| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
PHONE NUMBER AVAILABLEEMAIL AVAILABLECharlotte, North Carolina, Street Address
An Accomplished IT professional with over 12 years of experience in the IT industry with 6 solid years as a Database administrator Supported various mission critical production applications in Financial, Transport and Healthcare environment with expertise in performance tuning and troubleshooting of database issues and driving to solutions and setting up database backup strategies and the last 5 plus years focusing on Azure IAM (Active directory), Infrastructure/Operations/Governance, Data management/ Governance and IT General Controls, Project management, Consulting, and Engineering. Reliable and dedicated when working alone or as part of a team. Possesses technical aptitude and problem-solving skills, working knowledge of IT security and frameworks including Risk Management Framework (RMF), FISMA, NIST (800-37 & 800-53), GDPR, PCI-DSS, SSAE -18, ISO 27000, HIPPA, HITRUST. Advanced Microsoft Office Suite expertise and knowledge of security architecture, infrastructure, network and systems design, Windows, Linux, Databases (Relational and Non-Relational), Networking Infrastructure, and Web-based Applications. Basic knowledge of standard IT and security concepts such as SIG Questionnaire, firewall management, server management, SIEM, IDS/IPS, web agents, access control, and authentication.SKILLSUser Lifecycle ManagementRole Based Access Control (RBAC)Process Improvement and AutomationAzure Active Directory/Azure SSOWindows PowerShellActive Directory Audit ReportingActive Directory SOC ResponseUser supportService NowSAML configurationUser ProvisioningRisk MitigationData ManagementNIST -80053, PCISSAE 18 /SOC 1& 2Control testingRisk ManagementISO-27001, SOXInternal AuditRSA ArcherPolicy reviewSailPointPAM/PARRDBMS: PostgreSQL 9.5.x to 11.x, Oracle 11g, 12c, 19cPerformance Tuning & Capacity MonitoringStandby/Failover AdministrationHigh Availability Installation/AdministrationData Security, Backup & RecoveryExcel/VLOOKUPEXPERIENCESecurity Analyst-Azure Identity access ManagementCredit Suisse (Raleigh, North Carolina)June 2021- PresentConduct and clearly document practical risk assessments and make recommendations for new and/or changes to existing controls to mitigate identified risks.Manually reviewing huge amounts of raw data using excel spreadsheets and comparing and analyzing new and old data using VLOOKUPs.Facilitates relationship with external managed service provider to provide I&AM services to over 25,000 users.Ensures timely response for over 24,000 I&AM requests each year across the enterprise.Completed new Azure Active Directory single sign-on (SSO) configurations, troubleshoot Azure AD Sync connector, and managed Azure Federated SSO connections.Demonstrated overall responsibility overactive Directory to include user accounts, troubleshooting, modifications, permissions, OU structure, and sites and services.Support audit processes by providing evidence of control configurations and operational effectiveness to internal and external audit teams.Manage identity and access management support to business and technical teams in the design of standardized products and customized solutions.Information security, Governance, risk management and compliance (GRC) services providerAssist in reviewing responses to outbound Vendor Risk Assessments and tracking of identified deficiencies.Obtain and maintain a strong understanding of the Companys operations and strategy Validate control-related aspects of product risk assessments and confidential information management plans.Identify and address gaps with regulatory compliance (both those that are identified by auditors and those that are self-identified)Extensive knowledge of the assigned compliance area along with the associated operations, including the related rules and regulations of the financial services industry to include OCC, FRB, CFPB, State Law and other pertinent regulations along with GSE guidelines.A strong understanding of assurance related guidelines, standards and frameworks including but not limited to FIMA, ISO\IEC, COBIT, ITIL, NIST, SSAE 16 SOC1/2, PCIDSS and SOXInternal training on the Firms AML and KYC programs, policies, and procedureReview and prepare self-certification evidence for managers signoff.Environment: Service Now, Ms Teams, MICOS, Azure AD, Password Vault, GetCompliance, RSA Archer, MS ExcelSenior Compliance AnalystAspen Insurance Group (Remote)May 2021-May 2022Coordinate with Senior project manager and Technical Director on requirement gathering for PAM/PAR automation using SailPoint.Collaborate with the SailPoint team to design and implement features.Perform multiple IP sessions to ensure a Propper configuration of SailPoint tool.Documented and automated the PAM/PAR process using SailPoint.Performed quarterly Privileged access recertification and documenting evidence.Manually consolidated and analyzed Database and sever role system generated report for PAR.Supported Patch Management activities including the notification which impacted stakeholders and the affected team on both the patch release as well as capture and report on any resulting remediation.Participate in firm wide and other department projects / initiatives as a GRC representative / subject matter expert to provide GRC guidance and interpretation of rules, regulations, risks, and best practices.Create and implement policies, procedures, training and communication of the new policies and procedures to support these projects.Prior experience in an audit, compliance and regulatory environment related to security and privacy including standards across industries and geographies such as PCI-DSS, ISO, SOC, HIPAA, HITRUST, FedRAMP, FINRA, SEC and OCC.Perform monitoring of key security control and proceduresWorked closely with both internal and external audit, performing audit clarifications and audit walkthroughs.Create and implement policies, procedures, training and communication of the new policies and procedures to support these projects.Perform Independent analysis of results of security assessments and testing to appropriately assess risks and provide appropriate recommendations for corrective actions.Adapt in a dynamic work environment, learns quickly, solves problems, and makes decisions with minimal supervision.Environment: Guardium, Service Now, Microsoft Teams, Password Vault, Excel, Onetrust, SailPoint, IT audit mailboxSenior Information Security AnalystMetLife Insurance (Cary, North Carolina)August 2019-April 2021Understand and refine a Role Based Security framework. Analyzing Raw data and determining compliance issues based on company policies.Information security, Governance, risk management and compliance (GRC) services provided.Provide support for large and complex audits, examinations, reviews, and projects related to keeping the business line in compliance with regulatory issues and requirements, specific to: CAS, CQA, E&Y, SSAE16, Basel II, SOX, OCC, CFPB audit and exam testing.Improve Operational Efficiency, Higher Quality Intelligence & Ensure Business Continuity through Health information System.Experience with applying NIST SP 800-37 Risk Management principles, interpreting requirements, and developing implementation guidance.Join daily technical security activities and functions such as assessing vendor security, provisioning, and reviewing access, crafting, and maintaining security reports/dashboards, etc.COBIT framework for information technology management and IT governanceProactive identification of risks and audit issuesDocument evidence, testing procedures, findings solutions and certification processes for every quarter.Exceptional analytical and problem-solving skills, attention to detail, wide knowledge of technology, security compliance and regulatory standardsDemonstrate a strong understanding of various compliance and regulatory areas (e.g., SOX, PCI,FFIEC) or the risk register, risk exposure, risk reporting and handling of risk eventsStrong interpersonal and organizational skills, including the ability to meet deadlines, develop written policies standards and procedures, and provide consistent and superior customer service.Experience with FISMA, RMF, and NIST SP 80053 or 53A or equivalent policies.Vulnerability assessment through data analysis and remediation of all issues.Work with Business Unit Information Security Officers (BUISOs), system owners, and other IAM colleagues to address audit and regulatory related issues.Provide justifications and responds to both internal and external audit teams.Oracle and windows servers and Active Directory testing for privilege access, password policies, functional and user accounts remediationEnvironment: Guardium, IAM, EAI, Service Now, Microsoft Teams, Password Vault, Excel, Access central, BladeLogic, Splunk, Tanium, MS Words, Archer, QmulosOracle Database Security AdminHewlett Packard Enterprise (Raleigh, North Carolina)March 2015- June 2019Supported Production Oracle Databases running on Exadata.Supported Database quarterly PSU PatchingWorked on DB Upgrade projects from 11g/12c to 19.Strong administrative skills, proficiency with office productivity software, MS Word, MS Excel, MS PowerPoint, MS Access, MS Visio, SharePointDevelop strong working relationships with the RMs.Coordinated and participated in weekly estimation meetings to provide high-level estimates (Story Points) for backlog items.Independent/self-starter with excellent problem-solving skillsInstallation and maintenance of Oracle 12c on Linux OS, Window OSManaged data files, control files, redo log files, tables, indexes, constraints for performance and availability.Patching and Upgrades (CPU and PSU). Upgrade/Migration of oracle databases from 11.2.0.1 to11.2.0.4 and 11.2.0.4 to 12cApplications and users and Client/Customer support using Oracle Service Cloud (OSvC), maintaining a 0% down time.Designing and developing SQL procedures, query performance tuning.Performed hot and cold backup and recovery using RMAN and UNIX ScriptsCreate, maintain, repair, support, customize systems and Splunk applications, search queries and dashboards.Designing and implementing Splunk best practicesAssist management in the assessment of project risks and controls.Produce metrics showing operational compliance and best practices.Strong written and oral communications skills. Ability to prioritize and work independently on a variety of projects or tasks.Environment: Oracle 11.1.0.7, 10.2.0.5, IBM AIX V6.1, RHEL 5.2, RAC, ASM, RMAN, AWR, ADDM, SQL*Plus, SQL Loader, OEM 10.0, Apps DB, Service NowOracle Database AdministratorFedEx (Pittsburg, Pennsylvania)July 2012 - September 2014Supporting multiple databases for production, development, test and staging purposes on Sun Solaris and Windows environmentsApplying upgrade patch, maintenance and interim (opatch) patches on all the databases.Refreshing Dev and Test instances with data from Production on a regular basis.Developed PL/SQL packages, DML, DDL, Oracle tables, Stored Procedures, functions, cursors, triggers, and UNIX shell scripts.Thorough knowledge of setting up infrastructure for databases in huge datacenters.Installed Oracle 11g on Linux platform using ASM.Scheduling repetitive activities like gathering schema statistics, exports, table space usage report using crontab.Upgrade and Migration of Database from 9.2.0.6 to 10.2.0.2 and applying patches whenever planning.Worked on both VMS and UNIX environments.Troubleshooting of various database performances by proper diagnosis at all levels like SQL, PL/SQL, database design, database tables, indexes, Instance, memory, operating system, and java calls.Knowledge in Oracle Data warehouse DBA skills relating to administration and management of VLDB environments, Oracle OLTP.Experience in writing UNIX/SHELL scripts for providing reports.Installed and configured Oracle 11g database on a test server using Oracle standard procedures and OFA, for performance testing and future 10g production implementation.Strong skills in applying security patches (Patch set, Critical Patch Updates (CPU) / Patch Set Updates (PSU), One off Patch) using uninstaller and Perl based utility opatch.Planned and implemented high availability solutions such as Real Application Cluster (RAC) in Oracle 11gR2 Grid and 10g on ASM and OCSF2 file systemsEnvironment: Oracle 11g/11g RAC/10g, VMS, Sun Solaris, Windows Server 2008, Red Hat Linux, Toad, RMAN, SQL Server, 11g Grid ControlOracle Database AdministratorConway Corporation (Portland, Oregon)April 2010 - June 2012Successfully installed and configured Oracle 11.1.0.7, Oracle 10.2.0.5 databases on AIX platformsMonitored different databases and application servers using Oracle Enterprise Manager (OEM) 10g Grid Control.Loading data from flat files to database using SQL*Loader, External Tables.Extensively used AWR, ADDM and explain plan for periodic performance tuning.Implementing Datapump, conventional export/import utility of Oracle 11g, 10g for re-organizingDatabases/Schemas/Tables to improve performance.Used import/export utilities for cloning/migration of small sized databases and Datapump import/export to move data between 9i and 10g/11g environments.Implemented proactive monitoring using Tuning Pack, Diagnostics Pack, and STATSPACK, SQL Trace & TKPROF, EXPLAIN PLAN.Database monitoring/maintenance, replication process and performance tuning are done using OEM (Oracle Enterprise Manager).Implemented Flashback technology of the Oracle 11g, 10g along with Recycle bin for a faster recovery of the databases and database objects.Performed full & incremental backup (cumulative and differential) using RMAN and implemented recovery strategies.Involved in converting a single instance database to Oracle 11g, 10g RAC databases.Installed ASM environment and migrated databases from NON-ASM to ASM.Used TOAD for database management.Made optimal use of Oracle Support in resolving the SRs.Junior Oracle Database AdministratorSunTrust/Brontech (Atlanta Georgia)February 2009 - March 2010Installed, upgraded, and patched Oracle installations.Managed data files, control files, redo log files, tables, indexes, constraints for performance and availability.Proactively managed the databases; set up alarms for managing any exceptions in day-to-day management of the databases; pre-empted and prevented issues, disasters from happening.Monitoring tablespace issues, creating tablespaces and adding datafiles.Involved in session management and monitored critical wait events, blocking sessions in the database.Implemented Data Guard on Oracle 11g with high availability and performance configurations and participated in Data Guard Fail over tests.Using Oracle Data Pump utility makes faster exports/imports on large databases and saving lot of time.Monitoring several databases varying Terra byte sizes using Oracle Enterprise Manager Grid Control.Worked extensively on monitoring grid control database, configuration of error notifications, installing listeners, and adding them to the grid control.Export and import of database objects to copy from one database to another database.Investigating suspicious database activity using Auditing.Involved in query optimization and using rule-based optimizers and cost-based optimizers.Detecting and correcting instance performance problems. Locating and tuning SQL statements. Environment: IBM AIX 5.3, RHEL, Oracle 9i/10g/11g, PL/SQL, SQL*PLUS, Exceed 6.2, Oracle Enterprise Manager 9.2.0/10g, Quest Software (5.0), VERITAS Cluster, RMAN.Environment: IBM AIX 5.3, RHEL, Oracle 9i/10g/11g, PL/SQL, SQL*PLUS, Exceed 6.2, Oracle enterprise manager 9.2.0/10g, Quest software (5.0), Veritas, RMANEDUCATION: University of Yaound ll, SOA, CameroonBachelors -Economics (2007)CERTIFICATIONSCRISC: Risk Management for Isaca Certification - v. 2020CompTIA Security Plus (601)CISM (Certified Information Security manager)CSM (certified scrum master)PSM (Professional scrum master)Splunk Fundamentals 1 & 2OCA (Oracle certified Associate) |
