SUMMARY

• A skilled security and privacy program manager and software development leader with 10+ years of experience in driving the success of compliance and software development.
• Utilizes extensive knowledge in strategic planning, program management for cyber security and privacy, IT and data governance, and enterprise and data application development.
• Sets and drives the implementation of strategic objectives for multiple teams.
• Fosters the culture of collaboration.

Areas of Expertise

• Cyber Security / Privacy
• Risk / Vulnerability
• Project / Product Management
• Agile SDLC
• Big Data and Analytics
• Enterprise Application

PROFESSIONAL EXPERIENCE

Confidential, Emeryville, CA

Security and Privacy Program Manager

Responsibilities:

• Confidential Aspera offers on cloud and on premise solutions for fast data transferring and sharing.
• Being the lead on security and compliance for Aspera, I am responsible for information security, cyber security and privacy compliance for all business units of Confidential Aspera, including engineering, marketing, sales, procurement, etc.
• Promote and drive the long term vision of security and compliance for all business units of Confidential Aspera, including engineering, support, marketing and sales. Design the road maps for security and compliance programs. Lead and drive key initiatives and collaboration across multiple teams.
• Manage and perform risk analysis, implement security and privacy controls based on NIST SP for multiple cross - functional teams, on-premise and on-cloud service offerings.
• Oversee the security controls on cloud infrastructure for Confidential Cloud, AWS, Azure and Google Cloud, asset management, key management, access control, security activity monitoring, intrusion detection, patch management, vulnerability and incident management.
• Serve as security architect and manage the DevOps team on security projects, for example, the project for on-cloud data security monitoring across Confidential Cloud, AWS, Azure and Google Cloud.
• Serve as security architect and lead development team implementing security projects, for example, the BYOK (bring your own key) project for customer data encryption on cloud storages.
• Develop and manage the software secure development life cycle, secure engineering, threat modeling, source code scanning, secure QA, penetration test, and secure release.
• Mange vendor and third-party security risk and privacy compliance.
• Work with internal and external auditors on security and privacy auditing, provide hands-on program management for GDPR, ISO 27001/27017/27018, HIPAA, CCPA, LGPD, CSA, EU-US Privacy Shield, NIS Directive, Business Continuity, etc., and successfully achieve the compliance status.
• Manage SOC2 and FedRAMP programs.
• Manage the vulnerability and security incident life cycle.
• Provide consulting for Confidential Aspera customers on security and compliance.

Confidential, Menlo Park, CA

Big Data Consultant

Responsibilities:

• The machine learning and predictive model which identifies the low performing campaign and advertisements in early stage and recommends the best strategy to improve the performance;
• The highly scalable end-to-end real time big data analysis to consume large volume and complex data from real time and other big data sources such as loggers, streaming pipelines, Hive and Vertica and present the analytics in Tableau and other tools;
• Advertisement competitive performance benchmark system;
• Supports of existing Data Warehouse and Business Intelligent System on HIVE, Vertica, Confidential and MySQL production system.
• Technologies used: Machine Learning, Quantitative Model, Real Time Big Data Analytics, Hadoop, Spark, R, HDFS, Hive, Vertica, Confidential, Java, Python.

Confidential, Dallas, TX

Manager of Application Development and Support

Responsibilities:

• Led the analysis of migrating auction applications from AS400 to SAP and the master data management.
• Completed the development of a light-version auction system for international markets.
• Transitioned the development teams to Agile teams and improved the productivity.
• Drove and implemented multiple top priority projects, including mobile apps on iOS.
• Technologies used: SAP, Web Application, Web Service, XML, Java, Java EE, .Net, C#, iOS, Android, MySQL, DB2, AS400, RPG, Unix, Linux, Meta-data Repositories, ODS.

Confidential, Plano, TX

Sr. Manager of Application Development and Support

Responsibilities:

• Managed delivery and support teams for Auto Finance, Home Loan, Card, Confidential and other LOBs. Contributed to Auto Finance LOB data governance policies, information management strategic objectives and short term/long term road map. Established dedicated production support teams.
• Completed the 3-year $11MM business intelligence project on time and on budget.
• Completed vendor transition within 13 weeks with no interruption to product support and no extra budget by negotiating and working with vendors.
• Set and implemented the strategic objective of increasing production support team’s productivity by 50% in 1½ years by enforcing best practices in development teams and support teams.
• Transitioned the development teams to Agile teams and transitioned production support teams to Kanban teams.
• Implemented the continuous machine learning framework for credit decision.

Technologies used: Confidential, Ab Initio, Informatica, Business Objects, SAS, Confidential, Java, Meta-data Management, Master Data Management, ODS, Hadoop, Big Data

Confidential, Fort Worth, TX

Director

Responsibilities:

• Drove the application development and IT operations to support key business functions.
• Managed IT professionals, including development managers, business analysts, architects, developers, QAs, DBAs and production supporters.
• Managed client and vendor relationships, third-party resource teams, and IT budget.
• Established IT governance and policy, development and project management processes and production support and internal IT support.
• Developed Vehicle Repossession Information and Dispatching system which was the primary business application to support the company and thousand partner’s business.
• Integrated third-party systems, such as e-Commerce service, geo and map services, etc., into the company’s enterprise system, and implemented the iOS Mobile Apps as part of the Vehicle Repossession system.
• Implemented the service quality monitoring and forecast system, a part of the Business Intelligence system, and increased the business volume by 12%.
• Grew the business volume by 400% within 1 year from 300,000 vehicle scans a month to over 1,000,000 scans a month.
• Technologies used: Perl, Python, MySQL, MongoDB, .Net, C#, Web Application, Microsoft SQL Server, Data Warehouse, Master Data Management, SaaS, Web Service, iOS, Android.

Confidential, Memphis, TN

Technical Program Manager/Lead Architect

Responsibilities:

• Managed development team to design and implement enterprise, data warehouse and BI solutions.
• Contributed and enforced data governance policy, data quality and data integrity policy, data security policy, and data movement and data integration policy.
• Helped to avoid several severe interruptions to the normal business.
• Led the design, implementation, and delivery of the healthcare and other claim-processing data warehouse and business intelligence projects.

TECHNICAL SKILLS

Program Management: ISO 27001/27017/27018, GDPR, Network and Information Systems (NIS) Directive, HIPAA, CCPA (California Consumer Privacy Act), SOC2, SPbD (Security and Privacy by Design), Secure Engineering, Threat Modeling, Penetration Test, Secure Testing, Security Vulnerability Scanning, Vulnerability Management, Incident Management, Business Continuity Planning

Application Development: Enterprise Web Application, Web Service, eCommerce, CRM, Java, Java Script, .Net, ASP.Net, C#, C/C++, Confidential, Jenkins, XML, SOAP, Perl, Python, iPhone, Android

Data and Business Intelligence: Enterprise Data Warehouse, Master Data Management, Data Governance, Data Quality, Big Data, ETL and Data Integration, Reporting, Dashboard, SQL Server, Confidential, DB2, Confidential, Hive, Hadoop, Spark, R, MySQL, T-SQL, PL/SQL, Informatica, Ab Initio

Operating System: Linux, Unix, Windows, AIX, AS400, AWS