IdM Clients
¥ City University of New York
¥ Priority Health
¥ Cincinnati Children's Hospital
¥ Subaru of America
¥ GM
¥ EDS
¥ University of Massachusetts
¥ Embry-Riddle Aeronautical University
¥ ITT
¥ Unitrin
¥ Guardian
¥ Gartner
¥ Paychex
¥ Tyco Electronics
Summary
Information Technology and Security professional with over 7 years experience in architecting and deploying Identity Management, LDAP Directories, Single/Reduced Sign-On (SSO), Provisioning and Provisioning/Identity Workflows, Access Management, RBAC (Role-Based Access Control), Compliance and Auditing Technologies, Federated Identity/Federation, Enterprise System Architecture, Security Infrastructure Design, Authentication and Authorization technologies, as well as custom-built security and technology frameworks.
Proven technical leadership skills include the ability to manage teams, earn the respect of its members, lead by example, and thrive in an entrepreneurial environment. Persuasive verbal and written communication skills compliment a proven ability to multi-task, maintain an organized approach, and ensure success - even when faced with high-pressure or high-risk situations.
Engagements within many large-scale environments, both public and private, as a consultant including GM, EDS, Subaru of America, ITT, Unitrin, Guardian Life, Tyco Electronics, Gartner, Paychex, City University of New York (CUNY), University of Massachusetts and Embry Riddle Aeronautical University. Experience in the Government, Education, Healthcare, Auto and Telecom Industries. User populations have fluctuated from a few hundred to an excess of 1.3 million people.
Skills
IDENTITY MANAGEMENT & SECURITY: IBM Tivoli Suite (ITIM/TIM, TAM), Webseal, RSA Cleartrust, PKI, Kerberos, CA/Netegrity SiteMinder, CA/Netegrity IdentityMinder, Sun Identity Manager, Oblix COREid/Oracle Access Manager (OAM), Passlogix Single Sign-on, Novell Identity Manager, Novell Access Manager, Oracle Identity Manager (OIM / Xellerate), SUN/IBM/Oracle Federation Manager, Oracle Role Manager (ORM), Oracle Business Intelligence Enterprise Edition (OBIEE).
LDAP DIRECTORIES: Microsoft Active Directory, ADAM, IBM Secureway, Tivoli Directory Server, NDS/Novell eDirectory, and Sun One Directory Server, Oracle Internet Directory (OID), and Oracle Virtual Directory (OVD).
BACKOFFICE SOFTWARE: Database (SQL/Oracle), Webserver (IIS, Apache, IBM), Reverse Proxy, Citrix, Terminal services, Portal (Plumtree, Websphere Portal) Application Server (Weblogic, IBM Websphere, JBoss, Tomcat, Oracle Application Server (OAS / OC4J)), Integration (DirXML, IBM TDI), RACF.
OPERATING SYSTEMS: Microsoft Windows up to Windows 2003 Enterprise Edition, UNIX (SOLARIS 2.x, SOLARIS, AIX, IRIX, HP/UX, LINUX, MS-DOS.
NETWORKING: TCP/IP, DNS, WINS, NFS, Samba, NIS, NIS+, and NetBIOS.
Experience
CUNY - City University of New York (NEW YORK, NY) | August 2009 - Current
Lead Identity Management Systems Specialist
¥ Maintain full Identity Management systems
¥ Integration of all PeopleSoft systems, Active Directory, OID, and Exchange
¥ Developed 5 environments on both physical and virtual hardware
PRIORITY HEALTH (GRAND RAPIDS, MI) | March 2009 - August 2009
Identity Management Architect and Implementation Engineer
¥ Architect
for and the implementation of Oracle Identity Manager and Oracle Role Manager.
¥ Integrated
all systems with multiple back-end database systems.
¥ Cut
project scope and duration down by over 30% with discovery and project analysis
CINCINNATI CHILDRENÕS HOSPITAL MEDICAL CENTER (CINCINNATI, OH) | March 2009
Identity Management Architect and Implementation Engineer
¥ Architect
for and the implementation of Oracle Identity Manager, Oracle Access Manager,
Oracle Role Manager, Novell Identity Manager, and Novell Access manager for POC
evaluation.
¥ Integrated
all systems with Active Directory, SunONE LDAP, IIS and Apache web servers
¥ Implementation
was done on multiple virtual servers through VMWare running Oracle Enterprise
Linux, Windows 2003, and SUSE Linux.
SUBARU OF AMERICA (CHERRY HILL, NJ) | November 2008 - February 2009
Identity Management Architect
¥ Architect
for the implementation of Oracle Identity Manager, Oracle Access Manager,
Oracle Internet Directory, and Oracle Virtual Directory
¥ Implemented
OIM and OAM through Development, Staging, and Production
¥ Developing
custom workflows and Generic Technology Connectors for manual user dumps.
ITHACA COLLAGE (ITHACA, NY) | November 2008 - Present
IDM Consultant/Strategist
¥ Interview
key subject matter experts to determine current IDM/security hardware and
software profile.
¥ Analyze
current network layout, services and resources to determine required access.
¥ Determine
user roles and responsibilities, classifying like users into groups to ease
maintenance and rule implementations controlling access to resources
appropriate to user and group classifications.
¥ Analyze
and document (both existing and potential) solutions for the following: User
account provisioning/de-provisioning, Enterprise Directory Services, Single
Sign-On (web and desktop), Password Management, Role-Based access control,
Strong Authentication
¥ Provide
documentation and recommendations detailing best practices for user and access
control as determined by independent research and current like institution
implementations.
CITY UNIVERSITY OF NEW YORK (CUNY) (NEW YORK, NY) | July 2008 - October 2008
Senior Oracle IDM Architect and Engineer
¥ Worked
along side with Oracle on architecting and implementing the Oracle Identity
Management Suite into a 22-campus environment with capabilities of managing up
to 1.3 million end-users.
¥ Design
was built around managing Students, Faculty, and Staff with multiple roles.
¥ OIM
was configured to talk to three separate Authoritative PeopleSoft sources for
all identities.
¥ Provisioning
from OIM was configured for Oracle Internet Directory (OID), Oracle Virtual
Directory (OVD), PeopleSoft using Apache reverse proxies and PeopleSoftÕs Pure
Internet Architecture, and Active Directory.
¥ Managed
a small team of 5 IdM engineers and worked directly with OracleÕs consultants
to meet all deadlines.
UNIVERSITY OF MASSACHUSETTS (WORSTER, MA) | October 2007 - May 2008
Senior Oracle IDM Architect and Engineer
¥ Architected
and designed a six campus Identity Management solution that encompasses the
Oracle Fusion Middleware Stack (Oracle Identity Manager, Oracle Access Manager,
Oracle Internet Directory, Oracle Virtual Directory, Oracle Identity
Federation, Oracle Access Server, and Oracle Enterprise Linux).
¥ Design
was built around managing all 150,000+ Students, Faculty, and Staff.
¥ Managed
a team of integration specialists to implement and promote through three
environments and on a separate Disaster Recovery (DR) data center.
¥ Wrote
all documentation on use cases, implementation design, and promotion
strategies.
¥ Managed
a separate project with UMass and an external application service provider to
setup federation between the two entities. First successful OIF SAMLv2 to
Shibboleth federation to reach production.
GARTNER (STAMFORD, CT) | September 2007 - October 2007
IDM Consultant/Strategist
¥ Was
brought in to finish out an Oracle Identity Manager implementation what was
falling behind a tight deadline.
¥ In
additional to being proficient with the development technologies I have expert
knowledge in all of the target systems and their components that the product
manages, including LDAP directories, security and databases. This helped bring
the project to completing within deadline.
¥ Modified
out of the box Oracle Database Connectors to fit GartnerÕs given needs.
¥ Responsible
for reviewing and recommending enterprise identity management solutions and
deployment alternatives to external customers and internal end-users.
FOODBUY (CHARLOTTE, NC) | September 2007 - October 2007
IDM Solution Architect
¥ Reviewed
current architecture and business requirements for an Identity Management
Solution
¥ Provided
a detailed solution document with multiple vendors listing the benefits and
disadvantages between each of the suggested product suites and combinations.
¥ Product
Suite vendors reviewed: Oracle, IBM, CA, and Curion
PAYCHEX (ROCHESTER, NY) | August 2007 - September 2007
IDM Architect and Implementation Specialist
¥ Performed
Requirements Gathering for a Proof of Concept to be implemented into their
environment in development.
¥ Architected
and implemented Oracle Identity Manager into development with basic out of the
box functionality in under 2 weeks with a single LDAP as their authoritative
source, and provisioning users into Active Directory, Microsoft Exchange, and
Oracle Internet Directory.
¥ Wrote
all documentation and completed entire project in less than three weeks.
TYCO ELECTRONICS (HARRISBURG, PA) | August 2006 - February 2007
Access Management Solution Specialist
¥ Reviewed
current architecture and business requirements for an Access Management
Solution
¥ Architected
and implanted Oracle Access Manager (Oblix COREid) into three environments.
¥ Developed
a custom new user registration process using hooking into IDXML through COREid.
¥ Performed
all project management and provided status reports to managing director
TIME WARNER CABLE (RALEIGH, NC) | July 2006
Identity and Access Management Solution Specialist
¥ Was
brought in to get an existing Tivoli Identity and Access Management (TIM / TAM)
project back under deadline.
¥ Wrote
rules for Tivoli Data Integrator data marshaling
¥ Worked
as liaison between existing engineers and project directors on the Time Warner
side
¥ Redesigned
project timeline, managed scope of initial deployment, and resolved issues
between client and Time Warner.
GMAC (DETROIT, MI) | May 2005 - September 2007
Access Management Specialist
¥ Provided
remote and on-site assistance to the deployment of Oblix COREid (now Oracle
Access Manager)
¥ Built
out, and promoted solution through six environments and two off-site data
centers.
¥ Worked
with off-shore staff, IBM consultants at their IBM campus in Raleigh NC, and
with GMAC staff in Detroit MI.
¥ Wrote
out and submitted step-by-step, run books for all implementation details for
Oblix.
¥ Developed
custom solutions to GMAC business needs that Oblix was not able to accomplish.
¥ Implemented
multiple languages to both out of the box Oblix installation and custom Style
sheets (XSL, XSLT, CSS, XML) for custom registration, login, and forgotten
password forms.
EMBRY-RIDDLE AERONAUTICAL UNIVERSITY (DAYTONA, FL) | January 2007 - April 2007
Identity and Access Management Specialist
¥ Initially
was brought in to provide a demo and Proof of Concept (POC) on OracleÕs
Identity Manager integrated into their environment.
¥ Architected
and implemented Oracle Identity Manager as a migration from their current
cross-custom identity management solution of M-tech IDM and custom Perl scripts
to a full production OIM solution.
¥ Integrated
OIM into Active Directory, Multiple Exchange servers, Oracle Internet
Directory, and bulk loaded all users from a flat-file dump from their
Authoritative Source.
¥ Rewrote
a couple of OracleÕs out-of-the-box connectors to fit their environment and
needs.
UNITRIN (CHICAGO, IL) | November 2006 - February 2007
Identity and Access Management Specialist
¥ Designed
and architected a multi-organization Identity and Access management system
using CAÕs Identity management suite (Identity Minder, Siteminder, eTrust
Directory, and Admin).
¥ Siteminder
was setup to protect multiple web and application servers of different flavors
¥ Identity
Minder was configured to work with multiple authoritative sources and provision
users to various end-systems across six different sub-organizations. This
included a multi-domain Active Directory infrastructure.
¥ Worked
with CA to evaluate and fine-tune their product, as this was their first
release of the suite is a package form. Had to constantly rewrite a lot of
their code and refine their documentation to successfully implement.
¥ Wrote
custom BLTH modules for bulk importing and custom application provisioning.
¥ Worked
with TEWS (CAÕs web services core) for implementing a custom web interface for
new user registration and self-maintenance packages.
EDS (DUBLIN, OH) | May 2005 - September 2007
Identity and Access Management Specialist
¥ Provided
technical expertise to EDS in all areas Identity and Access Management.
¥ Worked
on both US and foreign country deployments with the main focus on deploying an
globally highly available Identity Management solution for one of their
clients.
¥ Products
supported were Oblix COREid (Oracle Access Manager), Oblix ShareID (Oracle
Identity Federation), Citrix, and other custom / home-grown applications.
ITT (FORT WAYNE, IN / WHITE PLAINS, NY) | February 2005 - May 2005
Access Management Specialist
¥ Designed
and implemented an Access control system around Oblix COREid
¥ Implemented
it directly into production (customer demanded it) using ADAM as the user
repository containing all 25,000 world-wide employees.
¥ Setup
multiple reverse proxy Microsoft ISA servers to proxy Internet requests and
relay them to the geographic closest Identity and Access servers for
authentication and authorization.
GUARDIAN LIFE INSURANCE CORPORATION (NEW YORK, NY) | August 2002 - February 2005
Data Security Specialist
¥ Tivoli
Access and Identity Manager deployment and administration
¥ IBM
Secure-Way LDAP administration and schema management
¥ Computer
Associates SEOS and SSO administration and migration into IBMÕs LDAP framework
¥ Wrote
custom VB and Perl applets for production web-based LDAP management and
development while TIM is being integrated.
¥ Evaluation
and implementation of cross-platform SSO and user administration tools
including IBMÕs IDI/TIM and CAÕs Admin
¥ User
administration and SSO control across seven platforms and over 100,000 users
for home office, regional offices, and agencies
SYNERGY-DOT (ANN ARBOR, MI) | September 2000 - August 2002
Network Administrator
¥ Brought
in and partitioned multiple T1 lines for BLEC services.
¥ Ran
wire, made drops, and responsible for all other hardware installs.
¥ Configuration
and implementation of Cicso, Netgear, and Linksys routers, hubs, and switches.
¥ Designed
and developed a consulting department for current and prospective clients.
¥ Implemented
wireless bridging to provide Internet service to a broader area (802.11a/b)
¥ Performed
maintenance and constant network analysis on wireless access points and bridges
UNIVERSITY COMPUTING (YPSILANTI, MI) | August 1998 - September 2000
Computer Systems and Network Administrator
¥ First
line support for developers using UNIX, HP, Macintosh and PC workstations
¥ Helped
maintain University network infrastructure.
¥ Worked
with legacy mainframe systems and BANYAN VINES.
Education - Institution
¥
B.S. Computer Networking and Japanese Linguistics, Eastern Michigan University, 1998
Education - Industry
¥
Oracle Business Intelligence Enterprise Edition
(OBIEE), Oracle – San Francisco, CA, 2009
¥
Oracle Entitlements Server (OES), Oracle –
San Francisco, CA, 2009
¥
Oracle Role Manager (ORM), Oracle – New
York, NY, 2008
¥
Novell Identity Manager, Novell – New
York, NY, 2007
¥
CA Identity Manager Suite (Identity Minder,
Siteminder, Admin), CA – Islip, NY, 2007
¥
Oracle Identity Manager Advanced Training (OIM),
Oracle – Raleigh, NC, 2006
¥
Oracle Access Manager Advanced Training (OAM),
Oracle – New York, NY, 2006
¥
Oracle Identity Manager Basic Training (OIM),
Oracle – New York, NY, 2006
¥
Sun Identity Manager (SunIDM), Sun – New
York, NY, 2005
¥
IBM Tivoli Access and Identity Manager (TIM /
TAM), IBM – Miami, FL, 2004
Lectures and Publications
¥
Identity Management Blog – IDMRockStar.com
(present)
¥
Identity Management Job Website - IDMJobs.com
(present)
¥
Given lectures on wireless security and
hardening techniques to universities, corporations, and other speaking
engagements. (2000 - present)
¥
Self-published a book on IT placement
strategizing techniques. (2007)
¥
White paper on Wireless Network Security was
featured on Information Weekly. (2003)