Todd P.
Rossin
(610) 329-3276 Cell
PROFESSIONAL EXPERIENCE
Access Identity, Inc.
- Identity Management
(IdM), Access Management (IAM), RBAC and Password Management consulting
Horizon
Blue Cross Blue Shield (BCBS).
- Identity Management Project Lead
Responsible for managing a
development team consisting of 12
resources in deploying a Sun Java System Identity Manager 7.1 full lifecycle
implementation. Supplied architectural
guidance for provisioning workflows, physical architecture and design. Resources
provisioned to included Active Directory, Sun Role Manager (Vaau RBACx), QBlue
and NASCO.
- Access Management Project Lead
Responsible for managing a
development team consisting of 15
resources in deploying Sun Java System Access Manager 7.0 (as replacement for
BMC’s UIdP) from Dev to UAT to Production implementation.
- Role
Based Access Control (RBAC) Analyst
Evaluated current role
development and assignment processes, created gap analysis, instituted short
term process improvements for manual role assignment while developing process
improvements through Sun Role Manager (Vaau RBACx) application. Baselined enterprise roles and analyze toxic
combinations (separation of duty reports) and restricted roles by analyzing
Human Resource and target platform reports. Worked with Auditor and internal
security and role management personnel to eliminate pain points in manual
process as a gap step to full workflow, tasking and forms based Role request
system provided by Sun Java System Identity Manager implementation. Worked with the business to redefine
the role governance process and business process for modification, approval &
removal of roles.
- Identity Management Strategist/Architect
Road mapped 5 year Identity and Access Management architecture and
work streams for presentation to CTO/CIO.
Planned
Systems International (on contract for DoD RITPO Military Health Systems (MHS)).
Serving
as contractual Master Integrator on
multi-phase, multi-project Service Oriented Architecture (SOA) Identity and
Access Management project (IdM, SSO, PKE, CAC).
Identity Management Architecture, design, analysis and technical
management (of a 17 member team) in support of Homeland Security Presidential
Directive-12 (HSPD-12) Common Access Card (CAC) implementation, Application
Single Sign-On (SSO w/ Sun Access Manager) & Self-Service Registration
(Provisioning w/ Sun Identity Manager - SPE) with password management for
a user base of 9 million. Additionally created Identity Management and Single
Sign-on Business & System requirements, Use Cases, Project Plans,
Architectural System Design documentation and deliverables.
- Federated Identity Management –
Identity Management Architect, Project Lead, Technical Delivery Team
Manager
Architecture, design and technical
management of Sun Java System Identity Manager -Service Provider Edition (SPE)
v.7.1 implementation for federated application self-service registration, password
management, account and linking & synchronization.
- Common Access Card (CAC) – Project
Lead, Technical Delivery Team Manager
Technical management of Common Access
Card integration for authorization to 26 military applications per HSPD-12. Management of upgrade to Sun Java Enterprise
System (JES) 2005Q4 release and Sun Java System Portal System design of Entry,
Failure and Logon pages.
- Single Sign-On (SSO) – Project
Lead, Technical Delivery Team Manager
Technical management of SSO integration
of Sun Java System Access Manager v.7.0 (over JES) for multiple applications.
Capital One.
Identity Management Architecture, design, analysis and management. Provided Identity data for future roadmap in Provisioning, Access Management and Federation as well as multiple project roles.
· IdM Distributed (Multiple Instance) Provisioning Project - Identity Management Architect
Provided architecture, design, and
subject matter expertise in analyzing of Sun Java System Identity Manager
v.6.0, SP1 in a Spoke and Hub method in which multiple instances of the
provisioning application were utilized.
Analysis built on existing single SIM implementation covering Identity
data creation with multiple SIM instances covering local application
provisioning leading to creation of factory model.
·
Data Warehouse
for Identity Audit – Identity Management Architect
Arch. for Data Warehouse project for storing historical Identity audit data
(who has access to what, when, who approved, etc.).
·
Sun JS
Identity Manager v.6.0 SP1 Proof of Concept (POC) – Technical Lead, Architect,
Business Analyst
SIM 6.0 proof of concept leveraging
existing SIM instance as well as legacy provisioning tool utilized to determine
the viability of a Federated provisioning model.
·
Provisioning
Data Remediation Initiative – Business Analyst, Technical Editor, Quality
Assurance
Amalgamation, Quality Assurance and
validation of all Identity Management Design, Architectural documentation and
artifacts.
Rohm &
Haas.
·
Identity
Management Consultant
Hosted and
ran Identity and Access Management workshop to architecturally plan and detail
a multi-work stream IdM effort utilizing BMC Identity Manager for .Net, MIIS,
Passlogix V-GO, and Tivoli Access Manager.
Rockwell
Automation.
·
Identity Management
Subject Matter Expert (SME)
Presented best practices to be utilized
for an upgrade of Sun Java System Identity Manager v.5.0, SP2 to version 5.5,
SP6
Northrop
Grumman (on contract for the Center for Medicare & Medicaid Services
(CMS)),
SME, Management, Design and Architecture on IdM work streams: Provisioning (Sun Identity Manager) and Federation (Sun IdM – SPE).
·
IdM
Provisioning Project - Project Lead, Technical Lead, System Analyst, Subject
Matter Expert (SME)
Project and Technical design and
planning of multi-phased implementation of Sun Java System Identity Manager 5.5
and 6.0.
Phase I consisted of fixing existing provisioning implementation due to
implementation team replacement.
Temporary fix phase included adding Modify and Deprovisioning tasks and
modifying hard coded roles, rules and processes in dynamic workflow,
dynamically changing roles and adding flexibility to rule policies. Phase II consisted of replacing existing Sun
IdM infrastructure to allow for re-engineered provisioning environment
(addition of Sun One directory with improved DIT, Sun IdM v.6.0 for internal
users, Sun IdM – SPE for External users) with integration of several
multi-platform applications within Sun's Identity Management System (Sun IdM,
SPE, Sun Access Manager).
· IdM Federation Project (Federated Provisioning) – Systems Analyst, SME
Integration of Sun Java System Identity Manager – Service Provider Edition (SPE) for registration and self-administration of Medicare/Medicaid application for a user base of 65 million people. Delegated administration for medical practice (partner) and customer self-management. Federated provisioning for facilitating business interactions among medical practices. Auditing and reporting of provisioning and federated transactions for privacy and regulatory compliance.
United Health
Group (UHG).
SME, Management, Design and Architecture on IdM work
streams: Provisioning (Sun Identity Manager) and Federation (Ping Federate)
leading a team of 14 people.
·
IdM
Provisioning Project - Project Lead, Technical Lead, SME
Planned and
ran implementation of Sun Java System Identity Manager 5.5 (development) &
6.0 (dev/QA/production) as replacement for home grown provisioning system into
AD, UNIX, RACF, Peoplesoft as well as hundreds of applications and databases. Created high
level and technical project plans. Vetted Architectural diagrams. Wrote
Business Requirements, System Requirements, and supporting IdM
documentation. Ran current state
documentation and future state planning sessions.
·
IdM
Federation Project (Federated Single-Sign On) – Project Lead, Technical Lead,
SME
Implemented Ping Identity’s Ping
Federate v.2.1 using SAML 1.1
protocol to provide authentication, attribute and authorization portability
across autonomous security domains for UHG alliance partners and customers
(i.e. used PingFederate to enable standards based single sign-on and attribute
exchange across domains).
Capital One,
SME, Management, Design and Architecture on IdM work
streams, Access Management (SSO and Application Security and Entitlements via
Entrust’s Get Access and BMC’s Control-SA), Password Management, Provisioning
(Sun/Waveset Identity Manager), Delegated Administration, Third Party Data
Management (Federation) and Directory (LDAP) Management – Novell’s eDirectory,
MS Active Dir and MIIS) with a team of 16 people.
·
IdM
Provisioning Project - Team Lead, Technical Lead, SME
Wrote Business
Requirements, System Requirements, RFI, RFP and all supporting documents
leading to Vendor selection and management.
Ran Proof of Concept. Planned and ran product implementation of Sun Java
System Identity Manager (previously Waveset Lighthouse) in provisioning project
as replacement (in some instances) and/or addition for BMC Control-SA for
provisioning into Unix, Tandem Base24, RACF, Unisys & Oracle.
·
IdM
Sarbanes Oxley Project (Access Management, Centralized Workflow)- Technical Lead, Systems Analyst, SME
Planned and ran parts of Sarbox
technical implementation using Sun Identity Manager as a centralized workflow
in a 90 day implementation model in order to achieve regulatory
compliance. Additionally planned and
implemented Disaster Recovery.
Environment manager for Dev, QA, and production environments.
·
IdM
Workforce Lifecycle Project - Business Systems Analyst
Creation of Identity Management
Roles/Rules processes, Use Cases, Workflow and Data Flow documentation. Documentation of existing (“As-Is”) process
in order to develop process improvements (“
McDonalds
Corp.,
·
Identity
Management Lead, Technical Lead, Business Systems Analyst
Creation of Identity Management process, strategy, best practices and
architecture documentation including Access Management, Password Management,
LDAP Management, Provisioning, Delegated Administration, and Sponsor Lifecycle
Management utilizing the Rational Unified Process (RUP). Creation of Cost/Benefit analysis, Project
Charter and Project Plan. Identity
Management vendor and services selection.
GlaxoSmithKline,
·
Identity
and Access Management Architect
Client implementation planning of Netegrity SiteMinder 5.5 w/ Netegrity
IdentityMinder 5.6 (Web Edition) utilizing iPlanet (LDAP) and Oracle 9i.
Process planning and architecture. Delivery of Statement of Work (SOW) for
Netegrity eProvisioning.
Business Layers Inc. (since acquired by Netegrity Inc. and subsequently Computer Associates) Rochelle Park, NJ Jul.01-Jul.03
·
Identity
Management - Sr. Analyst, Professional Services and Technical Specialist roles
Implementation and support of Identity Management software including Business
Layers eProvisioning, (now known as
Netegrity IdentityMinder w/ Provisioning, also known as BMC
Control-SA/eProvision and SchlumbergerSema Secure Provisioning Director),
Netegrity SiteMinder 5.5, Netegrity IdentityMinder 5.6 w/ Web and Provisioning
modules and associated support software including LDAP directories (Active
Directory, Novell Directory Services, Netscape iPlanet, IBM SecureWay),
multi-NOS platforms, Database (SQL 7, 2000), and ILOG J-Rules (Java based) and
VB Script.
·
Identity
Management - Corporate Training (Technical).
Responsible for design, development and delivery of all proprietary Identity
Management curriculum and non-proprietary technical curriculum, courseware,
policies and procedures, created courseware images, and management of corporate
IT training staff. Designed and presented six training programs that
established a standardized, consistent curriculum for worldwide training
services for both technical and non-technical clients and representatives.
Additionally filled roles in Post-Sales and Pre-sales Engineering, and
Technical Support of Identity Management, Provisioning tool set, LDAP (ADS, NDS
and iPlanet), MS SQL Server 7 & 2000.
PRIOR POSITIONS
Alcoa,
Inc.
AstraZeneca.
Judge
Group, Inc.
- Certified Trainer/Consultant (
- Systems Engineer/Administrator
(contract at
R.H.
Donnelley.
The
MBNA
Corporation -Hallmark Information Systems.
TA
Instruments Inc.
F.Schumacher
& Co.
Tandy
Corporation (
INDEPENDENT TECHNICAL CONSULTING 1993- 2001 (Independent Short
Term Contract/Retainer Work)
SPX Corp.
PECO Energy. Philidelphia, PA Oct. 99 - WWW and FTP implementation and
training using IIS 4.0, FrontPage 98, and HTML.
Government of
Maduro & Curiel’s Bank.
W.L. Gore.
Leonard, Tillery &
Sciolla Law Firm.
EDUCATION
IDENTITY MANAGEMENT TRAINING
Sun Java System Identity Manager (previously Waveset
Lighthouse) 4.1, 5.0, 5.5, 6.0
CA/Netegrity (previously Business Layers) eProvision
CA/Netegrity SiteMinder 5.5 & CA/Netegrity
IdentityMinder 5.6
Ping Identity –
IBM Tivoli Identity Manager (TIM)
Passlogix – v-GO
Single Sign-On
M-Tech P-Synch - Single Sign-On
M-Tech ID-Synch - Provisioning toolset
Proginet – Password Management
TECHNICAL CERTIFICATIONS
IDENTITY MANAGEMENT
HP AIS – Identity Management. Accredited Integration Specialist for HP
OpenView Select Identity and Select Access.
Netegrity SiteMinder Administration Specialist. SiteMinder.
Netegrity Identity Management Specialist. IdentityMinder w/ Web and w/ eProvisioning.
SOFTWARE
MCSE 2000 (Microsoft
Certified Systems Engineer - Windows 2000 track) .
MCSE 4.0 + Internet (Microsoft Certified
Systems Engineer - Windows NT 4.0 track w/ Certified Internet Specialist).
MCDBA 2000 (Microsoft Certified Database Administrator - SQL 2000 track).
MCSA 2000 (Microsoft Certified Systems Administrator - Windows 2000 track)
MCP + Internet (Microsoft Certified Internet Professional).
MCP (Microsoft Certified Professional - Product Specialist). In each of the following technologies:
Win 2000 Security Design, Win 2000 Network Design, Win 2000 Network Management, Win 2000 Network Admin, Win 2000 Directory Services Design, Win 2000 Directory Services Admin, Win 2000 Server, Win 2000 Professional, Win NT4 Server Enterprise, Win NT4 Server, Win NT4 Workstation, TCP/IP, SQL 2000 Design, SQL 2000 Admin, Exchange Server 5.5, Proxy Server 2.0, IIS 4 (Internet Information Server), IEAK 4 (Internet Explorer Administration Kit), FrontPage 98, Win95, Win98.
MCT (Microsoft Certified Trainer) – Retired Cert. Instructor for over 55 MS Courses.
CCA XP (Citrix
Certified MetaFrame XP Administrator).
CCA 1.8 (Citrix Certified MetaFrame 1.8
Administrator).
CompTIA Network+
(Certified Network Technician).
CompTIA I-Net+ (Certified Internet
Technician).
HARDWARE
CCNA 1.0 (Cisco
Certified Network Associate) - Retired Cert. ISP Dial, and Routing &
Switching.
NNCDS (Nortel Networks Certified Design
Specialist) - Data. Data Networks Design Specialist.
NNCSS (Nortel Networks Certified Support
Specialist) - Data. Data Networks Support Specialist.
BNCS (BAY Networks Certified
Specialist). Router Specialist.
3Com CSA (3Com Certified Solutions
Associate).
AMP Registered Installer : LAN
cabling systems - Fiber Optics, Coax, Cat 3,4,5 UTP and 150ohm STP-A
AMP Registered Certifier and
Troubleshooter : Fiber Optics, Coax, Cat 3,4,5 UTP and 150ohm STP-A
CompTIA A+ (Certified Computer
Technician).
Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management, Identity Management,Identity Management,Identity Management,Identity Management,Identity Management,Identity Management, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Oracle Identity Manager, Sun Access Manager, Oracle Identity Manager, Sun Access Manager, Oracle Identity Manager, Sun Access Manager, Oracle Identity Manager, Sun Access Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Oracle Identity Manager, Sun Access Manager, Oracle Identity Manager, Sun Access Manager, Oracle Identity Manager, Sun Access Manager, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Oracle Identity Manager, Sun Access Manager, Oracle Identity Manager, Sun Access Manager, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Oracle Identity Manager, Sun Access Manager, Oracle Identity Manager, Sun Access Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Oracle Identity Manager, Sun Access Manager, Oracle Identity Manager, Sun Access Manager, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Netegrity, Business Layers,Netegrity, Business Layers,Netegrity, Business Layers,Netegrity, Business Layers,Netegrity, Business Layers,Netegrity, Business Layers,Netegrity, Business Layers,Netegrity, Business Layers,Netegrity, Business Layers,Netegrity, Business Layers,Netegrity, Business Layers,Netegrity, Business Layers,Netegrity, Business Layers, Computer Associates, CA, eTrust, Computer Associates, CA, eTrust,Computer Associates, CA, eTrust,Computer Associates, CA, eTrust,Computer Associates, CA, eTrust,Computer Associates, CA, eTrust,Computer Associates, CA, eTrust, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Passlogix, Passlogix, Waveset, Lighthouse, Sun Identity Manager, Sun Access Manager, Sun Access Manager, Sun Access Manager, Sun Access Manager, Sun Access Manager, Sun Access Manager, Sun Access Manager, Sun Access Manager, Sun Access Manager, Sun Access Manager, Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,Resume,MCSE, CCNA, MBA, A+, N+, MCP, Cisco, Microsoft, Novell, Nortel Networks, 3Com, Tech2Net, Access Management, Oracle Identity Manager, Sun Access Manager, Oracle Identity Manager, Sun Access Manager, MCSE, CCNA, MBA, A+, N+, MCP, Cisco, Microsoft, Novell, Nortel Networks, 3Com, Tech2Net, Access Management,MCSE, CCNA, MBA, A+, N+, MCP, Cisco, Microsoft, Novell, Nortel Networks, Oracle Identity Manager, Sun Access Manager, Oracle Identity Manager, Sun Access Manager, 3Com, Tech2Net, Access Management,MCSE, CCNA, MBA, A+, N+, MCP, Cisco, Microsoft, Novell, Nortel Networks, 3Com, Tech2Net, Access Management,MCSE, CCNA, MBA, A+, N+, MCP, Cisco, Microsoft, Novell, Nortel Networks, 3Com, Tech2Net, Access Management, BMC Control-SA, LDAP, BMC Control-SA, LDAP,BMC Control-SA, LDAP,BMC Control-SA, LDAP,BMC Control-SA, LDAP,BMC Control-SA, LDAP,BMC Control-SA, LDAP,BMC Control-SA, LDAP,BMC Control-SA, LDAP,BMC Control-SA, LDAP,BMC Control-SA, LDAP,BMC Control-SA, LDAP,BMC Control-SA, LDAP, SUMMARY Information Technology and Security professional with over 10 years experience in architecting and deploying Identity Management, LDAP Directories, Single/Reduced Sign-On (SSO), Provisioning and Provisioning/Identity Workflows, Access Management, RBAC (Role-Based Access Control), Compliance and Auditing Technologies, Federated Identity/Federation, Enterprise System Architecture, Security Infrastructure Design, Authentication and Authorization technologies, as well as custom-built security and technology frameworks. Proven technical leadership skills include the ability to manage teams, earn the respect of its members, lead by example, and thrive in an entrepreneurial environment. Persuasive verbal and written communication skills compliment a proven ability to multi-task, maintain an organized approach, and ensure success - even when faced with high-pressure or high-risk situations. Engagements within many large-scale environments, both public and private, as a consultant including Barclays Global , DHL Airways, Visa, Chevron-Texaco, Deutche Bahn, Department of Housing and Urban Development, Syracuse University, Widener University, Toyota, Blue Cross Blue Shield, and Bechtel. Experience in the Banking, Energy, Government, Education, Pharmaceutical, Healthcare, Auto and Telecom Industries. User populations have fluctuated from a few dozen to an excess of 180,000 people. IDENTITY MANAGEMENT & SECURITY: IBM Tivoli Suite (ITIM/TIM, TAM), Webseal, RSA SecureID, PKI, Kerberos, CA/Netegrity SiteMinder, CA/Netegrity IdentityMinder, Sun Identity Manager, Sun Access Manager, Oblix/Oracle COREid, Passlogix Single Sign-on, Oracle Identity Manager, SUN/IBM/Oracle Federation Manager, Vaau RBACx and BridgeStream/Oracle SmartRoles. LDAP DIRECTORIES: Microsoft Active Dir., AD/AM, IBM Secureway, Tivoli Directory Server, NDS/Novell eDirectory, and Sun One Directory Server. BACKOFFICE SOFTWARE: Database (SQL/Oracle), Webserver (IIS, Apache, IBM), Reverse Proxy, Citrix, Terminal services, Portal (Plumtree, Websphere Portal) Application Server (BEA Weblogic, IBM Websphere, Sun Java System), Integration (DirXML, Websphere MQ Workflow), RACF. OPERATING SYSTEMS: Microsoft Windows up to Windows 2003 Enterprise Edition, UNIX (SOLARIS 2.x, SOLARIS, AIX, IRIX, HP/UX, LINUX, MS-DOS, and z/OS. NETWORKING: TCP/IP, DNS, WINS, NFS, Samba, NIS, NIS+, and NetBIOS. RBAC and Identity Management Subject Matter Expert * Work with Finance to analyze entitlements for Oracle Applications, Hyperion and Business Objects for 20,000 users to identify gaps in current provisioning processes * Project Manager/Lead the Business and IT teams through a process to evaluate vendors, conduct a product POC, and finally the implementation of the chosen product. * Develop integration strategy between Oracle Identity Manager, Novell Identity Manager, eDirectory, Active Directory, Virtual Directory and RBAC solution. * Develop enterprise roles (RBAC), toxic combinations (separation of duty) and restricted roles by analyzing current entitlements. IDM Consultant * Implement and configure Oracle Identity Manager and AD adapter to perform trusted reconciliation. * Configure delegated administrators for management of Xellerate and AD accounts. * Send daily notifications of disabled accounts to administrators. IDM/RBAC Consultant * Implement SUN / VAAU RBACx in across three environments, Test, QA and Production. * Configure VAAU for role management/governance and certification / user attestation. * Develop enterprise roles (RBAC), toxic combinations (separation of duty reports) and restricted roles by analyzing Human Resource and medical applications for a user population of 25000 (physicians, clinicians, and employees) and 11 core applications. IDM Consultant/Strategist * Interview key subject matter experts to determine current IDM/security hardware and software profile. * Analyze current network layout, services and resources to determine required access. * Determine user roles and responsibilities, classifying like users into groups to ease maintenance and rule implementations controlling access to resources appropriate to user and group classifications * Analyze and document (both existing and potential) solutions for the following: User account provisioning/de-provisioning, Enterprise Directory Services, Single Sign-On (web and desktop), Password Management, Role-Based access control, Strong Authentication * Provide documentation and recommendations detailing best practices for user and access control as determined by independent research and current like institution implementations. Senior Architect * Evaluate RBAC products, (BridgeStream and Vaau), recommend and implement RBAC product at Horizon. * Develop enterprise roles (RBAC), toxic combinations (separation of duty reports) and restricted roles by analyzing Human Resource and target platform reports. Senior Architect * Project Manager and Lead Architect for the implementation of IBM TAM E-SSO (Passlogix v-GO Single Sign-On), AM (Authentication Manager), SM (Session Manager) solution to all store locations and internal company employees. Senior Security Consultant * Developed enterprise roles (RBAC), toxic combinations (separation of duty reports) and restricted roles by analyzing Human Resource and target platform reports. * Worked with the business to define the role governance process and business process for modification, approval and removal of roles. * SOD (Segregation of Duties) reporting requirements analysis and implementation using SUN Identity Auditor v7.0 * SME for the upgrade of SUN Identity Manager v4 to v6.0 SP1 Senior Security Consultant * Project Manager and Lead Architect for the implementation of Passlogix v-GO SSPR (Self-Service Password Reset), SSO (Single Sign-On), AM (Authentication Manager), SM (Session Manager) solution to 8,000 employees. Employee populations included clinical employees in a shared workstation environment (bank branches).SELECT MEDICAL (HARRISburg, pennsilvania) Senior Security Consultant * Project Manager and Lead Architect for the implementation of IBM TAM ESSO (Passlogix v-GO SSO) and TAM ESSO Desktop Password Reset Adapter (Passlogix v-GO Self-Service Password Reset), and TAM ESSO Kiosk Adapter (Passlogix v-GO Session Manager) solution to internal population. Employee populations included clinical employees in a shared workstation environment (medical offices). Senior Security Consultant * Developed enterprise roles (RBAC), toxic combinations (separation of duty reports) and restricted roles by analyzing Human Resource and target platform reports. * Worked with the business to define the role governance process and business process for modification, approval and removal of roles. * Imported roles into Identity Management system (BMC Control-SA), managed implementation of roles and role management in Identity Management system including workflow for managing roles using TCL and PERL scripting. * Installation and basic customization of Sun Identity Manager on Websphere 6.0 platform. Project Manager & Senior Security Consultant * Project Manager for the implementation of Sun Identity Manager using SUN’s AIM Methodology. * Overall responsibility for daily client management, interactions and on-time delivery of applications and services. * Responsible for project deliverables including: functional and technical requirements, architectural specification, design document including workflows, project plans and weekly project status deliverables. * Integration of core applications (Lotus Notes, Active Directory, and PeopleSoft) using standard resource adapters and custom resource adapters. PeopleSoft integration using SPML web services. * Custom integration with Oblix SSO (modification of custom resource adapter and native authentication methods). Senior Security Consultant * Project Manager for the implementation of Passlogix v-GO SSPR (Self-Service Password Reset), SSO (Single Sign-On), AM (Authentication Manager), SM (Session Manager) solution to 100,000+ employees. Employee populations included clinical employees in a shared workstation environment. * Managed and deployed custom development and integration of Xyloc (Proximity Badge solution) with SSO product Identity Management Consultant * Consultant for the Implementation of CA/Netegrity Siteminder, to integrate various enterprise applications, including but not limited to custom web applications and Novell eDirectory. Senior Security Consultant * Project Manager for the implementation of Passlogix v-GO SSPR (Self-Service Password Reset) solution to 13000 employees Senior Security Consultant * Project Manager and Lead Architect at H&R Block for the implementation of CA SiteMinder and CA IdentityMinder implementation for their seasonal hiring process of 120,000 tax professionals. * Managed integration of Identity Management project and custom TIBCO portal. * Developed and Deployed LDAP strategy including Authentication and Authorization stores, and migration and transformation of directory data. * Developed requirements for MIIS data flows Corporate Data Security Consultant * Lead Excellus BCBS through a RFI, RFP, and POC process for an enterprise Identity Management solution. Evaluation of SSO vendors Passlogix, ActivCard and eTrust SSO * Security advisor and architect for Corporate Data Security on the following initiatives: Websphere Portal, Custom & Vendor Health Care applications, Java Development environment including Websphere Application Server, LDAP Directory (on the mainframe), Corporate Desktop and Server security and Identity Management Project. * Managed the communication of business solutions delivery activities with IT leadership, other IT functions, and outside organizations such as vendors, consultants, suppliers, and customers. * Project Manager for the implementation of Passlogix v-GO SSO solution to 5000+ employees. * Evaluation, installation and configuration of Sun Directory, Sun Identity and Access Manager in a POC environment. * Designed and delivered training to end-user, architects and IT executives on various topics including: LDAP, Identity Management, and Sign Sign-on Identity Management Consultant * Completed installation of Netegrity IdentityMinder including task persistence, workflow, auditing and email notification. * Identity Management advisor and architect for User Management/Identity Management project. * Consultant advisor for Waveset Lighthouse (SUN Identity Manager) project. Helped define design document and match business requirements to product capabilities. * Reviewed customization and integration with eDirectory, DirXML and various other systems. Security Services and Identity Management Consultant * Project Manager for an Oblix COREid Project (Active Directory Application Mode user repository) designed to provide strong authentication and authorization for internal and external websites. * Lead and managed efforts to develop processes and tools for access and identity management architecture, and deployment for clients. * Identified and resolved complex issues and developed innovative solutions for the client's business and technology goals. * Provided technical assistance relating to the design and implementation of the security and control of client's networks. * Served as lead author of reports, plans, presentations, and other written products, and developed and implemented project plans. Practice Leader, Identity Management * Overall responsibility for deploying Identity Management solutions including provisioning, web access management, and portals. * Products used and deployed include Netegrity IdentityMinder and SiteMinder, TruLogica Concero, and Plumtree portals. * Lead, architect and implemented multi-vendor integration initiatives for deployment of Identity Management solutions. Hands-on implementation of IdM solutions on both Unix and Windows platforms. * Project Manager, Lead Architect for Netegrity IdentityMinder implementation for GlaxoSmithKline. * Project Manager, Lead Architect for Netegrity IdentityMinder implementation for Coppin State College. * Delivered five day IdentityMinder Corporate training to State of Tennessee. Technical Support Director, North America (Reports to the Chief Operating Officer) * The software suite is developed using java, asp and visual basic, all of which I am proficient in. * In additional to being proficient with the development technologies I have expert knowledge in all of the target systems and their components that the product manages, including LDAP directories, security and databases. * Support and deployment on both UNIX/LINUX and Microsoft based operating systems in conjunction with an LDAP directory including: Active Directory, Secureway, NDS (eDirectory) and iPlanet. * The back office systems for which I am responsible for implementing and supporting include Databases, Exchange Servers, Firewalls, and HR systems (SAP & Peoplesoft), mainframes (RACF, AS/400) and Security infrastructure including RSA SecureID, Schlumberger DeXa Badge, Netegrity SiteMinder, Netegrity IdentityMinder and various Certificate Authorities. * Installation of Netegrity Siteminder, Netegrity IdentityMinder in production and development environments. * Responsible for reviewing and recommending enterprise identity management solutions and deployment alternatives to external customers and internal end-users. IT Manager (Reports to the Chief Information Officer) Applications Development Manager (Reports to the Chief Information Officer) * Responsible for corporate information technology standards which included establishing and communicating corporate standards, implementing solutions and managing the information technology budget. Recruited and trained staff for internal help desk support, LAN/wan support and server support throughout the enterprise. Responsibilities included: * Delivered basic IT services – connectivity, desktop, mobile/remote computing, Information security and IT training and management of the Internal 24/7 Help Desk to support mobile users and setup a call center for internal customers with case tracking system * Installation, configuration and on-going maintenance of UNIX and NT software development environment, including SUN, HP, IBM, Alpha, Linux and NT servers with multiple OS revisions * Development and implementation of enterprise wide desktop and server backup and archiving strategies for all operating systems * Implemented and Developed corporate standards for technology for email, networks, desktops, laptops and data centers * Evaluation and requirements analysis for HR/IS and Financials ERP system including: PeopleSoft, SAP, Lawson’s, Clarify * Project Management for Pivotal (CRM) nation-wide implementation and deployment (~500 employees). Successfully deployed Pivotal nation-wide, including development staff (consultants and internal resources), deployment and training System/Network Administrator (Consultant) Senior System Administrator * Managed a heterogeneous network (Solaris up to 2.6, HPUX, AIX, Windows NT, and Windows 2000) * Installation, upgrade and maintenance of Clariion raid servers in a production environment * Maintained DNS, NIS and NFS databases * Installed and managed NT and Windows 95 workstations and servers * Installation and customization of Hummingbird eXceed Senior System Administrator * Managed 30+ HP development servers * Installation Solaris servers, including Web enterprise server, Volume Manager & Veritas * Provided user support for day to day problems * Setup ntp server and clients * Managed DNS and NIS databases * Installed patches and upgrade OS for HP servers * Maintained lvm and related problems Senior System Administrator * Managed a heterogeneous network (Solaris up to 2.6, HPUX, AIX, Windows up to Windows 2000 Server) * Integrated Network Information Service into current network with minimal downtime * Integrated NFS using AMD and Solaris automounter into current network * Installed and Upgrade operating systems to current versions * Kernel tuning for optimal performance * Designed and Implemented backup solution using DLTs in a heterogeneous environment * Maintained DNS database * Configured and Installed DEC Storage Works RAID 5 array * Configured and Installed RedCreek VPN software and hardware * Managed of gauntlet firewall Contract: Entertainment Online Senior System Administrator * Managed a heterogeneous network (IRIX, Win 95, NT, Novell) * Installation of IRIX 5.3, 6.3 and 6.4 on SGI Challenge L, Indy, O2, Origin 200 * Installation of Netscape Enterprise Server 2.01 and Commerce Server, Oracle 7 * Configuration of Cisco 1600 Router * Installation and periodic maintenance of Windows 95/NT servers * Remote network administration using Remotely Possible and secure shell * IP aliasing and DNS setup for IRIX servers * Network performance testing (between major ISPs) * Implemented backups procedures for all UNIX servers * Exposure to sendmail configuring, HP Openview Computer System Administrator * First line support for developers using UNIX, HP, Macintosh and PC workstations * Managed and re-organized all user home directories on file servers and NIS servers * Created standard user login environments * Analyzed and solved network problems * Maintained NIS databases and NFS mounts on workstations and servers * Setup and installation of NCD X-Terminals * Created WWW page (HTML 3.0 compliant, including JavaScript, CGI's and forms) * Installation of DiskSuite on servers * Designed and implemented scripts in PERL Computer System Administrator * First line support for developers using UNIX, HP, Macintosh and PC workstations * Created WWW page (HTML 3.0 compliant, including JavaScript, CGI's and forms) * Managed University print services and help desk Computer System Administrator * First line support for Windows based workstations * Manage file and print servers * Managed Intranet website and internal departmental web pages PROFESSIONAL CERTIFICATIONS Advanced Tivoli 4.5.1 Customization Workshop Microsoft Certified Systems Engineer Windows 2000 Microsoft Certified Database Administrator Microsoft Certified Systems Administrator Netegrity Identity Management Specialist (IMS) Netegrity SiteMinder Administration Specialist (NSAS) Citrix Certified Administrator Identity Management Practice, Oracle Identity Manager, Oracle Access Manager, Oracle Identity Manager's API as well as the IDXML Web Services and Identity Event Plugin interfaces of Oracle Access Manager. * Operating Systems: Solaris (7, 8, 9, 10), AIX (4.3.3, 5.0, 5.1, 5.2), Linux (all flavors), zOS, Windows 2000/XP/2003, OS X, and OpenBSD * Programming Languages: C, Java, Perl, x86 Assembly, s/390 Assembly, JCL, XHTML/CSS, and REXX * Protocols: DCE-RPC, SOAP, IDXML, 802.11, GSS-RPC, HTTP, NCPASS-TLI, and SASL * Tools: Eclipse, Netbeans, Visual Studio, Nagios, VMWare Server * Security Technologies: SAML, SASL, Kerberos, PKI, XACML, LDAP, DCE, SecurID, Biometrics, general cryptography, and federated identity management * Servers: Sun One Directory Server, Oracle Internet Directory, Microsoft Active Directory, OpenLDAP, Tomcat, JBoss, BEA WebLogic, Oracle Application Server, Oracle Database 10g. * Identity Management Applications: Oracle Identity Manager (9.0.1, 9.0.3), Oracle Access Manager, Internet2 Shibboleth, and UMich CoSign * Mainframe Specific Technologies: FDR, ISPF, TSO, Natural, Adabas, Syncsort, NCPASS, and MXI Identity Management Practice Identity Management consultant focusing on Oracle's Identity Manager product (previously Thor Xellerate) and Oracle Access Manager (previously Oblix CoreID). Oracle Access Manager, Oracle Identity Manager deployments * Full life-cycle Provisioning system utilizing Oracle Identity Manager. * Full life-cycle Web Services infrastructure utilizing Oracle Access Manager. * Identity Event Plugins to extend Oracle Access Manager's workflow functionality. * Implemented password management functionality in OAM for the firm's largest client-facing application suite. * Numerous "custom" connectors to backend systems, directories, and databases. * Experienced in crafting Proof-of-Concept (POCs) builds to ensure the success and practicality of the Oracle Identity Management Suite. * Experienced in the installation and configuration of OIM server. * Experienced with cross-system identity mapping and reconciliation to OIM identity repository database.