| 20,000+ Fresh Resumes Monthly | |
|
|
| | Click here or scroll down to respond to this candidateRafael I. Perez, ITIL, AWS, MCP LINKEDIN LINK AVAILABLEEMAIL AVAILABLE PHONE NUMBER AVAILABLE Eagleville, PASenior Cyber Identity Management EngineerDynamic and multilingual experienced Engineer adept at navigating complex IT ecosystems, specializing in IAM, Cloud security. Expert proficient in IAM tools and provisioning, ensuring seamless user identity management and access control across diverse IT environments. Demonstrated proficiency in Azure AD, AWS, and Security Solutions. Skilled in strategic modeling, technical leadership, and optimization of business processes. Exceptional track record in assessing and mitigating cybersecurity risks, ensuring compliance with industry standards. Committed to enforcing security controls in an auditable and manageable manner.Strategic Planning and Optimization Strategic IT Ecosystem Modeling Cloud Security ArchitectureRisk and Compliance Management Cloud Services: Cloud Services (IaaS, PaaS, SaaS) IT Security ComplianceSecurity and Access Management SSO MFA Privileged Access Management Identity GovernanceIncident and Change Management Identity LCM PAM AD management ScriptsCloud Identity Management Azure AD B2B/B2C Cloud Identity GovernanceCareer ExperienceSenior Cybersecurity Consultant DI -- EY Global Services, Limited (Sep 2022 - Apr 2024)Developed and delivered detailed, forward-looking models of organizational IT ecosystems. Mapped out comprehensive architectural models illustrating the potential evolution of IT landscapes.Identity Access Management (IAM):Developed and delivered detailed, forward-looking models of organizational IT ecosystems, ensuring alignment with security policies and standards.Mapped out comprehensive architectural models illustrating potential evolution of IT landscapes, incorporating infrastructure, systems, applications, and data management components.Produced partnership and collaboration initiatives with the RM team and Cyber Leaders team for Global IA-AD security review, leveraging EY's in-house Cyber assessment script.Configured AD identities, group memberships, and enterprise applications, integrating applications with Azure AD for secure access and single sign-on.Implemented AAD connect configuration, Multi-Factor Authentication (MFA), and Device management through Microsoft Intune/Azure AD, ensuring seamless Single Sign-On Device management.Proficiently constructed and validated MLS OTDS for directory services, enhancing administrative support, security, governance, and risk mitigation procedures within a manufacturing environment.Managed migration of AD objects and Office 365 user migrations using Quest On Demand (ODM), resolving errors promptly during migrations.Acted as an SMR, SME authority in AD DS management, excelling in AD engineering, ADFS, GPO Management, PowerShell, Agile & SDLC Methodologies, and LogRhythm SIEM.Cybersecurity Assessments Criteria and Responsibilities:Demonstrated proficiency in infrastructure, systems, applications, data management, and IT governance within these models, ensuring compliance with policies, procedures, and standards.Conducted comprehensive Azure AD and AD DS cybersecurity assessments as part of Information Assurance (IA) Cyber assessment, resulting in actionable security plans.Ran reports for conducted Cybersecurity Assessment script, aiding clients in developing effective security strategies aligned with cybersecurity frameworks.Oversaw and evaluated Group Policy Objects (GPO), conducted GPO security assessments, and implemented GPO-based security policies to maintain a secure network.Collaboration and Strategic Partnerships: Produced the partnership and connection/collaboration initiative- with the RM team and Cyber Leaders team for the Global IA-AD security review for one of our top clients, using all the outstanding benefits of the EY- in-house Cyber assessment script.Service Delivery Engineer Security/Connectivity -- De Lage Landen Financial Services, Inc. (Sep 2020 - Sep 2022)Service Delivery Management:Service Delivery Engineer Security/Connectivity -- De Lage Landen Financial Services, Inc. (continued)Identity and Access Management (IAM):Created and configured AD GROUPS, SA, RO.AP TA, FA, RS, RT, and PIM onboarding/offboarding accounts.Trained and coached the SD leads on the PIM user's instructions, the configuration of PIM manager's roles, PIM roles, NOC team AD activation/deactivation of administrative accounts, and onboarding/offboarding company users.Led and executed the PAM technical recovery. Created and updated processes, procedures, validations, and documentation for the IAM team and ATOS global NOC.Executed the audit controls for IAM. Validated that the privileged identity access management process meets compliance requirements and effectively manages privileged access on the infrastructure level.Service Delivery Management:Supported the application/service life cycle management to ensure compliant and supported services.Planned and managed projects participated in business and IT projects using agile and traditional PM methodologies.Managed partner management with vendor selection, service/SLA/contract management, requirements identification, vendor evaluation, and service/product delivery according to requirements.Drove the process for all privileged accounts (production and acceptance) on Operating systems, Databases, and Active directories for applications in the PIM service.Provided privileged access in a controlled and secure way- compliant with rules and regulations.Monitored and reviewed process controls to ensure the process was in control or required adjustments due to rules and regulations.Played an active support role in the Business Process Management cycle, facilitating the optimization and automation of business processes.Senior Network Analyst - Connectivity -- De Lage Landen Financial Services, Inc. (Mar 2019 - Sep 2020)Network Monitoring and Management:Monitored and reviewed SolarWinds NCM/NPM job activities. Created and updated PKI monitoring network documentation for the outsourcing PKI team, KPN, and ATOS global NOC team.Assisted with the work instructions for Monitor PKI Certificate Expiration Report.Added CI in BNC-remedy CMDB updates, network component inventory, and related documentation.Monitored and managed the entire lifecycle of digital certificates within PKI systems.Security and Compliance:Assessed network security posture, tested controls, and detected threats.Designed security baseline for all network components and aligned with a periodic housekeeping task.Evaluated and executed MWG proxy upgrade implementations.Certificate Management and Authentication:Provisioned and configured certificates for Windows servers, including Azure VM deployment and Azure AD DS integration for seamless authentication services.Requested, provisioned, and configured certificates for Windows servers, leveraging comprehensive knowledge of PIM2 integration and traditional certificate deployment methods.Infrastructure Maintenance:Assisted in the planning and executing life cycle management for all network infrastructure hardware licensing.Maintained all network data center LAN - Cisco Nexus 7700, Cisco Nexus 2K, F5 Load Balancers, and Checkpoint Firewalls.Performed network diagnostics and capacity planning and documented all procedures and upgrades.Senior Tech EPOS & Network Analyst III -- Energy Transfer Partners (Jul 2016 - Aug 2018)EPOS and Mobility Support: SME expert for EPOS and resolution Mobility and POS platforms.Established user requirements for new equipment, replacement parts, and service issues.Evaluated and analyzed network and encryption symptoms and credit/debit card encryption processing; provided step-by-step solutions related to various Network/EPOS equipment. Determined RCAs and implemented corrective action.Supported and maintained over 3k + corporate, dealers, and distributor stores. Monitored and remediated all software/hardware changes, service requests, and reported incidents.Monitored operation applications infrastructure/AirWatch MDM.Participated with the SO of the Verifone-commander servers automation tools for self-configuration payment controller deployment in C#.Worked with vendors, senior technicians, and area managers to integrate credit and loyalty systems' web services.Eliminated 400+ unused devices, resulting in $200K+ annual savings.Senior Tech EPOS & Network Analyst III -- Energy Transfer Partners (continued)Network Infrastructure Management:Configured and installed network equipment, including Cisco routers/switches, Meraki switches, wireless controllers, Meraki, Cisco ASA, Fortinet, and SonicWALL firewalls.Assisted with IP management, subnetting, CISCO switches, and APC UPSs.Documentation:Created and collaborated with SLA guidelines, IT Policies, SOPs, and all mobility KBAs and training documents for the Sunoco THD. Assisted with the knowledge base and documented technology rollouts and deployment to the end users.Additional Client EngagementsGlobal Workspace & Mobility Services Analyst - Consultant -- J&J -Insight GlobalWorkspace and Mobility Environment Management:Global L3 (EMEA-ASPAC-NA-LA) managed and administered the corporate J&J mobility environment 93K+ Apple iOS/Android devices, asset management, and Workspace. Mobility Office 365, Global Workspace & Mobility Services.Supported and structured the migration of 7000+ Android devices from Google for Work Android to AirWatch. Eliminated +3500 inactive devices.Support and Escalation Management:Coordinated, coached, and trained the L2 IT IS Offshore Manila team leaders with process changes.Knowledge Management and Reporting:Lead the Global Workspace & Mobility Knowledge Management Activities. Executed all the Mobility Metrics/Reporting Tool Audit. Designed and structured the Report Navigator instructions via the IT-IS reporting portal.Conducted an audit of metrics and reports used by Mobility Services. Improved the TMU reports.Redesigned and managed the knowledge base articles for BlackBerry Sunset and My J&J Sunset/ Migration to AirWatch. Collaborated in the administration of the deployment of public and private applications.Mobility Analyst Specialist Lead -- Unitekgs- Beacon Hill Technologies (Feb 2014 - Oct 2014)Mobile system administrator L2/L3 for Telecom hardware/software selection. Served as a critical liaison between the four primary communication cellular carriers and the company.Conducted in-depth analysis of telecom company process documentation, establishing best practices for incident handling.Education and Professional DevelopmentBachelor of Science, IST Computer Science Information Technology. The Pennsylvania State University, Abington, PAAWS for Architects Essential Training Lynda CertificationAWS Architected framework- Cloud practitioner.Azure Security Engineer Associate- AZ 500 (in progress)Certified Cloud Security Professional (CCSP) (in progress)ITIL Foundation v3Languages -- English, SpanishIndustry Frameworks and RegulationsGDPR-Information Security Strategy Standards -SOX, ISO PHONE NUMBER AVAILABLE, COBIT, ITIL, NIST.Microsoft MIM, Active Directory, GPO Management. Federated Service ADFS. PowerShell, Agile & SDLC Methodologies. Auditing event and authentication/alarms/critical events logs configuration LogRhythm SIEM. |