IT & Cybersecurity Leader - Director/Practice Lead
Resume:
Satish Swargam
Email: ********@*****.***, mobile: 317-***-****
linked-in: linkedin.com/in/satish-swargam-a30a071
Information Technology / Cybersecurity Leader Technical Director
Analytical and solutions-focused IT professional with extensive experience in architecting, designing, securing and developing enterprise applications across Application Security, Healthcare, Insurance, (Federal) Agriculture and Aerospace industry sectors. Adept at leveraging hands-on experience in software development to deliver innovative IT strategies.
Capacity for communication, collaboration, management and leadership aligning with internal and external stakeholders to propel business objectives.
Areas Of Expertise
Application Security Agile Methodologies Business Process Automation Compliance Continuous Integration Cross Functional Collaboration DevSecOps Machine Learning / AI Project Management Security Assessments Stakeholder Engagement Standards and Procedures Strategic Planning and Development Team Building and Leadership Vulnerability Management
Clifton Strengths: Strategic Thinking, Relationship Building, Influencing and Executing
Work Experience
Practice Lead, Black Duck / Synopsys Software Integrity, Burlington, MA July 2021 - October 2025
Principal Consultant Community Lead, DevSecOps & Secure Development Practice Lead and Sr. Manager.
BSIMM, Maturity Action Plan, NIST CSF, Architectural Risk Analysis, AISecOps / AI Governance and Penetration Testing assessor and technical oversight for multiple clients to improve their enterprise-wide security posture.
Black Duck spokesperson for rapid media response.
Led and mentored application security teams across several international offices, optimizing resource allocation to achieve over 80% billability and enhancing professional development through targeted growth plans.
Scoping and planning lead for SAST, SCA, secure coding guidelines, Comprehensive Security Analysis of Software Artifacts (including container, IaC) and DevSecOps opportunities.
Architected and spearheaded automation strategies for continuous security testing and cultivating internal expertise by developing and delivering targeted training for over 100 Subject Matter Experts (SMEs) globally on security automation best practices, tools, enhancing team efficiency and technical capabilities.
Course owner for Instructor Led Training and maintained hands on DevSecOps labs.
Partnered with Regional Sales Managers (RSMs) to provide pre-sales technical expertise, directly contributing to the closure of multiple global deals valued at over $1M each in annual revenue.
Orchestrated cross-functional resource planning and allocation strategies with practice leads, product, and resource managers to align talent with strategic priorities and optimize project delivery.
Environment: Black Duck tools (Coverity, Polaris, SCA, SRM), Burp Suite, Azure, AWS, Kubernetes, Agentic AI, Adobe Connect, MS Teams, Copilot, Draw IO, Miro, Jira, Wiki
Lead Security Architect, Cerner / Oracle Health, Kansas City, KS October 2013 - June 2021
Lead application security assessor / security architecture reviewer for internal products and external third-party developer integrations enhancing security posture across multitude of technology stacks.
Reviewer of Cloud Security Alliance CAIQs, HITRUST, HIPAA, NIST 800-53, SOC 2 Type 2 and PCI-DSS.
SME on application security and collaborated with teams in USA and offshore for building in security and guiding teams to address security findings.
Automated threat model (TM) processing, guided teams with TM and conducted over 80 TM assessments.
Leveraged SAST, DAST, Open-source vulnerability, Container Security and OS scans and triaged findings.
Conducted POVs for selecting security testing tools.
Designed, implemented and transferred knowledge to support team for continuously scanning hundreds of assemblies and thousands of components in CI for scalability.
Defined application security process, web application security and cipher security standards with reference to CSC and NIST.
Participated in audit sessions for secure SDLC and vulnerability management.
Embraced Agile methodology, Kanbans and Scrums for planning and task management.
Designed and developed prototypes for Application Security Questionnaires and leveraged Archer for risk assessments.
Environment: Microsoft threat modeling tool, Fortify, Brakeman, OWASP Dependency Checker, Burp Suite, OWASP ZAP, PCC, WhiteHat Security, RSA Archer, F5, Jenkins, Kubernetes, AWS, Azure, GitHub, SIEM (Splunk) Jira, Maven, Java, Ruby on Rails, Python, Gliffy, MS Teams, Wiki
Enterprise Architect Consultant, USDA, Kansas City, MO October 2009 - September 2013
Architecture Office
Engagement Architect in multiple projects to plan and lead in conforming to agency standards and adhering to best practices.
Analyzed security vulnerabilities, mitigated risks using static analysis tool and helped with resolving them in enterprise applications.
Supported container agnostic applications deployed to JBoss and WAS.
Designed and implemented automated deployments of applications to JBoss & Apache with Capacity Planning. Worked on IaaS, PaaS models and transitioned to a Project Advisor role for WebSphere to JBoss migration.
Coordinated with Infrastructure team for OS, networking and security configurations.
Evaluated and prototyped next generation web frameworks.
Automated builds using Maven and Continuous Integration.
Designed and promoted bottom-up Web Services and Messaging strategies across applications.
Configured CA Workload Automation Scheduler for EJBs and Web Services.
Involved in business process modeling with MEGA.
Integrated declarative and programmatic security with SiteMinder.
Environment: JBoss EAP, WAS, Apache, SQL Server, DB2, Maven, Struts, Spring, Jenkins, JDK, Eclipse, RSA, AppScan Ounce, Windows XP, RHEL (Linux), Confluence, Jira, SharePoint
Chief Technology Officer, Ngine Systems Inc, OH June 2009 – October 2009
Refund Management System
Architected, designed and implemented web prototype for Refund Management System.
Configured JBoss, Struts and JBoss Security on EJBs and Web services.
Configured Struts 2 with AJAX/dojo, EJB 3, Hibernate JPA with annotations and Web Services.
Environment: JBoss, MySQL, JUnit, Struts 2, JPA, JDK, Windows, Linux
Lead Software Developer, Liberty Mutual Insurance, Indianapolis, IN April 2006 - June 2009
Enhanced Commercial Line Systems October 2008 - June 2009
Designed and developed Enhanced Commercial Lines web application for Property and Custom Protector.
Involved in integrating Liberty Mutual’s Commercial Lines front-end system with Ohio Casualty’s IAA based back-end system.
Automated web application testing using WATIR scripts and JUnit EE.
Introduced AOP and Model Driven Actions for better maintainability.
Mentored team on technical implementation and provided estimates.
Agency Portal - Direct Bill Commissions & Agency Portal Output Delivery April 2006 - February 2008
J2EE Technical Lead
Designed and implemented business components for Direct Bill Commission Statements, Agency Sweep Payments, Agency Portal Output Delivery, Claims Inquiry and Billing Inquiry.
Integrated Commercial & Personal Lines applications.
Designed and developed security access to the statements and integrated with SiteMinder.
Developed JSPs, servlets and stateless session beans, message driven beans.
Designed and developed business day calculator utility and an improved exception handling mechanism.
Environment: WAS, RAD, Rational ClearCase (version control tool), Rational ClearQuest, Rational Rose (UML tool), Microsoft Visio, SharePoint, DB2 database, JUnit, JDK, Windows 2000
Lead Software Developer, Simon Properties, Indianapolis, IN February 2008 - September 2008
Designed and developed Swing application to assign utility providers to properties and manage special rates for leases for various service types.
Designed and developed event logging utility to track user interactions for gathering statistical data to identify areas for further enhancements to application.
Developed ETL (Extract, Transform & Load) utility to calculate escrows and true ups on utility services used by malls/properties and units/spaces within properties.
Environment: Eclipse, CVS (version control tool), Microsoft Visio, DB2 database, Versatility Framework, JUnit, Bamboo, ANT, JDK, Windows XP (development)
Sr. Software Architect, Humanizing Technologies / Cavo Health, Indianapolis, IN April 2002 - March 2006
LifePage™ Application
J2EE architect and Configuration Management specialist.
Responsible to load test, load balance/cluster the application to meet the performance/scalability needs of the application.
Participated in all aspects of the Software Development Life Cycle.
Configured web services for bulk registering users.
Designed and implemented document indices in Lucene for searching news articles. Involved with targeted scraping of news stories and blogs with concept search.
Configured JMS Queues and implemented Message Drive Beans in JBoss.
Configured Apache web server for serving up static content and mod_jk for Tomcat integration.
Internationalized the application using resource bundles.
Applied effective design patterns on client and server-side components.
Mentored team members on designing and developing JSPs, JSTLs & EJBs and effective Exception Handling.
Responsible to apply the deployment descriptor parameters for CMP 2.0 compliance.
Built a PDF extractor utility and packaged demos using InstallShield X.
Designed and developed a pattern that improved the performance of a particular part of the application by a factor of 10.
Environment: JBoss & WebLogic, JBuilder, Eclipse, OptimizeIt Suite, Rational ClearCase, Rational Rose, XDoclet, Microsoft Visio, Oracle, MySQL, JMeter, Lucene, TOAD, SQL Plus, JUnit, JDK, Windows XP & Red Hat Linux
Senior Consultant, Bristol Myer’s Squib, Hopewell, NJ November 2001 - March 2002
Discovery Profiling Toolkit
Developed presentation layer components using JSPs, custom tags and JavaScript.
Implemented programmatic security control involving custom tags for Navigation based on user role.
Responsible for the Configuration and Build Management. Handled problems faced by team members in resolving merge conflicts in the source code.
Designed and developed Entity Beans and Session Beans using EJB 2.0 Specification with Container Managed Persistence (CMP).
Environment: WebLogic, JBuilder, ANT, JTest, Rational ClearCase, Rational Rose, Documentum
Senior Consultant, Cambridge Technology Partners, Chicago, IL September 2000 - September 2001
Senior Developer, Westfield Insurance Group, Akron, OH
Developed an online web application for the Business Owner’s Policy.
Environment: BEA WebLogic, JBuilder, ANT, CocoBase, Together, OptimizeIT & Load Runner, Rational ClearCase, Rational Rose, Documentum, Lotus Notes
Senior Developer, Netjets, Columbus, OH
Designed & developed Operational Checks and Quality Control Reviews for the Flight Management System.
Environment: Persistence PowerTier, Visual Cafe, Rational ClearCase & Harvest, Rational Rose, Visual Basic, Group Mail, MS-Project
Research Assistant, National Institute for Aviation Research, Wichita, KS August 1997 - August 2000
Developed Multi-threaded Object-Oriented program with parallelization for a 3D Fluid Dynamics Application.
Applied machine learning such as Genetic Algorithms, Reinforcement Learning and Neural Networks.
Developed Java application and performed extensive analysis on its performance and memory efficiency with a FORTRAN code.
Analyzed injury criteria for occupant safety in frontal impact crash tests. Conducted sled tests and component HIC (Head Injury Criteria) tests for FAA.
Worked on 3D Simulation of Machining with Arbitrary Lagrangian Eulerian (ALE) Technique in LS-Dyna.
Analyzed the effect of HUD (Heads Up Display) on the pilot of a Lockheed Martin manufactured aircraft.
Developed FORTRAN and C interfaces for MADYMO (MAthematical and DYnamic MOdeling) package.
Environment: Java, FORTRAN, C++, C, XEmacs (IDE), JFC Swing, HP-UNIX, SGI-IRIX, Windows NT, LS-Dyna, HyperMesh, PATRAN/NASTRAN, MaDyMo, MS-Project, MS-Excel, TecPlot
Education
MS in Computer Science), Wichita State University, Wichita, KS August 1998 - July 2000
BS in Mechanical Engineering), Wichita State University, Wichita, KS May 1996 - July 1998
Honors & Activities
Oracle Certified Master Java EE Enterprise Architect, GIAC Secure Software Programmer & Security+.
Above and Beyond award for Application Security at Cerner.
Certified in Developing Enterprise Applications with Enterprise JavaBeans Using BEA WebLogic Server.
Awarded Outstanding use of Computational Resources at Engineering Open House, Wichita.
Awarded Best Graduate Project for Dynamic Analysis of Occupant Safety in Side-Facing Aircraft Seats, Raytheon First Prize & Third Best Graduate Project for Evaluation of Component HIC Testing Apparatus for Aircraft Bulkhead Seating at Engineering Open House, Wichita.
Publications / Articles / Talks
AI Appreciation Day: Celebrating Progress, Embracing Responsibility, IT Security Guru, June ’25
AI Appreciation Day: What The Experts Have To Say, Information Security Buzz, June ’25
Recent version of Neptune RAT is spreading, stealing credentials, Security Magazine, Apr ‘25
Where Will DevSecOps 'Shift' Next?, DevOps Webinar, Apr ’23
Automated Mapping for Security Compliance, Ai4 Healthcare, New York, Nov '19.
Presented at Cerner conferences, provided training and gave internal demos: Topic Modeling using Latent Semantic Analysis, Hey dude! Where is my certificate? and Back to the Future on Static Code Analysis.
Parallelization of an Object-Oriented Three-Dimensional Burnett Equations Solver, the 15th AIAA Computational Fluid Dynamics Conference, AIAA 2001-2590, Anaheim, CA, June '01.
Development of an Object-Oriented Three-Dimensional Burnett Equations Solver for Computing Hypersonic Flows in Continuum-Transition Regime, 39th AIAA Aerospace Sciences Meeting & Exhibit, AIAA 2001-0505, Reno, NV, January '01.
Eulerian Finite Element Analysis of 3D Machining, Proceedings of the IMECE’99, Symposium on CFD in Manufacturing Processes, Nashville, TN, Nov '99.
Kinematics of SID on Side-facing Aircraft Seats, International Journal of Crashworthiness, Vol. 3, No. 4, pp. 393-403, 1998.
Contact this candidate