PROFILE

39 years in IT providing best practices in Enterprise Full Life Cycle Security Architecture and managing up to 50 direct reports.

EXPERIENCE

Confidential

Sr. Cloud Security Architect

• Designed, developed. tested and implemented Common Cloud Security Virtual Domain Grids for AT T Clients using OpenStack, Splunk-IPDS and Hadoop-Multi-Cluster Data Domains.
• Established SNORT IPDS-SIEM layers to deal with multi-level hacker intrusions throughout the Infrastructure-as-a-Service IaaS and Security-as-a-Service SaaS Common Cloud Grid.
• Met with AT T clients and coordinated implementation and Security Hardening in compliance with NIST SP 800-53 Security Controls.
• Designed, developed. tested and implemented Ruby on Rails - Security Log Rules Application SLRA to provide greater articulation of rouge frag-packet hacks as well as DDoS D-Day multi-level Hacks.
• Implemented SLRA RoR Yarn service using Capistrano server CI/CD with Hadoop RBAC Role/Priv Distrib Secure Nodes as data-store. Integrated with HERASAF-PAP/PEP/PDP Yarn app for security rule/policy orchestration.
• Utilized and integrated Apache Kafka Hadoop Message Handlers with Storm for high-availability through-put. And, Flume data-aggregation with Sqoop parallel data loading. While maintaining security policy orchestration via Apache Ranger rules.Used Apache Oozie to schedule Logical Units of Work for Hadoop jobs.
• Designed, developed, normalized/de-normalized Secure High Availability HA Hadoop RBAC MapReducing to aggregated Access Identity profiles for secure PKI method cross-check within VPC-Apps.
• Designed, developed, tested and performed Intrusion, Penetration, Detection System IPDS Ethical Hacker Cloud Scans using SNORT modules with Security Policies.
• Installed, configured and tested RedSeal and Brakeman Continuous Security Code Scan as well as used Nmap to resolve false-positives.
• Designed and architected Behavior and Test Driven Development BDD/TDD of Java Spring MVC Notification Escalation Security Orchestrator in compliance with NIST SP-800-94 Guide to Intrusion Detection and Prevention Systems.
• Designed, developed, coded, tested and implemented Python 2.7/Django Splunk Security application to track customized frag-packet activities to detect intrusions and events at defined end-points.
• Designed, developed, coded, tested and implemented Angular.js Mobile IOS-Android - Hadoop Collector and Reporter Job Task Tracker across Zoo Cluster Nodes using Corona SDK.
• Designed, developed, coded, tested and implemented Payment Card Industry-Data Security Standard PCI-DSS Credit Card Mobile Transaction Monitor and Incident Alert System for IOS Android using Paymill SDK.
• Designed, developed, coded, tested and deployed J2EE Web Portal Service EJB-Restful Audit Log End Point Gatherer ALEPG using Oracle 12c Weblogic RAC with scaling for client cloud log end points.

Confidential

Hadoop Security Architect/Developer Lead

• Install, configure, tune and update Oracle Enterprise Security Oracle Identity Management and Oracle Access Management 11g software onto Buccaneer Server Farm for CMS,
• Lead Access and Identity Management Matrix Rule configuration meetings to comply with NIST SP 800-12 Separation of Duties,
• Provided Fed Section 508 Compliance validation, verification and testing for CMS Enterprise and Cloud Services using JAWS, Window-Eyes 8.0, SuperNova Access Suite,
• Design, coded, tested and implement on Websphere Audit Log Management Architecture using Java Spring MVC for Health Care Quality Information System Architecture to comply with NIST SP 800-92 - Log Management,
• Installed, configured, tuned and updated Oracle Business Intelligence Enterprise Edition 11g with ScoreCard and Strategy as well as Answers and Delivers to query CMS Audit Logs and provide Incident Response Analysis Reports and Alerts.
• Installed, configured, tuned and updated 11g Oracle Data Audit Vault, as well as Realms and Incident Response Filters to HQCIS Audit Logs, spanning across the entire Architectural Layering, to provide alerts to HQCIS - CMS.
• Designed, developed, coded, tested and implemented Security Audit Log Analytic Report Service SALARS with OBIEE ScoreCard and Strategy with Key Performance Indicators to track A123 and SAS70 Incident Response Costing. As well as performed canonical modeling design pattern analysis in order to communicate between different data formats Audit Log text to UDP to Oracle 11g data records . SALARS provides enterprise application integration between the business and security layers. SALARS reduces costs and standardizes agreed data definitions associated with integrating CMS business systems,
• Installed, configured, tuned and updated ArcSight ESM and Logger SIEM with Data Connectors to access HQCIS DECC Audit Logs to provide an IV V Incident Response Correlation to HQCIS Security Audit Log Analytic Report Service SALARS ,
• Designed, developed and implemented the following Functional Specifications, White/Black Box Activity and Sequence Diagrams: BI Log Analysis Report Service Specification, Pull Audit Log Service Specification, Syslog Endpoint Service Specification, and Retain Operational Log Data Service Specification.
• Designed, developed and implemented the following: HQCIS Conceptual Model for DECC, HQCIS Logical Model for DECC.
• Provided Certification and Accreditation C A coordination to deal with Security Violations known as Quality Information Variance Assessment among the Lines of Business which include: Hospital Reporting HR , Physicians Quality Reporting Service PQRS , End State Renal Disease ESRD , Quality Information Operations QIO and Consolidated Renal Operations in a web-enabled network CROWNWEB by providing Contingency Action Planning CAP and Risk Acceptance Form RAF guidance/recommendations.
• Designed, developed, coded and tested JDeveloper 11g1 the following security component operations: PKI LDAP Interfaces, Quality Identity Management System Tracking Operation Component.
• Installed, configured, tuned and updated Sun Identity Manager V8.1 - Waveset for Quality Identity Management System QIMS
• Designed, developed installed, configured and maintained OpenLDAP Security Test Bed. As well as Imported/Exported User Data and installed, configured, updated and maintain Security Encryption testing.
• Installed, configured, tuned and updated Oracle Virtual Directory OVD and Oracle Identity Federation OIF across all Lines of Business to provide Federated Identity Management for CMS-OCSQ CISO.
• Installed, configured, tuned and updated:Nmap, WebInspect, AppScan, AppDetective, and Source Fire Snort to provide NIDS/HIDS in accordance with NIST SP 800-94 - Guide to Intrusion Detection and Prevention Systems IDPS ,
• Designed, developed, coded, tested and implemented CyberScope SCAP practices to handle manual and automated inputs of agency data for FISMA reporting.
• Designed, developed, coded, tested and implemented Security Audit Log Analytical Report Service and IAM/ WebServices using Oracle 11g Application Development Framework.
• Designed, developed, coded, tested and deployed Oracle Governance, Risk and Compliance Security Audit Log Analytical Report Service SALARS .
• Designed, developed, coded, tested and deployed Oracle Audit Vault OAV and Security Policies to filter converted Syslog-NG Collection Server Oracle 11g data records via PowerCenter Informatica ETL Server.
• Architected and engineered CMS-Incident Response and Breach Analysis Notifications and Remedy Ticket System s ,
• Architected and engineered CMS-RBAC, ABAC, LBAC and Rule-BAC Access, Authorization and Authentication for Enterprise Federal Identity Management System EFIMS .
• Performed Risk Management Analysis of CMS Line of Businesses LoB as well as Privacy Impact Studies and E-Authentication Certifications to meet C A requirements.
• Provided CMS Clients FISMA-NIST oriented classes including: Incident Analysis and Response, Splunk Ontology Analysis, Splunk Topology Analysis, Security Audit Log Analytical Reporting SALARS , Businesses Security Impact Analysis and Risk Impact Analysis.
• Designed, developed, coded, tested and implemented Python/Django Splunk Security Web applications to monitor ICD Billing applications.
• Prototyped Big Data systems with Hadoop, HBase, and Cassandra, using Cloudera and MapR clusters on EC2. Design, developed and deployed complete architecture, assuring acceptable performance. Analyzed Audit Logs for Security Incidents and Events.
• Designed, developed, coded, tested and implemented Node.js Syslog Endpoint Monitor and Disconnect Alert Mobile IOS-Android App to provide backup alerts on disconnected or misconfigured servers.
• As the Technical Security Audit Solutions Architect Lead I've provided designs, security requirements and architecture solutions to address CMS - Acceptable Risk Strategy ARS as well as NIST 800-53 Security Controls for Physician's Quality Reporting Initiative PQRI and Physician's Quality Reporting System PQRS . As will as the eRx Incentive Electronic Prescribing Payment Program to ensure confidentiality, integrity and availability of PII and PHI data.
• Designed, developed, coded, tested and implemented Proof of Concept implementing WaveMaker 6.5 to provide a front end to Hadoop-Multi-Cluster NIST SP 800-53 Inventory and C A Service using HDFS and Oracle 11g Databases.
• Provided code, testing and implementation of Proof of Concept implementing Knopflerfish Pro 3.8 Makewave Ubicore RAD to provide Enterprise Syslog Endpoint Inventory Tracking Service using a Oracle 11g multi-dimensional model.
• Designed, developed, coded, tested and deployed Proof of Concept implementing Openxava AJAX Java Framework RAD to build a Risk Management Framework Incident Response Notification Escalation Service to Apple Android Cell Phones.
• Performed upgrade, test, migration and deployment of Oracle Access Mgr, 11g R2 PS1 , PS2, for Centers for Medicare/MedicaidServices CMS - Security Audit Log Analytical Report Service SALARS . To provide high availability access services to CMS - Health Information Exchanges HIE users.

Confidential

Software Architect/Developer

• Design, develop, code, test and implement RIM V6.0 IOS IPAD V4.3 IOS Medical Tracking and Billing System Prototype.
• Configure and test RBAC controls to prevent users from taking tablets off site as well as insta-flush tablet data. Tablet software designed to alert security personnel as well as stolen platform.
• Initial prototypes connected to mySQL V5.0 for data store and forward. RRD ICD 10 Data platform migrated to Oracle 11g.
• Design, develop, code, test and implement Drupal/Oracle with mobile Browsecap - Investment/Real Estate Asset Identification/Risk Software. MLS GIS Modules integrated to provide listing and geographic information to subscription Real Estate Investors.
• Designed, coded, tested and implemented MLS Python Stat Analysis Filtering to determine Real Estate Marketing Trends against Lender Coupon Rates.

Confidential

• Provide IT Security Information Assurance SME Forensic Cyber Investigator/Auditor support to The Judiciary OHR Business Technical Optimization Division BTOD as well as all US Federal Courts by:
• Developing, designing and implementing a NIST FISMA compliant cyber security stance for all US Federal Courts and the Judiciary by use of information assurance best practices.
• As well as bringing the following into information assurance best practice compliance: HRMIS, Evidence Operations Division, Latent Finger Print Labs, eVacancy Judicial Employment Background Analysis System and The Judiciary Payroll System s .
• Performing NIST SP 800-94 IDPS scans using Nmap, WebInspect, Nessus, AppDetective and SNORT intrusion/penetration detection scans,
• Provided Fed Section 508 Compliance validation, verification and testing of Judiciary Enterprise Architecture using JAWS, Window-Eyes 8.0, SuperNova Access Suite,
• Installed, configured, tested and implemented OIM/OAM Federated and High Availability Services interfacing Federated LDAP Services,
• Analyzing and providing security information assurance policy recommendations to the Judiciary General Counsel as well as Risk Analysis of baseline and contingency, common and hybrid security control countermeasures in accordance with NIST SP 800-30, 60, 53 53a.
• Providing the Judiciary US Federal Courts individual NIST SP 800-18 compliant System Security Plan s SSP , NIST SP 800-34 Contingency Management Plan s CMP and NIST SP 800-61, 83 86 Incident Response Plan s as well as Disaster Recovery Plan s DRP .
• Designed, developed and implemented Judiciary Security Awareness as well as Court Identifying Information CII Personal Identify Information PII security training.
• Analyzed and provided policy for Security Business Impact Analysis BIA and Privacy Impact Analysis PIA for US Federal Courts Security System s .
• Providing SCAP NIST SP 800-115, 117 126 SCAP - Security Testing and Assessment ST A on US Federal Courts System s . Consolidated Rules of Engagement into Information Assurance Security Policies implemented nation-wide to every US Federal Court for Judges IT Security Procedures and Practices.
• Designed, developed, coded, tested and implemented PeopleSoft 8.49 HRMIS II - CRM with Financial Modules Security Stance for C A. Which included testing and validation of security best practices throughout the 50,000 user architecture. This testing included NMap, Nessus, WebInspect and AppDetective IDPS in accordance with NIST SP 800-94.
• Performed IDPS Scans and Remediation on Weblogic, Webshpere and Apache Internet Servers IAW NIST SP 800-94.
• Designed, developed, coded, tested and implemented Python Security Control Monitoring App against Judiciary NIST SP 800-53 Checklist for ATO.
• Performed OIM/OAM and ACL/RBAC Risk Analysis IAW NIST SP 800-30 60 as well as Separation of Duties/Least Privileges Analysis IAW NIST SP 800-12 on Oracle 10g 11i Database s /Warehouse s .
• Designed, developed, coded, tested and implemented Java Clojure Scala Web Service Agents to monitor Oracle and Informix Cloud transactions as well as test SCAP tagging of bottom up Java code.
• Designed, developed, coded and tested Drupal 6/7 C A Tracking System using Grid 960 Customized Theme and Ruby on Rails 3 Risk Assessment System. I also provided Mobile Browsecap interface to allow 3G Mobile Computing access and interaction.
• Architected and prototyped Track and Trace for the Judiciary, using Scala, Cassandra, Hadoop, XML, REST fine-grain access control with certificates, with capacity of 1,000-10,000 transactions per second, with background processes to verify chain of custody and fraud prevention. Tasks accomplished.
• Refactored Cassandra-access code, to allow either Hector or Thrift access Factory design pattern , replacing the original Thrift code interspersed throughout the application
• Designed, developed, normalized/de-normalized secure Hadoop data as well as prepared MapReduce Hadoop jobs to verify chain-of-custody and look for fraud indications over distributed US Court Custody Process nodes.
• Designed, developed, coded, tested and implemented Node.js Court Prisoner Packing App which is used to determine prisoner transfer support processing fees between temporary incarceration and final incarceration.
• Prepared and finalized multi-cluster test harness on EC2 to exercise the system for performance and failover.

Business Development and Capture Management

Highly motivated, customer focused professional with extensive experience in key client development and retention in both the DoD/Federal and Private Sectors. Skilled in creating and growing solid customer relationships, needs analysis, and account activity tracking. Results driven sales professional with over thirty years experience in Business Development and Accounts Management. Built a background in Asset Management, Technology and Equipment Software / IT Leasing. Repeatedly met sales quota ranging from 25 to 600 million while increasing gross profit. Organized and disciplined team player with the ability to excel in independent positions requiring minimal supervision, the ability to simultaneously handle multiple tasks and skills in the areas of:

• Assessing Client Needs
• Capture Proposal Management
• Contract Negotiation Administration
• Effective Presentations
• Financial Analysis
• Identifying Decision Makers
• Managing Key Accounts
• Market Analysis
• Problem Solving
• Prospecting/Networking
• Rapport Building
• Strategic Planning