Physical and IT Security * Identity Mgt (IdM)/ Identity and Access Mgt (IAM) * IT Governance, Risk and Compliance (GRC) * IT Auditing & Controls * Forensic Analysis and Investigations * Risk Assessment, Mitigation and Management * Vulnerability, Threat Intelligence and SIEM * SSO/Federation/Multi-Factor Authentication * IDaaS, SaaS and PaaS * Strong Creative and Complex Problem Solving * Strong Customer Service and Vendor Management * People Development and Management * 3rd Party Vendor Management * ITSM Service Management * ITIL Best Practices * Incident and Problem Management * Budgeting and Resource Management * Strategic and Tactical Decision Making Key Technologies, Standards, Frameworks and Capabilities * Directory Services: Active Directory, ADAM/ADLDS, Azure, SunOne, LDAP, Kerberos * IdM/IAM Solutions: ILM/MIIS/FIM/MIM, SailPoint IIQ * Authentication and Access: Federation, BYOD, BYOI, PKI, Tokens, SSO, Mulit-Factor, Microsoft MFA * PKI: Managed PKI (Symantec), X 509, SHA 1, SHA 2, SCEP * Federation: IdP, SP, SAML, WS-Fed, OAuth, PingFederate, PingOne, ADFS * Remote Access: Juniper SSL/VPN, MFA (Microsoft), RSA soft & hard tokens * Monitoring & Auditing: SCOM, Quest ChangeAuditor, Quest MigrationManager, Quest Reporter * ITSM: ServiceNow, Cherwell * Regulations/Standards/Frameworks: FDA, EMA, WHO, NIHS, GDPR, HL-7, HHS, HITECH, OIG, HIPAA including the HIPAA Security Rule, HIE, SOx, NIST, VAL-IT (ISACA), PCI DSS, ITIL, ANSI, ISU, SEC, FINRA, NERC, FERC, INFRAGUARD * SIEM: IBM, SPLUNK, Symantec, Rapid7 Select Accomplishments By using strong leadership skills and diligently leveraging ITIL best practices: AES * Gained approval for a Cybersecurity skills "uplift" project with a budget of $50,000. This allowed the CyberOps team to get credentialed with CISSP, CISM, CCIP, GIAC, GCTI, CTIA, GEH etc, increasing their expertise and adding much needed value to the AES' Cybersecurity force. * Defined Global Cybersecurity services across a large organization, helping management and customers to understand what Cybersecurity services we offered as well and the value CyberOps brings to AES. * Defined KPI's, SLA's and other CyberOps service metrics to allow measuring of service performance and resource tracking. This helped justify current and new headcount to run these services. * Drove the initiative to outsource Global SOC functions (incidents/changes/requests) in order to better leverage their extensive knowledge as a globally known expert (Symantec), thereby allowing us to redeploy the existing AES resources to work on more strategic initiatives. This resulted in a much happier AES workforce and a dramatic increase in our SOC metric reporting and oversight. * Led effort to globalize, consolidate and replace outdated software and hardware/devices for newer and easier supported web-filtering, 3rd party vendor management, risk management program and VPN/perimeter devices to bring us into a consistent and regulated supported state. * Created a customer facing SharePoint site that allows our internal Cybersecurity customers to get educated and access our services with little more than quick clicks for ease of use. IU Health * Gained approval for funding of IAM auditing and reporting software for all IAM and DB's across a large organization, negotiating cost from $10.6 M (perpetual licenses) to $1.6 (perpetual licenses). * Documented and streamlined over 35 existing IAM processes, procedures and policies, greatly improving service execution both in time to execute as well as consistency of execution that had not been documented and therefore were NOT being consistently executed. This allowed SLA's to be properly defined and delivered to meet and exceed those expectations. * Defined IAM services across a large organization, helping management to understand what IAM services we owned and customers understanding of service delivery expectations and how to navigate our services * Defined KPI's and other IAM service metrics to allow measuring of service performance and resource tracking. This helped justify current and new headcount to run these services. * Led effort to review/consolidate/revise over 300 IAM related KA's that were not being used to just < 50, allowing customers and most importantly the SvD to efficiently resolve incidents and route incidents/changes/requests quickly and with the needed information e.g.: use available KA's. * Led effort to replace existing IdM solution (customized sw) to "out-of-the-box" IdM solution (unsupportable) for a large organization, resolving multiple issues with the old solution. Eli Lilly and Company * Redesigned, consolidated and upgraded a large global directory (153 domain controllers across 90 global sites) that saved $1.5 M over 5 years * Implemented ITSM processes within ServiceNow in a large global company within 2 years, including standardizing Change Management, Incident Management, Request Management, Asset Management, Problem Management, Knowledge Management, IAM and GRC * Redesigned, consolidated and upgraded a large global directory (153 domain controllers across 90 global sites) that saved $1.5 M over 5 years * Saved more than $1 M annually and dramatically increased customer satisfaction by moving support operations from an offshore outsourced model to an "IdM as a Service" model * Completed the consolidation and replacement of disparate remote access technologies into one streamlined service (over 2 M logins a month) delivered on-time and within budget greatly improved customer experience as evidenced by Service Desk interactions decreasing 42% greatly simplified service support by decreasing support procedures by 69% * Implemented a large PKI infrastructure using a combination of vendor managed services and on-site operational support that was able to be launched on-time and within budget to date this service has successfully issued over 500k certificates for 80k users and only receives an average of 17 reported user incidents a month, with most of these resolved by the Service Desk. * Conceived and drove an initiative to improve service level mgmt, incident mgmt and event mgmt processes including tuning across global directories incident service levels increased from 70% to 98% alerts dropped from 3K + daily to 5-10 daily and are now able to be actioned. * Implemented IT Federation services from conception to service launch in 3 months to date has enabled company to collaborate and leverage outsourced services with several thousand vendors and partners worldwide By using strong leadership skills and diligently leveraging ITIL best practices: AES * Gained approval for a Cybersecurity skills "uplift" project with a budget of $50,000. This allowed the CyberOps team to get credentialed with CISSP, CISM, CCIP, GIAC, GCTI, CTIA, GEH etc, increasing their expertise and adding much needed value to the AES' Cybersecurity force. * Defined Global Cybersecurity services across a large organization, helping management and customers to understand what Cybersecurity services we offered as well and the value CyberOps brings to AES. * Defined KPI's, SLA's and other CyberOps service metrics to allow measuring of service performance and resource tracking. This helped justify current and new headcount to run these services. * Drove the initiative to outsource Global SOC functions (incidents/changes/requests) in order to better leverage their extensive knowledge as a globally known expert (Symantec), thereby allowing us to redeploy the existing AES resources to work on more strategic initiatives. This resulted in a much happier AES workforce and a dramatic increase in our SOC metric reporting and oversight. * Led effort to globalize, consolidate and replace outdated software and hardware/devices for newer and easier supported web-filtering, 3rd party vendor management, risk management program and VPN/perimeter devices to bring us into a consistent and regulated supported state. * Created a customer facing SharePoint site that allows our internal Cybersecurity customers to get educated and access our services with little more than quick clicks for ease of use. IU Health * Gained approval for funding of IAM auditing and reporting software for all IAM and DB's across a large organization, negotiating cost from $10.6 M (perpetual licenses) to $1.6 (perpetual licenses). * Documented and streamlined over 35 existing IAM processes, procedures and policies, greatly improving service execution both in time to execute as well as consistency of execution that had not been documented and therefore were NOT being consistently executed. This allowed SLA's to be properly defined and delivered to meet and exceed those expectations. * Defined IAM services across a large organization, helping management to understand what IAM services we owned and customers understanding of service delivery expectations and how to navigate our services * Defined KPI's and other IAM service metrics to allow measuring of service performance and resource tracking. This helped justify current and new headcount to run these services. * Led effort to review/consolidate/revise over 300 IAM related KA's that were not being used to just < 50, allowing customers and most importantly the SvD to efficiently resolve incidents and route incidents/changes/requests quickly and with the needed information e.g.: use available KA's. * Led effort to replace existing IdM solution (customized sw) to "out-of-the-box" IdM solution (unsupportable) for a large organization, resolving multiple issues with the old solution. Eli Lilly and Company * Redesigned, consolidated and upgraded a large global directory (153 domain controllers across 90 global sites) that saved $1.5 M over 5 years * Implemented ITSM processes within ServiceNow in a large global company within 2 years, including standardizing Change Management, Incident Management, Request Management, Asset Management, Problem Management, Knowledge Management, IAM and GRC * Redesigned, consolidated and upgraded a large global directory (153 domain controllers across 90 global sites) that saved $1.5 M over 5 years * Saved more than $1 M annually and dramatically increased customer satisfaction by moving support operations from an offshore outsourced model to an "IdM as a Service" model * Completed the consolidation and replacement of disparate remote access technologies into one streamlined service (over 2 M logins a month) delivered on-time and within budget greatly improved customer experience as evidenced by Service Desk interactions decreasing 42% greatly simplified service support by decreasing support procedures by 69% * Implemented a large PKI infrastructure using a combination of vendor managed services and on-site operational support that was able to be launched on-time and within budget to date this service has successfully issued over 500k certificates for 80k users and only receives an average of 17 reported user incidents a month, with most of these resolved by the Service Desk. * Conceived and drove an initiative to improve service level mgmt, incident mgmt and event mgmt processes including tuning across global directories incident service levels increased from 70% to 98% alerts dropped from 3K + daily to 5-10 daily and are now able to be actioned. * Implemented IT Federation services from conception to service launch in 3 months to date has enabled company to collaborate and leverage outsourced services with several thousand vendors and partners worldwide
Description
