Download PDF

Summary

Technical Summary: Windows 2000 (PRO/SERVER/ADV SERVER), Windows XP, Windows 9x, Windows NT 3x & 4.0, Windows Server 2008, Windows 7, Windows 8/8.1, Metaframe, Windows 2000 and 2003 servers, HP-UX, AIX, Solaris, many Linux distro's, IPX, TCP/IP, LAN/WAN, NetWare, DNS, Banyan, Java scripting, Web Design, Tcl, MS Products, Netscape Enterprise Server, Iplanet Directory Services, IIS, Perl, IBM Websphere, Weblogic, Ace Server (Securid), Keon Security Server, Keon Certificate Server, Exchange Server, SQA Test Tools, Visual Studio, Oracle, MSSQL 6x and 7x, RDBMS, Radius, Remedy, Vontu, Tacacs, Cisco Routers, Shiva LAN Rover, Firewall 1 and 3Com Access Manager, SiteMinder 4.x, 5.x and 6.x, SiteMinder Web Agents, basically all Siteminder versions since 3.1, IdentityMinder, TransactionMinder, SAML Agents, Encryption Off Load devices, LDAPC, Netscaler SSL VPN development, Security Procedures and Concepts, IPSEC Filtering, Edge Proxy Server, Citrix Presentation Server, Netscaler, XML, C++, Perl, Splunk, , Arcot, Imprivate, SecurID, Ping Federate, Siteminder R6, R12 and  R12.52, Splunk 4.x, 5.x,  6, Siteminder migrations and upgrades, devices and various security analysis tools.

I have been working with computer security for well over eighteen years now, I have worked with many security technologies, but concentrated most of my time implementing, designing, upgrading, fine-tuning, administrating and supporting Siteminder,and related technologies such as different LDAP's and Web servers and big data monitoring tools such as Splunk..

Work experience

Jun 2014Present

Identity and Access Management Manager (via Wipro)

State Street Corporation

Responsibilities includes:

  • Leading a team of 10 members in the Identity and Access Management (IDAM) line of business supporting a complex number of services and applications (Siteminder, SecurID, Arcot, Imprivata, PGP and Ping Federate)
  • Part of the L3 team providing guidance and support to L1 L2 teams members.
  • Responsible for creating custom scripts for Siteminder monitoring.
  • Migrated SIteminder R6 to R12 and R12.52 in all environments
  • Supported several domains within the bank such as (MySS, CORP and SSGA)
  • Performed Federally mandated (FEDIA) disaster recovery exercises for several years. 
  • Performed proactive reviews of Siteminder, LDAP. Ping Federate and other production system logs to proactively address issues such as (error messages, volume trends and resource utilization)
  • Reduced the number of major incidents due to Siteminder issues significantly, from several major incidents per week to less than 1 every quarter. 
  • Support and maintain Siteminder R6 and R12 environments across multiple domains and line of businesses.
  • Assist in policy migrations.
  • Coordinate with multiple lines of businesses and support groups to track and resolve each issue
  • Determined cause and impact of problems and errors and provided detailed reports to higher management and senior executives..
  • Serve as single point of contact to the L4 team.
  • Assist L4 team  in performing engineering tasks such as plan upgrades and make decisions regarding roadmap and future implementations.
  • Troubleshooted Siteminder, Ping Federate, Imprivata, SecurID, PGP and Arcot issues.
  • Performed Disaster Recovery tests across multiple domains and lines of businesses.
Jun 2013Jun 2014

Vice President - Access and Identity Management Team Leader

Bank of America

Responsibilities included:

  • Lead a team of 20 members in the IAM OPS space.
  • Designed alerts and Splunk Dashboard to support Dev, UAT and Production Security Systems
  • Performed proactive reviews of Siteminder, LDAP. Ping Federate and other production system logs to proactively address issues such as (error messages, volume trends and resource utilization)
  • Support and maintain Siteminder R6 environment and R12 environment.
  • Assisted in Siteminder policy migrations.
  • Created custom monitoring scripts for Splunk, Siteminder and Unix/Linux systems in all environments.
  • Coordinated with multiple lines of businesses to track and resolve each issue
  • Determined cause and impact of problems and errors and provided detailed reports to higher management and senior executives..
  • Proposed and documented required corrective actions.
  • Troubleshooted Siteminder, LDAP and Ping Federate issues.
  • Performed Disaster Recovery tests across a global infrastructure.
  • Splunk system integration, design and administration.
  • Maintained and managed the bank's IAM/GIS (Global Information Security) Splunk environment (dev, uat and Production) including performing fine tuning of services.
  • Provide cross platform integration between SSO, Splunk, Sitescope and Bluestripe.
  • Maintained and configured Splunk Deployment, Indexes and assorted forwarders in the environment.
  • Provided Splunk training and guidance as needed to other groups and organizations.
Aug 2012Jun 2013

Vice President - IAM SSO Engineer

Bank of America

Responsibilities included:

  • Design Splunk Dashboards to monitor production environment.
  • Perform proactive reviews of Siteminder and Ping Federate logs in order to catch problems before they snowball out of control
  • Look for anomalies, including new errors and warning messages, volume variations and system resource utilization.
  • Upgraded Siteminder from version 6.x to version R12.x
  • Support and maintain Siteminder R6 environment and R12 environment.
  • Assist in Siteminder migrations as needed.
  • Track and monitor each issue and coordinate with different team to resolve them.
  • Determine cause and impact of problems and errors.
  • Propose and document required corrective action.
  • Assist Operations and Integration teams in troubleshooting Siteminder and Ping Federate issues.
  • Performed Disaster Recovery tests across a global infrastructure.
  • Splunk system integration, design and administration.
  • Maintain and manage the bank's IAM/GIS (Global Information Security) Splunk environment, including performing fine tuning of services.
  • Provide cross platform integration between SSO, Splunk, Sitescope and Bluestripe.
  • Maintain and configure Splunk Deployment, Indexes and assorted forwarders in the environment.
  • Provide Splunk training as needed to other groups and organizations.
Nov 2007Aug 2012

Senior Security Engineer

New York Life Insurance

Responsibilities included supporting Isolated, Integrated, Model and Production Siteminder Policy Server clusters and Siteminder Web Agents for all environments as well as Vontu policy management and testing.

I was also responsible for new applications security design, deployment, support and documentation. Helped build and improve in house custom Siteminder policy database as well as Policy redesign across all environments to improve performance and consistency in the environments, which included setting standard naming conventions and improve rules/realms and policies performance and flow.

Nov 2004Nov 2007

Global Information Security Consultant

Citrix Systems

Spearheaded the development and integration of Netscaler SSL VPN product with various third party AAA systems such as Siteminder, Oblix, RSA Secure ID, ClearTrust, and other custom enterprise security systems. Responsibilities included developing robust, extensible and well integrated AAA & SSO modules in C on NetScaler (a FreeBSD UNIX based development platform) for the leading third party (e.g. Siteminder, Oblix, etc.) and custom enterprise security AAA-SSO systems. Developed, deployed, tested and supported a test lab for internal developers and high profile customers to demonstrate integrations involving Netscaler SSL VPN various security standards including Siteminder.

Nov 2004Nov 2007

Senior Global Security Consultant

NetScaler Inc. (now Citrix)

Spearheaded the development and integration of Netscalers SSL VPN product with various third party AAA systems such as Siteminder, Oblix, RSA Secure ID, ClearTrust, and other custom enterprise security systems. Responsibilities included developing robust, extensible and well integrated AAA & SSO modules in C on NetScaler (FreeBSD UNIX based development platform) for the leading third party (e.g. Siteminder, Oblix, etc.) and custom enterprise security AAA-SSO systems. Developed, deployed, tested and supported a test lab for internal developers and high profile customers to demonstrate integrations involving Netscaler SSL VPN various security standards including Siteminder.

Apr 2004Nov 2004

Senior Security Engineer

Healthnet (via EDS)

Worked as Siteminder Security Consultant designing and implementing security solutions for HealthNet Beneficiaries, Providers and Government portals, working around several major issues related to Microsoft Content Management server integration with Siteminder. Designed Active Directory structure to support new federal services portal for 2.5 million users. Moved existing internal applications to the internet while providing a safe and HIPPA compliant environment.

Worked at HealthNet for EDS. 

Feb 2004Apr 2004

Siteminder SAML Affiliate Agent (Consultant)

Towers Perrin

A short project to designed SAML Affiliate Services on existing Siteminder infrastructure for a major HR shared services ASP provider, involving multiple clients and third party partners.

Aug 2003Feb 2004

Senior Information Security Siteminder Consultant

Blue Cross Blue Shield of Florida (via Venturi Agency Group)

Worked as a Siteminder Consultant as part of the Computer Security Administration and PMI integration team, responsibilities include designing, implementing, configuring, maintaining and troubleshooting members self registration processes and websites integrated with Websphere and as well as securing in house application and 3rd party applications. Upgrade from Siteminder 4.71 to Siteminder 5.5, implemented IdentityMinder 5.6 to replace older DMS (Delegated Management System) also redesigned clients LDAP infrastructure. Managed and implemented multiple security projects at the same time using custom authentication schemes include RSA Securid scheme as well SAML Agents and standard agents.

Aug 2002Aug 2003

Senior Siteminder Consultant

Bristol Myers Squibb

Worked as a Siteminder Consultant providing support for existent Siteminder implementation as well new implementation designs. Responsibilities included maintaining current Development, QA, Integration Test and Production environment for Consumer Med., Corporate Staff and Bristol Myers Squibb US Medicines (Merci), responsible for just over 600 web agents and 12 SiteMinder policy servers across enterprise environments.

Nov 2001Jul 2002

Network and Distributed Systems Engineer

Aetna Inc.

Functions include Solaris/Netscape Web, IBM Websphere, MS IIS/MTS Configuration, and Testing/Certification of products, customer support, and upgrades. Support of Netegrity Siteminder, Active Directory Server, Microsoft Site Server, Perl, ASP, VPN and FTP services. General development consulting and assistance in the testing and certification of new Internet/Intranet web based applications - Design and implementation of performance monitoring scripts, and performance/Stress testing of products and applications. Level III Engineering and coverage support. Ensure web servers are secured from hacking attempts. Partner with IT security on PKI implementation and intrusion detection. Participate in architectural & direction setting activities related to web server application development. List project special deliverables. General building, fine-tuning, and support of the Internet/Intranet Web environment. Support of e.Infrastructure Release and Application migration process. Other projects include migration of external users to Active Directory LDAP; support Infosys, EZLink, Websphere, new applications, etc.

Nov 2000Nov 2001

Senior 3rd Level Support Engineer

Netegrity

Worked as a Senior Client Services Engineer providing advanced technical support for Netegrity's Internet security product SiteMinder on various platforms including Solaris, Windows 2000 and AIX, to its customers, partners, professional services and resellers. Also job responsibilities include troubleshooting IIS, NES (Iplanet) and Apache web servers as well as various directory services including Iplanet Directory Service, NDS 8.x (Novell Directory) and Active Directory, develop custom scripts and web pages to customers integrating SiteMinder and certificate integration as well as fine tuning their web farms and working closely with engineering department, QA department and product manager in order to release Service Packs or Patches to newfound bugs. Customer site design, implementation and deployment of rules, policies and realms, in various environments, deployments ranged from a 25-user base to millions of users, in various Fortune 500 companies, also responsible for any issue that may arrive after the system went into production.

Jul 2000Nov 2000

Senior 2nd Level Siteminder Support

Netegrity

Worked as a Senior Client Services Engineer providing advanced technical support for Netegrity's Internet security product SiteMinder on various platforms including Solaris, Windows 2000 and AIX, to its customers, partners, professional services and resellers. Also job responsibilities include troubleshooting IIS, NES (Iplanet) and Apache web servers as well as various directory services including Iplanet Directory Service, NDS 8.x (Novell Directory) and Active Directory, develop custom scripts and web pages to customers integrating SiteMinder and certificate integration as well as fine tuning their web farms and working closely with engineering department, QA department and product manager in order to release Service Packs or Patches to newfound bugs. Customer site design, implementation and deployment of rules, policies and realms, in various environments, deployments ranged from a 25-user base to millions of users, in various Fortune 500 companies, also responsible for any issue that may arrive after the system went into production.

Jan 2000Jul 2000

Senior Security Analyst (Consultant)

Guardent Inc.

Worked as a security consultant providing penetration testing, network assessments and analysis, managed firewall services development, research and implementation. Used various security tools, mostly in Windows and Linux. Hands-on experience with network assessment tools and third party security system.

Feb 1999Jan 2000

Senior 3rd Level Support Engineer

RSA

Responsible for providing technical support to customers, system administrators, security Administrators, field personnel, and VARs that are experiencing complex computer system issues which include network security products. Provide telephone support to a technical audience in a Client/Server environment. Hands-on experience with different network protocols, system administration of UNIX (Solaris, AIX, HP-UX), Windows NT operating systems and TCP/IP. Working knowledge of API's, Metaframe, and Netware, TCL, Ace Server (Securid), TCP/IP and other network protocols. Experience working and trouble-shooting Keon Security Server, Keon Certificate Server, and Cisco Routers, Check Point FW-1, Shiva LAN Rover and implementation of third party authentication protocols into those systems. Helped train new employees, recreate customer issues. Experience with RADIUS and TACACS and 3rd party vendor products such as Cisco, 3Com Check Point, Nortel and Shiva. Provided QA department with Y2K compliance test for Ace Server on Solaris, HP-UX and AIX platforms. Work with Advanced Technical Support and engineering teams on customer escalation issues.

Feb 1998Feb 1999

IS Support Engineer

EMC2 Corporation

Responsible for end-user support for computer software and hardware problems related. Duties included: Second Level phone support, Banyan network administration, Microsoft products support, Windows NT support, administration, hardware and software trouble-shooting.

Education

19891992

Computer Science

Sao Paulo University

References

Provided upon request

Skills

Siteminder
I have worked with Siteminder since version 3.11, that's when I started working for Netegrity providing them with 2nd Level support and professional services assistance. Ever since I have been only doing consulting jobs involving Siteminder. Usually I am involved in upgrade projects, new implementation projects as well as current infrastructure support projects.  
Splunk

Implemented, upgraded and supported Splunk versions 4.x, 5.x and 6.x in a global environment. Performed fine-tuning of services and processes as well as design scripts to facilitate Splunk forwarder deployments across the enterprise. Participated in Admin groups, User groups and Development Splunk group. Responsible for decision making and improvement of the Splunk infrastructure. Migrated Splunk from a virtual environment to a dedicated environment and vice-versa.

Webservers IIS/Iplanet/Apache
LDAP
IdentityMinder
Linux
Windows