Security Manager
Resume:
Feng Yu, CISSP
pa583f@r.postjobfree.com
CORE COMPETENCIES
* Thought leader at both forest and leaf levels with exceptional analytical aptitude, proper perspective and ability to see key issues and tackle them with actionable plans.
* Problem solver with track record building innovative solutions, leading large projects that provide long-lasting business values, and troubleshooting complex issues.
* Operation steward that fulfills routine duties steadfast in accordance to policies, standards, SLA/OLA and situational judgment without over-commitment.
* Extensive subject matter expert experiences in infrastructure engineering/operation, enterprise architecture, and application development; seasoned bridge between IT and business.
* Listen, influence through compelling argument, and drive conversation across functional boundaries.
* Prioritize, make sound judgment and tough decisions under difficult circumstances.
DOMAIN EXPERTISE
* Strong experience in planning, engineering and supporting security and middleware infrastructures, including Identity and Access Management, reverse proxy, gateway, load balancer, portal and application servers, using technologies such as Tivoli (TAM, TIM, TFIM, TDI, TDS), WebSphere (AppServer, portal, DataPower, Edge Server), Oracle (OID, OSSO, eBS, PeopleSoft, database), LDAP, Active Directory, PKI, SSO, Kerberos, Cisco ACE, Microsoft UAG, with working knowledge in network, servers (Unix/Linux, Windows) and desktop.
* Solid expertise in enterprise architecture (reference architecture, blueprint, standards and best practices development, technology development, solution/program consulting).
* Extensive application development background in OOAD, C/C++, Java/J2EE, JavaScript/HTML and SQL.
* Seasoned understanding of security policies, standards, procedures and controls; experienced practitioner of IT governance and service management processes and best practices.
PROFESSIONAL EXPERIENCES
04/2008-present: AES Security Team Leader > Enterprise Security Architect, Navistar Inc, Warrenville, IL
Led strategy, planning, engineering and support of Navistar web access and security infrastructure & solution integration, including authentication, SSO, authorization, identity provisioning/synchronization, federation, PKI, SSL, load balancing, gateway/reverse proxy services for web apps and web services.
- Doubled team’s service portfolio and technology footprint while maintaining system high availability and providing end-to-end support and root cause analysis to applications and customers.
- Architected and led the implementation of innovative solutions that provided significant business values as well as remediated vendor technological gap or solution failure, e.g., Oracle eBS security integration, federation, external SharePoint, Maximo SSO, Desktop SSO.
- Collaborated with enterprise architecture in evolving technology standards and guidelines, served as the functional lead in architecture review board, and developing PoC to introduce new technologies.
- Led vendor and technical resource selection and RFI/RFP process in the functional domains.
- Set and prioritized team goals, practices and metrics to support company and department goals and policies.
- Provided assurances that team complies with governance standards and meet team SLA’s.
- Worked with project managers (or acted as PM) to manage major projects across full lifecycle (requirements, scope, risks, task breakdowns, dates and the right resources, changing conditions and targets).
- Guided team’s daily operation (service & change requests) and support (troubleshooting incidents and providing root cause analysis);
Identified and communicated critical technical issues for review and resolution by other infrastructure teams including network, server, database, monitoring, scheduling.
- Served as SME working with customers and vendors to identify and analyze business requirements, define solution scope, design solutions, and build out solutions.
- Mentored and assisted staff members with technologies, judgment and communication; helped set staff development paths; identified and obtained training opportunities.
Toolset: Tivoli (TAM, TDI, TFIM, TDS/LDAP), WebSphere DataPower, load balancer (Cisco ACE, IBM Edge Server), Oracle Identity Management (OID/OSSO), Active Directory, PKI, security integration with major enterprise applications (Oracle eBusiness Suite, SharePoint, PeopleSoft, Siebel, etc), Windows, AIX, Linux.
01/2007-04/2008: Sr. System/Software Engineer, CNA Insurance, Chicago, IL
- Security engineer for Financial Systems Roadmap (FSR), which integrated many vendor (e.g. PeopleSoft, FileNet, BOXi, Avrio) and custom applications into a single security domain. Architected the SSO solution based on WebSEAL/GSO/TDI and product specific security features. Collaborated with development and other infrastructure team with overall build and support responsibilities. Solution recognized with the company’s highest employee award, Focus on Success Award – gold level.
- Infrastructure engineer deploying/developing EDA R3, a TIM/TDI based IAM solution that centralizes and automates enterprise user provisioning, auditing, delegates user administration, as well as synchronizes user passwords across user repositories. HR feed comes from Peoplesoft database, with Active Directory, corporate LDAP, TAM, GSO, and ACF2 as managed systems.
- Led process improvement for team’s TAM/LDAP/TIM operations.
- Key contributor to identity management reference architecture and blueprint.
- Identified enterprise web architecture deficiencies and security vulnerabilities (WAS5/TAM5, WAS6/TAM6), and led remediation efforts.
LDAP/TAM/TIM/TDI pre-production support and 3rd tier production support, including application onboarding, user administration, system maintenance, monitoring, and troubleshooting.
- Developed Jython script to support automated WebSphere 6.1 application deployment.
Toolset: SunOne LDAP 5.2, TAM 5.1/6.0, TIM 4.6, TDI 6.0, IDS 6.0, WAS 5.x/6.1, Shell Script, Python, SiteScope, Unix, Windows.
10/2005-01/2007: Software Architect, Standard Insurance Company, Portland, OR
- Developed reference architecture and blue print for portal and web security, and authorized portal and web security standard and best practices documents.
- Provided security guidance/governance to large programs (California Teachers Association, Call Handling).
- Led design and implementation of Portal & Identity Management POC (integrated WP & WCM v5.1/TAM/ TIM/TDI/RDBMS build-out, IDM reference app deployment, WP v6/TAM integration).
- Designed/built TAM (LDAP/WebSEAL/Policy Server) high availability, and consulted web apps HA.
- Led Tivoli Identity Manager phase II design & build: v4.6 upgrade & features, Oracle passwords self-care.
3rd tier web infrastructure support (TIM, TAM/LDAP, WAS & IHS).
- Mentored staff members, recommended and supported team processes and practices.
Toolset: WebSphere Portal 5.1/ 6, WebSphere AppServer 5.x-6.0, TIM 4.5.1/ 4.6 (w/ Oracle & TAM Adaptors), TAM 5.1 w/IBM LDAP, Tivoli Directory Integrator 6.0, Active Directory, Oracle 8/9/10, Solaris 9, Windows.
12/97- 09/05: IT Consultant/Software developer
Perficient Inc., Ann Arbor, MI
Lead consultant responsible for developing integrated WebSphere portal/WCM/TAM architecture as well as solutions for enterprise clients to address web portal, content management, collaboration and security needs.
Toolset: Websphere Portal, SameTime, TAM, Active Directory, SunOne LDAP, IDS, RAD 6 ,Oracle9i, DB2.
Ford Motor Company, Dearborn, MI
Collaboration architect responsible for maintaining enterprise online collaboration reference architecture and developing related technology standards. Led WebSphere Portal selection (requirements, gap analysis, integration architecture, vendor management, infrastructure build out). Authored corporate Application Security Integration Guide based on corporate user registries/SSO system/WAS security to facilitate integration of J2EE based products into corporate security infrastructure. Authored corporate Portlet Development Standard based on JSR-168. Key contributor to enterprise IT reference architecture for portal, ECM, and collaboration.
Toolset: WPS v5.02 Extend, Oracle, Active Directory, Ford SSO (WSL), Plumtree Portal, eRoom, Fatwire.
Deep Green Bank, Independence, OH
Led the design, infrastructure build-out, and system development of the GetAccess solution. The solution replaced the existing Entrust GetAccess security plugin with a custom Apache/J2EE based security plugin with reverse proxy functionality, thus providing seamless security integration between multiple existing ASP based corporate B2C/B2B websites and the new OAS/Portal environment.
Toolset: OAS 9.04, IIS, ANT, Servlets/JSP, JNDI, Active Directory, Apache & URL Rewriting, Linux, Windows.
Compuware Corp, Detroit, MI
Senior software developer for the AppServer Integration subsystem for OptimalJ, a Model-Driven-Architecture J2EE development product. This subsystem generates deployment descriptors, configures/manages appservers & apps (Servlet, JSP, EJB, DAO, JMS, JCA & web services), which provides OptimalJ with integrated deployment/ testing capability with all major appservers.
Toolset: OptimalJ 3.x. JBoss 3.x, Oracle 9iAS, WAS 5.0, WebLogic 8.0, SunOne 7.0, NetBeans, ANT, JBuilder.
Ford Motor Credit Company, Dearborn, MI.
Senior software developer for Automated Credit Application Processing, which streamlined commercial vehicle lending for Ford Credit branches & dealers nationwide. Helped customers with business process reengineering. Advised on project plan, created system design, and coordinated dev & testing processes. Coded the Change Credit Application Module. Mentored teammates on technologies, OOAD & best practices.
Toolset: WebLogic 6.1/ 7.0, Oracle 8.1, Visual Café, QARunner, ANT, PVCS, MagicDraw, XML, XSLT, FOP.
Image Process Design (IPD), Bloomfield Hills, MI
Lead software developer for the design/implementation of Ultera, IPD's Java based prototype for its existing medical claim processing product. Created product technical specs, designed/implemented Ultera Document Viewer on top of IBM EIP. Optimized Ultera Service Provider Interface (SPI) between COM+ middle-tier and IBM content repository with dramatic performance improvement.
Toolset: IPD Ultera, IBM Enterprise Portal & Content Manager, WAS 3.5/4.0, WSAD 4.0, QALoader, ANT.
Kmart Corp, Troy, MI
Lead developer for TraKmaster, which provided assistance to Kmart’s $1 billon infrastructure upgrade by keeping track of network equipment status. The solution generated over 3.5 million dollars projected savings over 7 years by changing the network equipment maintenance model from per unit to on-demand. Regarded by Kmart’s operation team as the most stable in-house developed web solution. Responsibilities included assembling a development team, designed application framework, coded core functionality module (network device pooling, analysis and persistence), managing development, testing and release process.
Toolset: EJB, JSP, Servlet, JDBC, JavaMail, XML/XSL, AdventNet SNMP SDK, WAS 3.5, VAJ 3.5, JUnit, DB2.
DaimlerChrysler Corp, Auburn Hills, MI
Senior developer for Digital Vehicle Dimensions (DVD) & Advanced Vehicle Synthesis (AVS). DVD provided innovative 2-D geometry study services for corporate/competitors’ vehicles, and evolved into AVS that streamlined concept phase vehicle geometry design. The solution was commended by engineering customers as the most successful in-house developed engineering IT application. Responsibilities included requirement analysis, solution architecture, building C++ library that extracted 2D vehicle geometry from Catia into portable SVG format, developing XML data exchange between DVD & Catia, and building custom Java 2D/XML based viewer for lightweight manikin placement and vehicle dimensional study/report. Created custom security subsystem with ACLs and delegated administration to meet cross vehicle platform security requirements. Researched Corba/DCOM integration and expert systems.
Software Developer for eShop, a supplier chain management system to exchange catalogs and POs with corporate suppliers through XML (XCBL) and MQSeries. Designed and coded the server side Java components. Vastly shortened development cycles by introducing JAXB. Mentored team members on technologies.
Toolset: C++, Java, XML/XSL, Servlets/JSP, Swing, JDBC, JavaCC, JavaMail, Netscape Directory Server, LDAP client, Oracle 8i,WAS 3.02, SVG, Catia, ClearCase, Rational Rose, CLIPS, Rete++, AION, JAXB, MQSeries, Ant.
Variation Systems Analysis, St. Clair Shores, MI
Maintained & led the redevelopment of DMIS, a parser that implements Dimensional Measuring Interface Standard by parsing dimensional inspection data w/ CMM nominal values, computing part geometry tolerance statistics, and exposing geometry model API for Geometric Dimensioning and Tolerancing (GD&T) analysis.
Toolset: C/C++, Visual Parse++, Visual C++, BoundsChecker, PVCS. NT, Solaris, IRIX, AIX.
EDUCATION
MS, Computer Engineering, Wayne State University, Detroit, MI, 1997.
BA, Philosophy, Beijing University, Beijing, China, 1994.
PROFESSIONAL CERTIFICATIONS
Certified Information Systems Security Professional (CISSP)
ITIL Foundation Certified V3
IBM Certified Deployment Professional Tivoli Access Manager v6.1
IBM Certified Deployment Professional Tivoli Identity Manager v4.6
IBM Certified Advanced System Administrator, WebSphere Application Server v3.5, v6.1
Sun Certified Java Developer, v1.1
Sun Certified Java Programmer, 1.1
Contact this candidate