Adrian Grassi

Adrian Grassi

Summary

Technical Summary: Windows 2000 (PRO/SERVER/ADV SERVER), Windows XP, Windows 9x, Windows NT 3x & 4.0, Windows Server 2008, Windows 7, Windows 8/8.1, Metaframe, Windows 2000 and 2003 servers, HP-UX, AIX, Solaris, many Linux distro's, IPX, TCP/IP, LAN/WAN, NetWare, DNS, Banyan, Java scripting, Web Design, Tcl, MS Products, Netscape Enterprise Server, Iplanet Directory Services, IIS, Perl, IBM Websphere, Weblogic, Ace Server (Securid), Keon Security Server, Keon Certificate Server, Exchange Server, SQA Test Tools, Visual Studio, Oracle, MSSQL 6x and 7x, RDBMS, Radius, Remedy, Vontu, Tacacs, Cisco Routers, Shiva LAN Rover, Firewall 1 and 3Com Access Manager, SiteMinder 4.x, 5.x and 6.x, SiteMinder Web Agents, basically all Siteminder versions since 3.1, IdentityMinder, TransactionMinder, SAML Agents, Encryption Off Load devices, LDAPC, Netscaler SSL VPN development, Security Procedures and Concepts, IPSEC Filtering, Edge Proxy Server, Citrix Presentation Server, Netscaler, XML, C++, Perl, Splunk, Ping Federate, Siteminder R6 and R12.51, Splunk 4.x, Splunk 5.x and Splunk 6, Siteminder migrations, devices and various security analysis tools.

I have been working with computer security for well over fifteen years now, I have worked with many security technologies, but concentrated most of my time implementing, designing, upgrading, fine-tuning, administrating and supporting Siteminder and related technologies such as different LDAP's and Web server systems.

Work History

Work History
Aug 2012 - Present

Vice President - IAM SSO Engineer

Bank of America

Responsibilities include:

  • Design Splunk Dashboards to monitor production environment.
  • Perform proactive reviews of Siteminder and Ping Federate logs in order to catch problems before they snowball out of control
  • Look for anomalies, including new errors and warning messages, volume variations and system resource utilization.
  • Support and maintain Siteminder R6 environment and R12 environment.
  • Assist in Siteminder migrations as needed.
  • Track and monitor each issue and coordinate with different team to resolve them.
  • Determine cause and impact of problems and errors.
  • Propose and document required corrective action.
  • Assist Operations and Integration teams in troubleshooting Siteminder and Ping Federate issues.
  • Perform Disaster Recovery tests across a global infrastructure.
  • Splunk system integration, design and administration.
  • Maintain and manage the bank's IAM/GIS (Global Information Security) Splunk environment, including performing fine tuning of services.
  • Provide cross platform integration between SSO, Splunk, Sitescope and Bluestripe.
  • Maintain and configure Splunk Deployment, Indexes and assorted forwarders in the environment.
  • Provide Splunk training as needed to other groups and organizations.
Nov 2007 - 2012

Senior Security Engineer

http://www.newyorklife.com

Responsibilities included supporting Isolated, Integrated, Model and Production Siteminder Policy Server clusters and Siteminder Web Agents for all environments as well as Vontu policy management and testing.

I was also responsible for new applications security design, deployment, support and documentation. Helped build and improve in house custom Siteminder policy database as well as Policy redesign across all environments to improve performance and consistency in the environments, which included setting standard naming conventions and improve rules/realms and policies performance and flow.

Nov 2004 - Nov 2007

Senior Global Security Consultant

NetScaler Inc. (now Citrix)

Spearheaded the development and integration of Netscalers SSL VPN product with various third party AAA systems such as Siteminder, Oblix, RSA Secure ID, ClearTrust, and other custom enterprise security systems. Responsibilities included developing robust, extensible and well integrated AAA & SSO modules in C on NetScaler (FreeBSD UNIX based development platform) for the leading third party (e.g. Siteminder, Oblix, etc.) and custom enterprise security AAA-SSO systems. Developed, deployed, tested and supported a test lab for internal developers and high profile customers to demonstrate integrations involving Netscaler SSL VPN various security standards including Siteminder.

Nov 2004 - Nov 2007

Global Information Security Consultant

Citrix Systems

Spearheaded the development and integration of Netscaler SSL VPN product with various third party AAA systems such as Siteminder, Oblix, RSA Secure ID, ClearTrust, and other custom enterprise security systems. Responsibilities included developing robust, extensible and well integrated AAA & SSO modules in C on NetScaler (a FreeBSD UNIX based development platform) for the leading third party (e.g. Siteminder, Oblix, etc.) and custom enterprise security AAA-SSO systems. Developed, deployed, tested and supported a test lab for internal developers and high profile customers to demonstrate integrations involving Netscaler SSL VPN various security standards including Siteminder.

Apr 2004 - Nov 2004

Senior Security Engineer

Healthnet (via EDS)

Designed and implemented security solutions for HealthNet Beneficiaries, Providers and Government portals, working around several major issues related to Microsoft Content Management server integration with SiteMinder. Designed Active Directory structure to support new federal services portal for 2.5 million users. Moved existing internal applications to the internet while providing a safe and HIPPA compliant environment.

Apr 2004 - Nov 2004

Security Consultant

EDS

Designed and implemented security solutions for HealthNet Beneficiaries, Providers and Government portals, working around several major issues related to Microsoft Content Management server integration with siteminder. Designed Active Directory structure to support new federal services portal for 2.5 million users. Moved existing internal applications to the internet while providing a safe and HIPPA compliant environment.

Worked at HealthNet for EDS. 
Feb 2004 - Apr 2004

Siteminder SAML Affiliate Agent (Consultant)

Towers Perrin

A short project to designed SAML Affiliate Services on existing Siteminder infrastructure for a major HR shared services ASP provider, involving multiple clients and third party partners.

Aug 2003 - Feb 2004

Senior Information Security Siteminder Consultant

Blue Cross Blue Shield of Florida (via Venturi Agency Group)

Worked as a Siteminder Consultant as part of the Computer Security Administration and PMI integration team, responsibilities include designing, implementing, configuring, maintaining and troubleshooting members self registration processes and websites integrated with Websphere and as well as securing in house application and 3rd party applications. Upgrade from Siteminder 4.71 to Siteminder 5.5, implemented IdentityMinder 5.6 to replace older DMS (Delegated Management System) also redesigned clients LDAP infrastructure. Managed and implemented multiple security projects at the same time using custom authentication schemes include RSA Securid scheme as well SAML Agents and standard agents.

Aug 2002 - Aug 2003

Senior Siteminder Consultant

Bristol Myers Squibb

Worked as a Siteminder Consultant providing support for existent Siteminder implementation as well new implementation designs. Responsibilities included maintaining current Development, QA, Integration Test and Production environment for Consumer Med., Corporate Staff and Bristol Myers Squibb US Medicines (Merci), responsible for just over 600 web agents and 12 SiteMinder policy servers across enterprise environments.

Nov 2001 - Jul 2002

Network and Distributed Systems Engineer

http://www.aetna.com

Functions include Solaris/Netscape Web, IBM Websphere, MS IIS/MTS Configuration, and Testing/Certification of products, customer support, and upgrades. Support of Netegrity Siteminder, Active Directory Server, Microsoft Site Server, Perl, ASP, VPN and FTP services. General development consulting and assistance in the testing and certification of new Internet/Intranet web based applications - Design and implementation of performance monitoring scripts, and performance/Stress testing of products and applications. Level III Engineering and coverage support. Ensure web servers are secured from hacking attempts. Partner with IT security on PKI implementation and intrusion detection. Participate in architectural & direction setting activities related to web server application development. List project special deliverables. General building, fine-tuning, and support of the Internet/Intranet Web environment. Support of e.Infrastructure Release and Application migration process. Other projects include migration of external users to Active Directory LDAP; support Infosys, EZLink, Websphere, new applications, etc.

Jul 2000 - Nov 2001

Senior 2nd Level Siteminder Support

Netegrity

Worked as a Senior Client Services Engineer providing advanced technical support for Netegrity's Internet security product SiteMinder on various platforms including Solaris, Windows 2000 and AIX, to its customers, partners, professional services and resellers. Also job responsibilities include troubleshooting IIS, NES (Iplanet) and Apache web servers as well as various directory services including Iplanet Directory Service, NDS 8.x (Novell Directory) and Active Directory, develop custom scripts and web pages to customers integrating SiteMinder and certificate integration as well as fine tuning their web farms and working closely with engineering department, QA department and product manager in order to release Service Packs or Patches to newfound bugs. Customer site design, implementation and deployment of rules, policies and realms, in various environments, deployments ranged from a 25-user base to millions of users, in various Fortune 500 companies, also responsible for any issue that may arrive after the system went into production.

2000 - 2001

Senior 3rd Level Support Engineer

Netegrity

Worked as a Senior Client Services Engineer providing advanced technical support for Netegrity's Internet security product SiteMinder on various platforms including Solaris, Windows 2000 and AIX, to its customers, partners, professional services and resellers. Also job responsibilities include troubleshooting IIS, NES (Iplanet) and Apache web servers as well as various directory services including Iplanet Directory Service, NDS 8.x (Novell Directory) and Active Directory, develop custom scripts and web pages to customers integrating SiteMinder and certificate integration as well as fine tuning their web farms and working closely with engineering department, QA department and product manager in order to release Service Packs or Patches to newfound bugs. Customer site design, implementation and deployment of rules, policies and realms, in various environments, deployments ranged from a 25-user base to millions of users, in various Fortune 500 companies, also responsible for any issue that may arrive after the system went into production.

Jan 2000 - Jul 2000

Senior Security Analyst (Consultant)

Guardent Inc.

Worked as a security consultant providing penetration testing, network assessments and analysis, managed firewall services development, research and implementation. Used various security tools, mostly in Windows and Linux. Hands-on experience with network assessment tools and third party security system.

Feb 1999 - Jan 2000

Senior 3rd Level Support Engineer

RSA

Responsible for providing technical support to customers, system administrators, security Administrators, field personnel, and VARs that are experiencing complex computer system issues which include network security products. Provide telephone support to a technical audience in a Client/Server environment. Hands-on experience with different network protocols, system administration of UNIX (Solaris, AIX, HP-UX), Windows NT operating systems and TCP/IP. Working knowledge of API's, Metaframe, and Netware, TCL, Ace Server (Securid), TCP/IP and other network protocols. Experience working and trouble-shooting Keon Security Server, Keon Certificate Server, and Cisco Routers, Check Point FW-1, Shiva LAN Rover and implementation of third party authentication protocols into those systems. Helped train new employees, recreate customer issues. Experience with RADIUS and TACACS and 3rd party vendor products such as Cisco, 3Com Check Point, Nortel and Shiva. Provided QA department with Y2K compliance test for Ace Server on Solaris, HP-UX and AIX platforms. Work with Advanced Technical Support and engineering teams on customer escalation issues.

Feb 1998 - Feb 1999

IS Support Engineer

EMC2 Corporation

Responsible for end-user support for computer software and hardware problems related. Duties included: Second Level phone support, Banyan network administration, Microsoft products support, Windows NT support, administration, hardware and software trouble-shooting.

Education

Education
Sep 1993 - Jun 1994

CS

http://www.massbay.edu

Took computer science classes as MassBay mainly to become fluent in the English language.

1989 - 1992

Computer Science

Sao Paulo University

Skills

Skills

Splunk

Implemented, upgraded and supported Splunk versions 4.x, 5.x and 6.x in a global environment. Performed fine-tuning of services and processes as well as design scripts to facilitate Splunk forwarder deployments across the enterprise. Participated in Admin groups, User groups and Development Splunk group. Responsible for decision making and improvement of the Splunk infrastructure. Migrated Splunk from a virtual environment to a dedicated environment and vice-versa.

Webservers IIS/Iplanet/Apache

LDAP

IdentityMinder

Linux

Windows

Siteminder

I have worked with Siteminder since version 3.11, that's when I started working for Netegrity providing them with 2nd Level support and professional services assistance. Ever since I have been only doing consulting jobs involving Siteminder. Usually I am involved in upgrade projects, new implementation projects as well as current infrastructure support projects.