Office Information Security
Resume:
Mohamed Omar Rayes - Page * of **
adah5x@r.postjobfree.com
Mohamed Omar Rayes
PhD in Computer Science
adah5x@r.postjobfree.com
Able to Relocate & Travel Extensively Available for Full-Time & Contract Assignments Legally authorized to work in the USA and other countries Professional Summary
Senior Enterprise Architect with a track record of success in combining strong background in architecture and technical leadership as well as analysis and design skills with comprehensive experience that includes complex systems integration, complex software development, and enterprise solution architecture.
Diverse systems development experience ranging from small systems for specialized users, up to very large corporate applications for airline industry and high tech companies.
Accomplished in delivering innovative strategic technology direction and leadership to the business of the Enterprise, pragmatic oversight of technology projects, and leadership in the planning and implementation of the entire technology base.
In depth knowledge of the state of the art enterprise architecture framework such as the Open Group Architecture Framework (TOGAF), Federal Enterprise Architecture (FEA), and the Zachman Framework. His approach to enterprise architecture solution is hybrid of these frameworks that takes the best features of the TOGAF process and the well described models or artifacts describes in Federal Enterprise Architecture framework such as the business model, the service model, the technology model, and the data model.
Dedicated to leading teams to create architectural strategy and design, ratify it with stakeholders, and provide technology leadership, governance and support throughout the project lifecycle, from concept to implementation.
Expertise in developing long-range plans and roadmaps, and defined new approaches for technology including object-oriented design and development, web services, infrastructure components such as SOA, and productivity tools.
Skilled in analyzing and evaluating existing programming, database, and productivity software in order to determine the "readiness" level of interoperability, functionality, scalability, and adaptability of these tools relative to enabling new business opportunities and the ability to deliver solutions in the future.
Extensive experience partnering with the technical teams to pull together a sound and holistic technical view of the ITSM Technical Architecture. Championed the support and approval of the ITSM Tools Committee and ITSM Governance Board as required.
Hands on experience establishing Target Application Architecture Supporting Best Practices in order to identify and implement measures to reduce functional and technical complexity within the Enterprise. This was translated into considerable IT cost savings, and allowed the Enterprise to become more responsive to changing business requirements.
Highly proficient in developing software cost estimates for software managers and engineers. Including developing methods that apply to the estimation of the costs associated with the software development portion of a project from software requirements analysis, design, coding, software integration and test, through completion of system test. Conversant in the Constructive Cost Model (COCOMO).
Advanced experience developing and delivering detailed Architectural services to the project and program teams to ensure that all new and projects are architecturally compliant with ITSM standards.
Confident and articulate leader, able to effectively communicate with top officials of an Enterprise and constructively communicate with solution architects, software architects, and engineers. Technical
Mohamed Omar Rayes - Page 2 of 16
562—802-4591
adah5x@r.postjobfree.com
Scientific Applications: MATLA SCRIPT (10 years+), Maple (10 years+), Mathematica (10 years+) NAG (15 years+)
Programming Languages: C++(15 years +), JAVA (10 years +), C (15 years+), LISP SCRIPT (15 years+), CLOS, APL, COBOL SCRIPT (5 years+), VISUAL BASI (10 years +), PROLOG SCRIPT (5 years+), OPS5, PERL SCRIPT (5 years+), PHP, SQL, PYTHON SCRIPT (5 years+), C# (5 years +), SHELL(15 years+), VB SCRIPT
(5 years+)
Operating Systems: Windows XP, Vista, Windows 7, Unix (15 years+), Linux (15 years+) x, Mac OS 9
Database: SGML, INFORMIX, ORACLE, PostgreSQL Encryption: AES/3DES, Information security policies
Parallel Machines: Cray, Warp, Wave Tracer, Sequent, Encore Multimax Architecture tools: SPARX, ARIS, Archimate, Rational System Architect, MagicDraw., Troux Business Process: Management (BPM) JBPM, BPMN, BPEL IDE: Eclipse, Rational Software Modeler, Rational Software Architect, Rational Application Developer, Performance testing Windows Server and Linux Internet Development: HTML, MSQL, Java, TCP/IP, XML, LAN, WAN Software Modeling: UML, Rational Software Architect, Rational Software Modeler Other Tools: Code Collaborator, YACC/Lex/Bison, CORBA, Make, Ant Development IDEs: Eclipse RAD, Netbeans, RSM, RSA, UML: Class Diagrams, Sequence Diagrams, Collaboration diagrams, State chart Diagrams, event Diagram, Use cases, activity diagrams, Associations, constraints, entity objects, control objects, boundary objects FAST Enterprise Search Platform, Active Directory
Object-Oriented Methodologies: RUP, OMT, Brooch Object-Oriented Design, n-Tier architecture, Waterfall, Agile
IBM Rational Tools: Rational Application Developer, Rational Software Modeler, Rational Software Architect, Requisite pro, Clear Quest,
J2EE (10 years+): Java Server Pages, Advanced SWING Graphical User Interface, Java 2D and 3D API, JavaBeans Component Model, Security, Java Database Connectivity(JDBC), Servlets, Remote Method Invocation, Session EJBs, Entity EJBs, Messaging with JMS,
Service Oriented Architecture (SOA): Web services. REST, Information Security: Symmetric Ciphers (DES, Triple DES, AES), Timing Attacks and Differential and linear cryptanalysis, Public Key infrastructure (RSA) and Hash Functions, denial of service prevention,
Professional Experience
Randstad Inc. at Vanguard (Current)
Senior Enterprise Architect.
• Establishing Infrastructure IT Roadmap for the Global Technology Office (GTO). The GTO office is office that oversees all of Vanguard IT Infrastructures. The GTO supports and maintains over 17000 telecom devices (audio, video …etc.). It also supports over 1700 enterprise application that support business services for over 20000 employees and over 200, 000 customers with 10,000,000 daily transactions. The IT cost for supporting this infrastructure was prohibitive due to lack of careful planning and the absence robust governance processes. As a result, in major infrastructure projects such as data center migration or transitioning to cloud architecture would cost additional millions of dollars due.
• The main task involved of capturing re current state of the enterprise and identifying and eliminating all of infrastructure technical debt. The number of applications were reduced from 1700 application to only 700. The number of telecom devices were reduced from 17,000 to 8000. The result also included the decommissioning of 400 windows 2003 servers, 700 Linux 5.x servers and 600 HP G1, G2, G3 platforms. Mohamed Omar Rayes - Page 3 of 16
562—802-4591
adah5x@r.postjobfree.com
• Established a technology life cycle plan for the remaining infrastructure technology products. Each product was classified as “Strategically Approved”, “Tactically Approved”,” Approved w/Constraints”,
“Retire”, or “Decommission” with clear time line for each product for a three-year IT Roadmap.
• Established an architecture review board that oversees and assesses any IT project against enterprise architecture procedures and policies in order to make sure that all solution adhere and comply with GTO enterprise architecture office guiding principles. o Defined in detail the roles and responsibilities for developing and approving the GTO Director Office EA artifacts,
o Ensured GTO office participation throughout the entire EA development, review and approval cycle,
o Ensured GTO Office leadership review and approval at formal levels when issuing the GTO Office's authoritative EA.
o Direcedt GTO Office personnel to adhere and comply by GTO Office EA procedures, standards, guidance, and tools for developing and maintaining GTO Office services and products, utilizing a common framework and methodology GTO Office-wide (including EA standards, guidance, tools, and templates)
o Established and document the review and approval processes for ensuring the development of a compliant architecture at all levels (enterprise, service, and solution) including: o Reviewed and approve of service architectures, and certification of compliance with the GTO Office's EA,
o Reviewed and approve solution architectures, and compliance with the GTO Office's EA, o Maintain, review, and approval of the enterprise baseline and target architectures, transition strategy, and sequencing plan, including integration of certified compliant solution and service architectures,
o Established the process for evaluating conformance of IT investment solution architectures with the GTO Office EA.
• Established an overall change management and configuration management processes in order to maintain an up-to-date the GTO Technical Reference Model (TRM) CBI Inc. Aug 2014 – Oct 2016
Enterprise Architect
• Development of Long-term IT Roadmap. Led Enterprise Architecture team in establishing roadmaps for key enterprise applications such as PeopleSoft, JDE, Hyperion. These business critical and SOX systems must have clear and well defined roadmaps in order to avoid any interruptions due to lack of underlying technology support. The approach was to establish IT road map for the lowest technology platforms on which these systems depend. This led to establishing a 5-year plan for all Microsoft and Oracle technologies used by CBI in terms of compatibility (OS, browser, support sunsets, etc.). Also implemented a process to maintain these plans, and to ensure continued alignment for these systems.
• Mobile Application Development Framework. Established process of implementing a tool Capriza that allows subject matter experts to create mobile applications, which will provide a simple interface into both modern and legacy web applications. This includes applications running within and outside the CBI address space. Capriza runs in a hybrid mode, which means a runtime agent server will be hosted on premise. The primary advantage of keeping the runtime agent server on premises is that it keeps all data onsite, including the browser cache. There are two main entities in the Capriza architecture: Capriza Management and Capriza Runtime. The third entity is the Capriza Designer. Capriza Management provides for and manages all Capriza services, including authentication, authorization, meta-data storage/retrieval and analytics. The Capriza Runtime is the entity which is involved in executing Zapps
(Capriza Applications) against a web application when running them from mobile devices. When a Zapp is executed, data is sent and fetched from back-end web applications to the mobile device. With the exception of the Runtime Agent (component hosted on premise), the Capriza components reside on an Amazon Web Services (AWS) Virtual Private Cloud (VPC), which is segregated from the rest of the Amazon cloud. Access to Capriza resources is limited through HTTPS (port 443) on a load balancer, Mohamed Omar Rayes - Page 4 of 16
562—802-4591
adah5x@r.postjobfree.com
which connects to services on the back-end. The Capriza Runtime is comprised of two components, the
"Runtime Agent" and the "Relay Server". The "Runtime Agent" is a headless Firefox instance running the Capriza engine. The Runtime Agent is the core component performing most of the heavy lifting of transforming a standard web application into a mobile experience. The "Relay Server" is a server connecting mobile devices and Firefox instances serving as a runtime session bridge. The Capriza
"Secure Channel" is a virtual channel operating on top of the HTTP or HTTPS transport layer. All of the data transferred between the Runtime agent and the mobile device is AES256 encrypted using a randomly generated (per session) 256-bit key. Development Process: Scrum on TFS 2013 installed on the premise. Software Development: Android: Android Studio 1.5.1,Minimum SDK Version: 15,Target SDK Version 21. Platform: iPhone: Mac 10.11 (64 bit), Android: Windows 7 (64 bit). Programming Language: Android: Java, iPhone: Objective C, Swift, Test Devices: iPhone 4s, 5s, 6, 6s, Android: Samsung Galaxy S6, Samsung Galaxy S5, HTC One X
• Deployment of SkilllSoft, People Soft Connectivity and Single Sign On issues. SkillSoft is application for enterprise learning hosted in the cloud.
• System Development Life Cycle. Led CBI application development teams migrate from a traditional waterfall process to an Agile Scrum process for application development and enhancement. In Scrum, system development is divided into iterations (sprints); each sprint begins with a sprint planning meeting which encompasses the development work during the sprint (called sprint execution). At this meeting, the Product Owner, the Scrum Master and the rest of development team review the outstanding user stories and determine which ones will be implemented during the current sprint (sprint backlog). The sprint backlog describes, through a set of detailed tasks, how the team plans to design, build, integrate, and test the selected subset of features from the product backlog during that particular sprint. Initially, the Product Owner decides which user stories are considered the highest priority to the release and which will generate the highest business value, but the team has the responsibility to voice concerns or identify impediments to moving forward. When the team commits to the work, the corresponding user stories are put into the sprint backlog. At this point, the development team decomposes the sprint backlog items into tasks. The Product Owner is expected to be accessible to answer questions, clarify acceptance criteria. During sprint execution, the development team performs the tasks necessary to realize the selected features. Each day during sprint execution, the team’s members manage the flow of work by conducting a short planning activity known as the daily scrum. At the end of sprint execution, the team has produced a potentially shippable product increment that represents partially completed product that is ready for customer review, testing and approval. The Scrum team completes the sprint by conducting two inspect- and-adapt activities. In the first, called the sprint review, the stakeholders and Scrum team inspect the product being built. They discuss any functionality change requests with the customer and add the requests to the Product Backlog. If the customer accepts the solution, the Product Owner and the Scrum Master along with appropriate additional approvers must approve the sprint results before authorizing the initiation or planning of further sprints. Technology used: Visual Studio 2013 & TFS 2013 Scrum Process Template.
• Application Portfolio Management. The IT department was faced with a executive mandate to improve the cost efficiency and effectiveness of IT. With over 3000 applications and more than 2000 servers, IT spending was highly decentralized and accountability for results difficult to enforce. The objectives of these are the following.
1. Assist in planning for DR/BCP is facilitated to ensure continuity of operations 2. Identify Business Critical applications
3. Identify Ownership, Service, and Support Contacts 4. Measure/Manage the risk associated with each application 5. Discover and eliminate redundant applications
6. Discover and eliminate of Applications of Little or No Value 7. Reduce IT complexity thereby, maximize business value received while minimizing IT cost incurred
Responsibilities include the construction and analysis of the application portfolio. The portfolio consists of more than 3000 applications. The task involved bringing up to date this portfolios and then perform Mohamed Omar Rayes - Page 5 of 16
562—802-4591
adah5x@r.postjobfree.com
Technical and Business value analysis in order to identify high value applications and also to eliminate low value of duplicate applications. The task also involved building business continuity and Disaster recovering planning for the applications of high business value. The result of this is reducing the application portfolio from 3000 applications to only 1500. The financial impact is projected to be of more than $1000, 000 in savings.
• Team Foundation Server. Established Team Foundation Server as the sole Enterprise Version Control System.
• TFS Server Migration
a. Participated in the writing the project charter for This project b. Engaged with App Dev Teams in building a complete list of Version Controls Repositories. c. Interviewed multiple Vendors for this project (Sparkhound, and Improving Enterprises Inc.) d. Lead all activities for capturing the current state/future state for this project. In particular, played an important role in the planning for
• Unifying and upgrade CBI’s multiple source control environments, including TFS 2010 servers, Subversion, Visual SourceSafe, and CVS, to one TFS 2013 environment
• Creating a consolidated Team Foundation Server environment to centralize all CB&I development team source code
• Deploying TFS 2013 with scalability by integrating with CBI’s enterprise SharePoint and enterprise SQL Server farm Search
• Implementing a strategy to best utilize new features in TFS 2013 to improve the CBI application development lifecycle
• Resource Skill Sets Required to Perform Task
• Resource Assigned to Task
• Inventory and Identify all Projects being migrated from either TFS or SVN
• Identify Sparkhound resources for performing migration tasks e. Played a major role in finalizing revising and Finalizing the SOW for this project f. Other tasks included the following.
TFS Installation
Provisioning of Window Server 2012 virtual servers Installation of SQL Server 2012 w/ SP1 for TFS
Installation of SQL Server Reporting Services for TFS Installation of TFS 2013 Application Tier
TFS 2010 to TFS 2013 Migration
Subversion to TFS 2013 Migration
Visual SourceSafe to TFS 2013 Migration
CVS to TFS 2013 Migration
TFS Proxy Installation & Configuration
• IE 11 Compatibility and Testing
Devised an enterprise wide testing approach identifying all the applications (e.g. Concur Expense Training) that do not run on IE11. This testing scheme uses IE11 enterprise mode, compatibility view, IE 11 enterprise group policy, and IE11 document modes.
Devised IE11 compatibility enterprise solutions for all custom and vendor applications that are not IE11 compatible. The proposed solution uses IE7, IE8, and IE9 browsing modes. Thus most of exiting apps will be covered with this solution.
Supporting Metrics
The EA part of devising an enterprise solution for this project is already completed. The solution is very robust and covers all possible scenarios of apps running IE7, IE8, IE9, and IE11. It also uses only built-in IE 11 testing/debugging features (no Mohamed Omar Rayes - Page 6 of 16
562—802-4591
adah5x@r.postjobfree.com
third parties add-ons). This makes it a compact and robust computability and deployment testing approach.
• Vendor and Product Selection
Created an EA tools selection criteria and researched and selected two EA tools (Troux and IBM-Rational System Architect) based on this criteria
Lead the interview of the vendors of these tools
Conducting a POC of RSA with an IBM partner for RSA
Deployment of SkilllSoft, People Soft Connectivity and Single Sign On issues. SkillSoft is application for enterprise learning hosted in the cloud.
Interviewing Vendors for Cost Software products for replacing PMCS. Candidate Vendors: EOS, Deltek, Oracle, Omega, Ecosys, Prism.
• SitePro
a. Investigated and recommended an automated test for this application. Microsoft Test manager is unable to detect Dev Express Controls utilized by SitePro. Recommended SmartBear TestComplete as an alternative tool for automated Testing. Demoed the tools to QA Team in India as well as the development engineers. b. Participated in improving Poor performance - causes data to be inaccessible to multiple users, multi hour processing, application and system responsive times. Data processing times were reduced from 5 hours to a few minutes.
• Content Management’ System Standards. Reviewed and revised major companywide IT policies and standards in particular policies pertaining to systems that are SOX or business critical. For SOX systems such as JDE, strict software change management process was put in place an in which the roles and responsibilities of each participant were clearly established. These steps were also enforced by internal audit office in order to ensure that these systems pass any external audit. Change management policies were established for JDE, PeopleSoft, Hyperion, and Centiaid.
• Secure Document Delivery System. Architected Secure Web-Based Document Exchange Server. When a user sends a document via certified delivery, the document is not sent directly to the recipient. Instead, it is sent to SecureDocs: a Secure Web-Based Document Exchange Server. The recipient receives an email message that indicates a certified document is available, with a link to the Web-Based Document Exchange Serve. All first time visitors to the SecureDocs site must be assigned a user id and password by the server admin prior to being able to access the server. SecureDocs utilizes an authentication scheme using LDAP/Active Directory to allow recipients to securely view appropriate documents. Only intended recipients can view documents, as only they will have the prerequisite login details. Even if the wrong recipient is emailed accidentally, they can do nothing with that email as they have no access to the documents whose links are sent via the email message.
• Enterprise Content Management Solution$10 Million Project. CB&I currently uses a custom developed application, iDocs, developed in Java and Delphi, to support their engineering/enterprise content management needs. The current iDocs solution functionally meets most current CB&I business needs, but technologically it is nearing its end of life. The cost and risk associated with upgrading the application needs to be balanced against the possibility of procuring an “off the shelf” alternative. a. For the new system, the following functional areas were addressed: Records Management: Document Management, Workflow Collaboration, and Integration. b. Conducted a market scan to identify vendors and a down-selection to target best fit vendors. c. Developed a RFI tailored to CB&I’s needs and solicit vendor responses d. Analyzed vendor RFI responses and review with key stakeholders in a workshop setting in order to determine the best fit solution going forward and make a final recommendation. Mohamed Omar Rayes - Page 7 of 16
562—802-4591
adah5x@r.postjobfree.com
e. Presented the vendor analysis, outcomes, recommendation and project results, in an Executive Summary Presentation, to key CB&I stakeholders.
Forsythe Technology Inc. Jan 2013 – Aug 2014
Enterprise Architect/ Solution Architect
Led a multitalented team in a Infrastructure Services On-Demand Provisioning project for a multi-billion revenue generating corporation. The goal was to provide services to assess the current provisioning process and identify gaps and issues that need to be addressed to reduce provisioning time frame from 7 months to 24hrs. The project established “to be” future provisioning process that minimized the current provisioning time frame and bring it closer to 24hrs. In this project, we also assessed the existing standard platform offerings (SOP) and providing recommendations on which SOP’s could be utilized, which SOP’s need to be retired and new SOP’s that need to be created.
Based on the assessment recommendations, a roadmap was created to implement the recommended provisioning process for sample applications:
Captured detailed “AS IS”/current provisioning process and procedures and the timeline to execute individual process steps.
Identified process issues and related timelines.
Captured technology stack of the sample applications and identify issues relating to non-standard technologies.
Captured business requirements for provisioning.
Captured security requirements for the sample applications and ascertain the constraints on provisioning due to these security requirements.
Identified processes that could be made more efficient to support the 24hrs provisioning time frames.
Defined “To-Be”/Future provisioning process that minimizes the provisioning timeline and achieve 24hrs provisioning timeline goal.
Identify usable Standard Platform offerings (SOP’s) and any addition SOP’s that are required.
Defined roadmap to execute the recommended future provisioning process. Hilton Worldwide Sep 2012 – Dec 2012
Enterprise Architect
Led and educated Hilton Hotels Reservation Call Center (HRCC) infrastructure team in UML documentation of capturing technical architecture of a state of the art Reservation Call Center project using Hilton Enterprise Methodology. This project is a multi-vendor (Hilton, Avaya and Dell) and is multiyear project with a budget of $11.7 million and is of a volume of more than 30 million calls per year.
The project is architected with three forms of failover possibilities: automatic failover, planned manual failover, and forced manual failover. The architecture of the system emphasizes streamlined Interactions, data reliability, fault-tolerance, high-availability cluster, and load balancing.
UML was used to capture Static view of the system: the key concepts from the application, their internal properties, and their relationships to each other. Application concepts are modeled as stereotyped components, each of which describes discrete objects that hold information and communicate to implement behavior.
The concepts of generalization, composition and aggregation were extensively used to construct class diagrams that describe static view of the system. Attributes and operations were given the appropriate visibility levels depending on the requirements set in the use cases model. Multiplicity and roles were added to enhance the readability of the class diagram and to ease the transformation from the analysis domain to the solution (design) domain.
The functional requirements were captured in terms of the use cases and use case diagram (the functional view). Scenarios were extensively used to identify who will be using the system (Actors) and what will the system do (Use Cases). The system boundary was precisely drawn in order what will be Mohamed Omar Rayes - Page 8 of 16
562—802-4591
adah5x@r.postjobfree.com
inside and outside the system. Use case relationships <<include>>, <<extend>>, and generalization were used to compactly and formerly establish well defined relationship among the use cases.
Guiding all the behavior views are use cases, each a description of a slice of system functionality as visible to an actor, an external user of the system. The use case view includes both the static structure of the use cases and their actors as well as the dynamic sequences of messages among actors and system, usually expressed as activity diagrams.
Other diagrams that were developed were Object Platform Model which depicts sub-system-actor interactions and deployment diagrams which depicted how the system is to be deployed in both the main site (Dallas) and the backup system (Tennessee).
SouthWest Airlines, Dallas, TX Apr 2001 – Sep 2012 Enterprise Architect
Responsible for analyzing and maintaining the overall Enterprise Architecture Activities.
Performed Technical Gap Analysis:
o Conducted a technical gap analysis in order to provide detailed understanding of the current technical architecture needs. These needs were defined in relation to target enterprise architecture characteristics that were derived from the guiding principles set by the CIO and CTO and their staff.
o For the purposes of the Technical Gap Analysis, ‘portfolios’ were used as a basis of comparison to current enterprise architecture and the target architecture. These portfolios provided insight into the leading design practices of robust enterprise architecture. Gaps are identified by comparing the suggested technical characteristics in each of the seven portfolios to the current architecture and to the current market based solutions of the newly identified deficiencies in the existing architecture.
o The portfolios that were used are 1- Interoperability (focuses on defining the mechanisms for system-to systems communications), 2- Data Management (focuses on defining the data that is specific to the enterprise) 3- Data Sharing &Coordination (focuses on promoting collaborative agreements and harmonizing competing standards for data shared within the enterprise), 4- Security & Privacy (focuses on defining standard security and privacy mechanisms to facilitate exchange of information among multiple organizations), 5- Adaptability & Extensibility (focuses on identifying and providing utilities for that can be tailored (adapted) and added onto to (extended) meet the needs of individual units).
o Identified Gaps:
Inflexible Application Architecture: legacy systems are built using technology that requires extensive manual, hard code changes when modifications are made to the business environment. The presentation, business, and data access logic are bundled together making it difficult to perform any changes
Contact this candidate