANUARY 2010 – FEBRUARY 2011
Security Tower Lead for Fortune 500 Company
Leadership focus successfully transitioning the IdM / AM security tower on time with a “bump less” transfer under extremely inhospitable conditions: Led the interviewing, recruitment, hiring, and training for the local and Best Shore teams for all HP Processes, procedures, and applications for the operations environment. Continued past transition to effectuate Steady State and update the current architecture for effecting High Availability and Fail Over and achieved:
Reduced user based incidents by 80%
Reduced “Severity 0 &1” incidents from 5-8 per week to 0-1 per month
Increased performance
Reduced response times
Improved processes for Change Control, Problem Management, root cause analysis and Documentation
Improved Client reporting
OCTOBER 2008 – JANUARY 2010
Lead Security Engineer ID Expedite (IAM)
Leadership oversight and management in the design and development of an Identity Management capability utilizing Oracle Identity Manager: Designed and built the eLab environments of: Pre-Development, Development, and UAT. Performed and demonstrated to clients User Self Registration and Workflows of Approvals and Escalations. Wrote the Deployment Guide for production release and deploy. Created and developed training collateral for:
Users; Managers; Engineering; Deployment
Mentored and Trained the Best Shore teams in the expansion and maintenance of the eLab and Deployment of ID Expedite up to and through:
Front-end load balanced web servers
oClient security; Certificates and stores
WebLogic Servers
oDomain creation; Clustering and failover; Certificates and Key Stores
OIM Applications
oClustering; Certificates and Key Stores; Oracle Database; Schema Deployment;
OCTOBER 2007 – OCTOBER 2008
Integrated Lab Management
Onboarding Consultant for Security Capability Engineers and Onboarding Engineers: Instrumental role in the development of Security Roles and Groups for secure remote access into ILab and promotion to production. Created training collateral for Best Shore teams and performed the actual training.
Engineer Perimeter Access Control
Created access policies securing access by:
Originating network location
Anonymous, single, and two factor authentication
Target network locations
Application controls
Testing & Remediation of deliverables in both development and iLab
Production delivery oversight and technical support
Documentation & Training guides, manuals, and training presentations for multiple audiences from end users to executive management
APRIL 2003 – OCTOBER 2006
Lead Engineer IDM Access Control
Global Information Security Organization Team Leader: Provided high-level technical security expertise for the development of security offerings and capabilities. Created security controls that involving the development of custom applications to implement principles of Least Privilege and Separation of Duties to Microsoft Windows Application Servers, which were previously not available and have been submitted for the patent process.
Technical team leader managing a team of four (4) UNIX engineers directing efforts to meet scope and delivery dates and led the CTO processes
Testing & Remediation of deliverables in both development and iLab
Documentation & Training guides and manuals specific to the Capability
JUNE 2001 – APRIL 2003
Security Engineer Dow Mergers & Acquisitions
Create secure infrastructure between Joint Ventures and Mergers and Acquisitions
Lead engineer providing direction for (10) subject matter engineers for the provision rapid deployment of critical workstation services to the Joint Ventures and Merger & Acquisitions utilizing Windows NT4.0 / 2000 and Exchange 5.0 / 2000
Developed engineering designs according to scope and strict security parameters that included outdated and despaired hardware and software platforms across Korea, China, and Middle East.
Testing of the security and access controls, performance and uptime requirements
Documentation of all network infrastructure and server fabric
APRIL 1996 – JUNE 2001
Microsoft Engineering Group
Primary responsibilities included the design, documentation, and deployment of both Microsoft and non-Microsoft solutions including:
Active Directory
Exchange Messaging
Internet Information Server
Enterprise backup using CA and Symantec
Antivirus using Trend and CA
Created numerous Design Proposal Summaries for installing or upgrading Microsoft solutions for existing clients reflecting required changes or enhancements to their complex environments.
Testing & Remediation of deliverables in development Lab
Production delivery and technical support
oDocumentation & Training guides, manuals, and training presentations for; End users, Engineering, Architecture, Managed Life Cycle, Sales & Portfolio, Executive management
FEBRUARY 1994 – APRIL 1996
TPD Client Server Sales & Marketing
System Engineer supporting pre-sales initiatives, determining requirements and matching to services with customer requirements. Primary responsibility was a technical consultant to TPD sales and marketing sales executives to design, quote, present and close new business opportunities by:
Answering the RFP / RFQ technical requirements
oSpecify hardware and software
oDetermining FTE time requirements
Meeting with client technical leadership, including architectural, engineering, and CIO
Presentation Support
Develop relationships with the client to grow the business by:
oProposing new technologies
oIdentifying areas for improvement or cost savings
oExpanding interdepartmental relationships outside EDS contractual boundaries
Provide technical design and leadership during development / delivery phases
Liaison between client and sales executives during contract period
Contact this candidate