Peningo Systems, Inc.
Resume of Candidate: PEN165
Rate: email us at info@peningo.com for rate information or call 914-921-3102
Oracle Security Consultant
Summary:
Seasoned Identity and Access Management (IdM/IDAM), Cyber Security and GRC “hands-on” technical lead with over 13 years of IdM-focused and 19
years of IT Security related experience on over 25 enterprise-classes, large-scale IdM deployments. Clients included Global Organizations, Federal and
State & Local Gov’t and US DoD:
• Co-chairing Oracle Identity Management (IdM/IDAM) Partner Advisory Council,
• Actively involved with Identity and Access Management since industry’s inception,
• Well-versed in industry’s leading Identity Management methodologies and best practices from Oracle, Burton Group/Gartner, IBM and other
authorities in the field,
• Extensive experience meeting challenges and complexity, bringing clarity and success in resolving complex business problems,
• Significant IdM/IDAM project leadership experience, combining architectural and technical “hands-on” expertise with solid management,
communication and interpersonal skills and IdM/IDAM thought-leadership,
• Excellence in IdM/IDAM consulting solution leadership, strategy, vision, architectural direction, project management, solution architecture and
client/stakeholder relationship management,
• Understanding of Federal Guidelines (HSPD-12, PIVi, 800-63, OMB11-11, FICAM, NSTIC, NIST),
• Experience with identity management or credentialing programs (FIPS 201, HSPD-12, PIV, TWIC, Registered Traveler, REAL ID, US-VISIT, CAC, etc.)
• Knowledge of the existing Federal/Commercial/Cloud/Mobile Trust Frameworks, Standards and Guidelines (Trust Framework Adoption Process,
Scheme Adoption Process, SCIM, Kantara, OIX, PCI DSS, ISO, COBIT, etc.)
• Sarbanes-Oxley Act (SOX), the Health Insurance Portability and Affordability Act (HIPAA), Homeland Security Presidential Directive-12 (HSPD-12) and
the Gramm-Leach-Bliley Act (GLB),
• Active TS security clearance.
TECHNICAL SKILLS
• Specializing in the Oracle/Sun/Weblogic technologies focused on the 11g (most recently 11gR2) IdM/IDAM platform:
o Oracle Identity Manager (OIM, formerly Thor Xellerate),
o Oracle Access Manager (OAM, formerly Oblix COREid),
o Oracle Virtual Directory (OVD, formerly OctetString), also similar experience with Radiant Logic Virtual Directory and Synchronization and
Correlation Server,
o Oracle Enterprise Single Sign-On Plus (ESSO, also OEM’ed as Passlogix/IBM/Sun/BMC ESSO Product Suites)
o Oracle Unified Directory (OUD, Oracle Internet Directory (OID) LDAP, as well as other major LDAP directory servers (Sun, IBM, OpenLDAP, Novell)
including Microsoft AD,
o Oracle Identity Federation (OIF, formerly Oblix SHAREid),
o Experience included both the 10g and 11g releases Oracle Fusion Middleware Products,
o Oracle Identity Analytics (OIA, Sun SRM, Vaau RBACx) and Oracle Role Manager (ORM, Bridgestream SmartRoles),
o Oracle Adaptive Access Manager (OAAM, Bharosa),
o Oracle Entitlement Server (OES, Formerly BEA AquaLogic Enterprise Security),
o Oracle Web Services Manager (OWSM, formerly Oblix COREsv),
o Experienced in Oracle Unified Method (OUM), SCRUM and classical implementation approaches,
o Various customizations and extensions of Oracle IdM products and integrations with other vendor products and suites using SOA/BPEL, ADF/JEE,
XML, C++ and others,
o Cloud, Big Data, Web Services, SOA, XACML and XML Integration and Security,
o Defense-in-Depth, Maximum Availability Architecture (MAA), Oracle Fusion Middleware and Applications
EXPERIENCE
November 2006 — Present
Oracle Identity Management, GRC and Cyber Security
• Serves as Chief Identity Management and Cyber Security Architect -- define technical approach and architecture for Identity Management (IdM),
GRC (Governance, Risk and Compliance) and Application Security solutions for Mythics’ most complex and critical client IdM/IDAM implementations,
• Provides Oracle/Sun Identity and Access Management thought-leadership,
• Leverages contacts to Oracle IdM Product Team to resolve IdM/IDAM product issues on client engagements,
• Develops IdM/IDAM solution roadmaps, vision/strategies, designs, architectures, etc.
• Excels in hands-on/technical, architectural and team-lead project roles,
• Recent Clients included: US DHS/CBP, US HHS/CMS, US Army LOGSA, MD SDOE, US GPO/FDsys, US DOE/Fermilab, US DOI/BIA, US Air Force, MD Public
Schools (MCPS), US Army Natick, LCRA, USMC, MD JIS, AON Financial, US Army ACSAP, GA Department of Revenue, Superior Court of California, US
Department of Labor (DOL), WPP/J Walter Thompson (JWT), Lexmark, Cendant, CBOT, Allstate, BlueCross BlueShield, Daimler-Chrysler, Tellabs, Cisco,
several .com’s and others.
• US HHS/CMS EIDM Project — Assisted in implementation strategy, requirements engineering, design, architecture and the first release of the
deployment of one of the largest IDAM/IdM deployments to date (expected to eventually scale to over 100+ million end-users) and build on the brand-
new at the time Oracle Identity Management 11gR2. Technology used OIM, OAM, OVD, OUD, Oracle DB, ADF/JEE, SOA, BPEL, etc.
• US Army LOGSA — Led modernization effort to transition legacy Identity Management System to a best-of-breed COTS/GOTS solution based on
Oracle IdM 11gR1. Technologies used OAM, OVD, OID, OIM, SOA, BPEL, ADF/JEE, Webcenter, etc.
• US GPO — Led the implementation and later the upgrade of GPO/FDsys Identity and Access Management System (IAMS.) Continued
maintenance/operations support until present. (OIM, OAM, OVD, OID, etc.)
• (More engagement summaries available upon request.)
Oracle Corporation Redwood Shores, CA January 2006 — November 2006
Technical Consulting Manager
Served as the Manager for the US Central Region of Oracle Consulting Identity and Access Management Practice:
• Collaborated on business development efforts as an Identity Management SME for large client opportunities
• Actively participated in the leadership of the Oracle Consulting Protected Enterprise (IdM) practice
• Lead Oracle Consulting team from presale through project implementation execution phases on the current largest OAM+OID+DIP implementation
engagement
• Roles on the project included presale SME for the Oracle IdM stack, Oracle enterprise architect, project manager, technical lead, team mentor,
client executive point of contact, etc.
• Drove expansion of the project into 2 additional collocations/companies within the client holding company
• Expended scope of the project for next phases to include Oracle RAC, Grid, OIM, OVD and integrations of other pending Oracle suite
implementations.
• IdM products last implemented: Oracle Access Manager (OAM, formerly Oblix NetPoint COREid Identity and Access), OID LDAP, Oracle DIP, IdM
integration with AD and Lotus Domino (via IBM Tivoli Directory Integrator - ITIDI)
IdM Consulting Corp Chicago, IL August 2003 — January 2006
Identity Management Architect/Technical Lead
Subcontracting projects from industry-leading vendors and system integrators in the field of Identity and Access Management (I&AM/IAM), LDAP, virtual,
meta and AD directories, Provisioning, Federated Identity, Single/Simplified Sign-On (SSO) projects. Projects with IdM Consulting Corporation:
• Lexmark/IBM Global Services -- Team Lead / Architect for the Enterprise Identity Management program.
o Program includes projects related to global deployments of
- Meta/Virtual Directory,
- Provisioning/Password,
- Profile Management/Synchronization,
- Oblix COREid (now OAM) Identity Management and Access Control,
- SSO (Single/Simplified Sign-On),
- SUN JES Java LDAP DS (4.16 and 5.2),
- Perl scripting in a UNIX (Solaris) environment.
- ADSI (C# and VB) scripting for Windows/AD
o Project Management/team leading of vendor, on-site, outsourced and offshore (India) resources
• Cendant/British Telecom Consulting (NET2S) -- Project: Oblix (Identity Management and Access Control) and LDAP (Microsoft AD/AM) Implementation
in a Windows 2003 environment.
o Leading a team of Net2S consultants in the custom implementation of
Oblix's NetPoint COREid (Identity and Access Systems) with
MS ActiveDirectory Application Mode (AD/AM) LDAP server
o Also leveraging XML, XSL/XSLT, SOAP, IdentityXML, SAML, WSDL and Portal Inserts, .Net and Java/J2EE.
• Chicago Board of Trade (CBOT) - Fujitsu Consulting - Oblix/Oracle OAM/COREid SME (contractor)
o OAM/COREid support, bug fixing, upgrades, development and customization
o Requirements gathering, project leading and architecture design
o XML, XSL/XSLT, JavaScript for the OAM/COREid presentation layer
• BlueCross BlueShield - SUN Microsystems / Fujitsu Consulting -- JES/SunONE/iPlanet LDAP Directory Server Integration
o Developed a Java/J2EE JNDI application that pulls the data from 207 members and partners of the BlueCross BlueShield Association throughout
the country, cleanses/normalizes the data, applies complex business logic and populates the data into a single National LDAP directory service.
o Architected the LDAP (Namespace, Schema and DIT) design, configuration, migration, deployment, management and security.
• Allstate Financial -- Architect/Lead Developer for several Multi-state Policy Risk Management System
o Translated business requirements, architected, built, integrated, tested and maintained a new policy-administration system for Allstate's IA Markets
Division, which was built on Oracle databases and Tenfold's 4GL RAD META data framework.
o Lead teams (average 3-4 members per project) of on-site developers and interfaced with teams from a major offshore company in India.
o Provided level-3 Support for call log defects/modifications requests.
PricewaterhouseCoopers New York City, NY July, 2002 – July, 2003
Identity Management Consultant
• Daimler-Chrysler -- Custom-Built User Management Solution for B2B/B2C Portal
o Developed in-depth knowledge of Oblix internals from participating in rewriting of Oblix front-end to handle the required complex business logic,
internalization and business-critical robustness.
o Leveraged and expanded identity management and directories expertise in LDAP (SunONE/iPlanet iDS), SOAP, Oblix (also involved with training and
pilot initiatives on Waveset Lighthouse), IdentityXML, Java, JSP, Servlets, JavaBeans, WebSphere AS, Jakarta Struts.
o Managed contacts between our team, key client leaders, vendors/partners and the partially telecommuting PwC project leadership; advancing
client and team management capabilities.
o Researched a new architecture for Release 2.0. Sold the idea to PwC project leadership and leading client sponsors. New framework would provide
benefits including:
o Savings of over six months of training, development time and expenses (est. $800,000+).
o Free training and support negotiated from clients Architecture Group.
o Opportunity for PwC to up-sell a new class of services that come free with the new framework.
o Advanced expertise and cross line-of-service selling capabilities by working with PwC professionals from Data Management, Security Controls,
Security Architecture and Strategy, HR/Recruiting, as well as, identity management and directories strategic partners from the Burton Group.
o Leveraged internationalization expertise for the French Canadian deployment.
• Daimler-Chrysler -- Authentication and Authorization Initiative for the Global Directory Service Framework
o Applied expertise and gained experience in one of the largest deployments globally of a strategic identity management component infrastructure
with DirXML, Novell eDirectory, Oblix, Netegrity.
o Developed over 40% of the final project deliverable
o Originated the idea and developed 75% of an alternative deliverable that up-sells the basic authentication and authorization service to a light-
weight provisioning solution:
o Over 170% increase in revenues for PwC compared to the basic proposal.
o Provisioning solution would pay back to client completely within 12 months.
o Provisioning would provide superior ROI, security and data management solution.
o Previous PwC, Burton, vendor and client research leveraged to stay within initial budget.
o Utilized multicultural capabilities to interact with PwC and client professionals internationally.
o Administered and lead weekly status meetings with the leading client sponsor and his team.
o Leveraged networking and teambuilding opportunities with client, partners/vendors and within several PwC lines of service, which resulted in
multiple up-selling and cross-selling opportunities.
o Advanced identity management and directories expertise and established vendor contacts:
o LDAP/X.500 (Novell eDirectory, iPlanet iDS, and Siemens DirX)
o Novell DirXML, Nsure, NAM
o Oblix and Netegrity's advanced authentication and authorization services
o ACF2 and MQ Series
• Daimler-Chrysler - Enterprise Data Integration Project
o Conducted interviews with client and PwC professionals globally to develop comprehensive current state analysis for major client data-stores and
applications for all German and 30% of domestic locations.
o Shared the current state analysis data to benefit other client and PwC projects.
o Advanced expertise in LDAP/X.500, Password Synchronization/Provisioning technologies, Identity Management/Access Control (Oblix NetPoint and
Netegrity SiteMinder, Waveset Lighthouse).
o Interviewed candidates on several recruitment initiatives, which resulted in a hiring decision.
o Authored identity management methodologies and best practices for XML, Perl and Java and contributed project deliverables to benefit PwC's
practice development and knowledge management initiative.
• Daimler-Chrysler -- Security Integration Services and Security Consulting Training (Full-time: 3 months)
o Two-week client engagement simulation delivering an Oblix, Epicentric, iPlanet iDS solution.
o Vendor training in Oblix, iPlanet iDS, Perl, C++, Netegrity SiteMinder, Waveset Lighthouse.
o Security, Attack and Penetration, Networking, Windows 2000/NT, UNIX and related.
o Big 4, risk management, general consulting skill-set and team-building training.