Peningo Systems, Inc.
Candidate: PEN003

Rate: email us at
info@peningo.com for rate information



Contact info:  For information on this candidate please email us at  
info@peningo.com                           

                                




Senior Security Architect / Manager

IT Security professional with a proven history of implementation planning, solution design and project
management focused on security solutions delivered on time and on budget in financial, healthcare, insurance
and media firms.

•        Led multiple projects to success at Fortune 50 companies with hard regulatory deadlines
•        Uses a hands-on approach to product implementations – knows the technology, knows the limitations,
anticipates and mitigates issues before they become show-stoppers
•        Creatively adapts solution designs and project teams to fit ever changing business needs

Core Competencies
•        Regulatory Compliance Solutions (SOX, FFIEC)
•        Identity Management – Provisioning and Workflow processes
•        Access Management – Authentication and Entitlements
•        Encryption Key Management -  PKI and symmetric key lifecycle management

•        Data Security and Privacy – Database access
•        Security Solution Cost Benefits Analysis
•        Onsite and offshore solution design and management
•        RFP Response and SOW Authoring
•        Project estimation and resource guidance



Product list
•        Aveksa Compliance Manager (ACM)
•        nCipher KeyAuthority
•        Oracle Access Manager (Oblix CoreID)
•        TriCipher Armored Credential System (TACS)
•        Sun Identity Manager (Sun IdM, SIM, WaveSet Lighthouse)
•        PassLogix v-GO SSO
•        CA e-Trust SSO (SiteMinder)

•        IBM Tivoli
o        Access Manager (ITAM)
o        Identity Manager (ITIM)
o        Federation Manager (TFIM)
•        EMC / RSA
o        SecurID
o        Adaptive Authentication (Cyota / PassMark)

2004 – 2008
Senior Architect / Manager

SENA Systems is an Identity and Access Management (I&AM) focused consulting organization providing a
full spectrum of services to enable customers to plan, assess, select, implement and integrate complete I&AM
projects.

Responsibilities
•        Sold and lead projects from initial contact to successful implementation
•        Managed all project resourcing and task assignment
•        Gathered, documented and analyzed business requirements
•        Architected complete solutions to meet client business requirements by integrating vendor products
with existing client infrastructure and applications
•        Designed new business support and operational processes and process migration strategies to support the
new solutions
•        Reported progress to end-client Program Management
•        Negotiated and managed partner relationships with multiple vendors
•        Trained and managed resources for Authentication and Compliance Practices
•        Recruited new engineering and architecture talent

Key Contributions
•        Founded and built Authentication practice in response to FFIEC regulations – first year revenue over
700K
•        Took over and grew Compliance practice from a single resource to five with over 500K in revenue in the
first six months of 2008 – projected 2008 revenue of 1.2M
•        Deployed and implemented the first commercial IBM / nCipher KeyAuthority integration to provide
secure encryption key service for encrypted backup tapes

Top Clients and Implementations

•        A major Bank
o        nCipher KeyAuthority – IT-RISK
o        MyID Project – IT-RISK
o        RSA SecurID Signing Project – T&SS
•        A Major Bank
o        TriCipher Armored Credential System / SiteMinder Integration

•        A Major Bank
o        EPR - Aveksa Compliance Manager – GWM
o        EPR - Sun Identity Manager – GWM
•        A Major Bank
o        Sun Identity Manager
o        Strong Authentication Project


2002 – 2004
Practice Manager – Identity Management

For an internationally recognized consulting firm that enables large corporations to leverage the advantages of
Enterprise Connectivity to their fullest.  It is divided into four major practices one of which is Security
Services covering Identity and Access Management as well as traditional network security.

Key Contributions

•        Built the US Security Services practice from scratch to 12 resources and $US 1.2M in 2003.
•        Developed Enterprise Identity Management Methodology including a pre-packaged “Quick Start”
model for mid sized firms that doubled sales volume
•        Aligned and major Identity Management vendors to provide total business solutions for mid-sized
companies including hardware, software, deployment, integration, operations and support from a single
vendor –
•        Directly managed partnerships with IBM and Sun

Top Clients and Implementations
•        HBO – Enterprise Identity Management – Roadmap, Strategy and Architecture
•        JPMorgan Chase – Enterprise Reduced Sign-on – Requirements gathering and product selection
•        CNA Insurance – Tivoli Access Manager deployment and SSO Architecture and Strategy
•        Key Bank – Tivoli Access Manager project audit and re-architecture
•        Cendant Hospitality – Requirement Gathering and Architecture for SSO and Provisioning

2001 – 2002
Senior Tivoli Security Architect

BMW NA functions as both the US based direct sales channel as well as a franchisee manager for BMW AG,
one of the worlds leading luxury automobile manufacturers.  As a sales organization, they face significant
challenges managing both their end customers and their business partners nationwide.  They selected IBM
Tivoli Access Manager to secure their Intranet Portal which was home to all of their web based applications
and managed provisioning to these systems using Sun Identity Manager.

Key Contributions

•        Migrated existing POC of Tivoli Access Manager to live production
•        Upgraded production system from 3.6 to 3.8 to migrate off of DCE infrastructure
•        Re-designed corporate LDAP schema and DIT to allow for easier application integration
•        Developed business case for user management for franchisee dealerships and proposed that a user
provisioning system be implemented
•        Documented actual hard cost-benefit analysis to justify project
•        Led product evaluations effort ultimately recommending Sun Identity Manager  

2000 – 2001
Secure e-Business Specialist

Deloitte is the brand under which 165,000 dedicated professionals in independent firms throughout the world
collaborate to provide audit, consulting, financial advisory, risk management, and tax services to selected
clients.  The Risk Management practice offers remediation and compliance services through the Identity,
Authentication and Authorization Management (IAAM) division based out of Detroit, Chicago and New York.

Key Contributions

•        Designed, developed and tested integration between TAM and SiteMinder prior to federation standards
•        Developed and published the official Deloitte TAM 3.7 deployment manual
•        Developed integration and deployment plan for Tivoli Access Manager and Tivoli PKI infrastructure

1999 – 2000
Technical Architect

CSC is a leading global consulting, systems integration and outsourcing company. Its mission is to provide
customers in industry and government with solutions crafted to meet their strategic goals and enable them to
profit from the advanced use of technology.

Key Contributions

o        Gathered requirements and designed a new officer compensation application
o        Designed custom security solution using Oracle 8i as access control repository
o        Led development team to production
o        Deployed application to 6600 bank officers with 11000 direct reports
o        Implemented a 140-station call center in six weeks
o        Planned Backup and Disaster Recovery strategy
o        Negotiated and purchased equipment from local vendors
o        Physically installed and configured network hardware
o        Coordinated desktop and network testing with the phone company and service providers

1996 – 1999
Vice President and CTO

APEX.COM was founded to provide dial-up access for home users and wireless point to point access for
business consumers in rural areas not served by traditional providers in southeast Kansas.

Key Contributions
•        Partnered with city and regional governmental bodies to host equipment and provided 24 / 7 support
•        Implemented central monitoring system to notify a technician and switch to backup systems
transparently
•        Used wireless local loops to increase customer satisfaction by providing a single point of contact for
network troubleshooting

1993 – 1996
Application Support Technician

The Library is tasked with providing computer labs and cataloging / search systems for faculty, students and
staff of Pittsburg State University.  All of these system are integrated with the library’s central catalog system
(Dynix) running on an IBM RS6000.

Key Contributions
•        Designed and developed a service to provide access to library DOS / Novell Netware searching services
via telnet using a Linux hosted Netware session running on a DOS emulator – this service was designed to
provide access to Macintosh clients that were unable to connect directly to the Novell network

Education

Bachelor of Science
Back to Peningo Sample Resumes