Philip A. Coleman
Location: Dallas, TX * 214-***-**** * ******-*******@*********.***
Information Security Professional with over 16 years of experience in the information technology field. I have achieved success in a position of vital importance in security compliance and audit readiness. These responsibilities included security compliance spot check, security issue and risk management, architect, design, implement and manage security solutions. I have the following experience with PKI Infrastructure hardware, software and encryption keys. Management of PKI access cards, digital certificates and online certificates issued by VeriSign, Entrust, GoDaddy, SSL.com, Sectigo, Akamai and Microsoft Internal Certificate Authority. Certificate Lifecycle Management tools to include: Venafi, KeyFactor and Entrust Certificate Services (ECS)
Strong history in managing teams, cross-functional design, global initiatives, and delivering results; notable strengths include:
Transitioned Enterprise Companies for the following:
Certificate algorithm from SHA1 to SHA2 (Includes different root and Intermediates)
Transitioned Enterprise Companies Key Size from 1024 – 2048
Transitioned Enterprise Companies from Public CA Providers
Platforms
-Windows Certificate Manager, IIS Manager
-Linux KeyStores and TrustStores
-Azure
Configured OnPrem Certificate LifeCycle Management Applications
-Venafi CLM
-Core Operations – VM patches – Venafi quarterly updates (Database & Software)
– Operations - Polices – Notifications – Certificates Ownership for Onboarding
Configured OnPrem Certificate Authorities for Enterprise and Digital Airline
-MicroSoft – MSADCS
-WidePoint ORC certificate Authority
-Register Specific OIDS for EKU Digital Airlines to include (Digital Signature – Client Auth – Server
Auth and Web Auth)
- Auditor for Certificate Key Ceremonies
- CRL’s six month Publication for Delta and Base
Managed the Enterprise PKI ECO system from External Certs from Two Years to One Year validity
Managed the Google Distrusting the Extended Validation certificates
Managed the Google Distrusting all Entrust Certificates Types and the transition from Entrust to SSL.com and Sectigo
Created Internal Websites for Certificate Enterprise Notifications
Automate Code-Signing Certificates for Azure Key Vault
SSL External Certificate-VeriSign
SSL Internal Certificate-iCA
External/Internal Application Code Signing
EFS Certificates
VPN Digital Certificate
SSL Device Certificates
VenaFi Director and VenaFi Sems application
Windows Server 2016
TCP/IP – Basic Trouble Shooting (NSLOOKUP, Route Command, Tracert Command, Nbtstat, Hostname)
IIS Manager 10
WINS/DNS
NEWT vulnerability scanner for Microsoft Windows’s platform
Nessus 4.2.0 – Vulnerability scanning services used for auditing external facing web sites.
Crypto Tools include – OpenSSL, KeyTool, Portecle and Java Key Explorer
EDUCATION
University of Texas at Arlington 2010
New Mexico Junior College, Hobbs New Mexico – June 1985
Elcentro Jr. College – Web Developer – July 2002
CERTIFICATION
CISSP – anticipated test date 2026
A+ Certification
Computer Learning Center – Arlington Virginia
PROFESSIONAL EXPERIENCE
American Airlines, Fort Worth Texas
Information Security Analysis
Sr. Analyst – Current
Implement Venafi Encryption Director to manage American Airlines SSL certificates lifecycle
Implement and Manage RSA PKI for 787 e-Enablement and Beggs environment.
Write process and procedures in support of AA External CA and 787 e-Enablement and Beggs. Train and educate American Airlines application support members.
Support and maintain American Airlines External PKI Infrastructure for certificate issuance.
Enforced by NIST, Microsoft and CA/B forum.
Configure SSL certificates on IIS servers and application servers(windows 7 and windows 8). Configure the Roots and Intermediate Certificates into the trusted certificate store.
Support end users and end points with exporting and importing different certificate types
across all platforms.
Bank of America, Dallas TX –
Information Assurance Engineer
AVP; SR ANALYST – 2006/2011
Implement Venafi Encryption Director to manage Bank of America SSL certificates lifecycle
Write process and procedures in support of the Venafi project to train and educate Bank of America application support members.
Support and maintain Bank of America Microsoft PKI Infrastructure for internal certificate issuance.
Support online banking security using VeriSign unified Authentication one time password solution
Assist and educate system and application owner’s with the company’s 2048-bit encryption migration
Enforced by NIST, Microsoft and CA/B forum.
Configure SSL certificates on IIS servers and application servers(windows 7 and windows 8). Configure the Roots and Intermediate Certificates into the trusted certificate store.
Compliance audits tools. Run routine vulnerability testing in the windows environments, to meet internal and external web sites guidelines.
Manage the services and DLL’s for all internal certificate authorities and web servers.
Bank of America, Dallas TX –
Information Assurance Administrator
AVP; SR ANALYST – July 2002 – August 2007
3rd level support team for - iCA – Associate Identity Certificates for MAS/VPN
3rd level support team for – iCA – Infrastructure Identity Certificate for internal
web site.
Assist Associates with SSL certificate download and configuration on web servers.
Manage VeriSign CA queues for SSL certificates.
Approve, reject, revoke, reissue, using Microsoft Management Console
Generated all 3rd party Line of Business vendor SSL certificates for Bank of America
Registered Domain Name System for Bank of America External Corp Client passcode certificates – upload, revoke, reset passcode certificates used for Prime Brokerage clients, including maintaining a list of authorized requestors
Subject Matter Expert
Setup and managed Certificate Authorities in test environments for developers.
Support and manage the issuance of internal SSL certificates in the lower environments
Designed and implemented Group Policy Objects for 14000 users in an enterprise environment by using Full Armor Group Policy Editor software.
Authorized and maintained the distribution of the group policies throughout the entire domain
Provide third level support for the Operating Systems and software conflicts in Windows 95/98, Windows NT4 and Windows 2000
Systems Administrator
Administered and supported Windows NT Servers, Windows 2000 Servers, Terminal Servers, Print Servers and Citrix Metaframe.
Built, configured and maintained hardware and software for Compaq, Dell and IBM servers
Configured and troubleshoot network protocols such as TCP-IP, DNS, WINS, AND DHCP
Assisted in the relocation of the Energy Trading IT Infrastructure consisting of 100+ Servers, 500+ Workstations, Routers/Switches and over 1000 users