| Candidate Information | | Title | Application Security Continuous Improvement | | Target Location | US-NC-Wake Forest |
| | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateAccomplished technologist with 22+ years of experience in the areas of advisory, relationship management, business consulting and all life cycles of technology. Skilled in IT strategy, product design, infra/ device/ data and application security, client / account management, digital transformation, IoT, cloud, data and analytics. Proven record of combining domain knowledge and IT expertise to address business problems while managing customer expectations, cost & risks and growing global teams at scale.PROFESSIONAL SUMMARYTechnologist with expertise in complete program life cycle from customers/ portfolio management, sales, strategy and execution for large scale customer programs in a multi-vendor environment.A highly resourceful, innovative, and enthusiastic professional with experience in managing and running high skilled teams delivering large scale customer engagements with a special focus and emphasis in infrastructure, device, data and application security.Experience in Designing Non-linear products / solutions that can scale up to the business problems for customers, Product management to understand the marketplace, creating vision, Technology footprint, GTM and Market positioning including sales and delivery.Specialized advisory and implementation of architecture, IT Security standards, compliance and regulatory procedures in data and business solutions.Delivered strategic, engaging, and persuasive proposals to effectively articulate ideas to external and internal stakeholders.Assist in defining and deploying new product development processes and in facilitating the continuous improvement of existing processes.Reviewed and estimated project budgets and proposals for customer/ procurement submissionsResponsible for setting the technology/ business strategy and creating tactical operational plans to achieve desired operational targets with an emphasis on Agile development lifecycle.Managed and collaborated with external and internal stakeholders to deliver engagements at scale, providing hands on technical expertise, provided senior level technical guidance to staff, project leaders and other teams as necessary.Proactively reviewed and communicated project risks to customers and actively involved in mitigating issues.Provided continuous improvement through operational excellence to achieve well rounded organic growth to business organizations.Established QBRs / MBRs with all customer stakeholders (Exec./ Steering committees) to create a transparent program/ project communication.Proactively manage dependencies and identify & remove impediments and make teams focus on sprint goals.Develop and retain talent by establishing training, development and career growth opportunities for team members and self.Expertise in working as an Oracle DBA and PeopleSoft initiatives.Experience in managing Infrastructure, security, and software development projects in privilege & Identity Access Management (IAM), Oracle database management, quality management and PeopleSoft technologies.Data Gathering & AnalysisCustomer/ portfolio ManagementCommunication strategiesStrategic and Business PlanningDiscovery and strategy designForecasting & budget administrationRisk and Security analysisResource allocationData Analytics including statistical modellingBusiness process re-engineeringProject ManagementChange ManagementSalesISO quality managementPerformance evaluationSKILLS & COMPETENCIESTECHNICAL SKILLSAgile/Scrum & Waterfall methodologiesSDLC & STLCSing Sing-onFederation & Authentication TechnologiesVaulting (CyberArk & Veeva)Microsoft Office SuiteDatabase ManagementWindows, Linux & UnixJIRAPROFESSIONAL EXPERIENCEIT Project Manager UBS July 2022 August 2024Worked with cross-functional teams to gather requirements, create project road maps, and complete projects. Achieved average of 99% client satisfaction.Used business process improvement and vendor management skills to cut costs, completing projects under budget.Managed 7 IT projects with million+ budgets and 20+ team members.Slashed delivery times 25% and cut costs by 30% for projects I have involved.Led teams to develop custom IT software, managing end-to-end software development life cycle (SLDC).Consulted with department leaders to define, prioritize, budget, and resource programs.Generated Contracts, SOWs, KPIs, OKRs, and ROI projections in accordance with company priorities.Participated in feasibility studies, contract negotiations, vendor reviews, and internal improvement reviews.Chaired reporting efforts - Weekly Program Reviews, Monthly and Quarterly Business Reviews (MBRs / QBRs).Concurrently manage multiple Advanced Research Center and Endpoint initiatives, generating real-time intelligence to enhance customer results and propel the industry ahead of the market.Proactively manage program risks and issues by collaborating with stakeholders to maintain program plans.Removed impediments to allow team to deliver the business objective.Work effectively with multiple scrum teams both internally and off-shore.Tracked and reported daily process and program status to management.Protect teams and keep them focused with tasks in hand.Project Manager Simpliigence May 2020 June 2022Establish project goals and objectives that support the State and HHS strategic plans as well as federal directives.Work effectively with multiple teams both internally and off-shore.Managed Microsoft Power Platform Projects.Tracked and reported daily process and program status to management.Managed cloud-based systems to streamline marketing operations: data asset management system and project management system.Managed and designed Capacity planning model for Azure Cloud infrastructure in performance/Prod EnvironmentEnsured effective communication within and across teams. Influences and facilitates the empowerment of a self-organizing team.For technology related efforts: Understood release-when ready, test-driven development, continuous integration, product demonstration and other technical engineering practices and encouraged teams to leverage them.Schedules and facilitates cross-functional meetings.Managed and delivered multiple automation and Performance projects in a short time.Sr. Principal (Delivery) - Security Operations Newyork Life Insurance, NJ May 2018 March 2020Collaborated with IT and the other business unit teams to specify, architect and implement multiple types of security controlsBuild and Managed technical team of engineers and drive the delivery of security functions (security engineering, threat response, vulnerability management and blue and red team operations)Reviewed and estimated project budgets and proposals for customer/ procurement submissions.Managed and delivered Privileged Access Management (PAM) solutions like CyberArk and Configurations including AD & LDAP integrations to Cyber Ark Enterprise Password vault.Coordinated the development and maintenance of corporate Information Security Monitoring related policies and procedures.Ensured appropriate progress tools, information radiators, and reports effectively provide transparency on team's progress/productivity.Managed outsourced vendors that provide information security functions for compliance with contracted service-level agreements ProactivelyReviewed and communicated project risks to the client and actively involved in mitigating issuesEnsure that the potential impact of engineering changes, using data to support understanding of upstream and downstream dependencies.Managed PAM Operations team which involved in password rotation, password malfunctions, account creations, Integrations, Maintaining and Creating New Safes.Involved in the process of installation & integration of SPLUNK with ServiceNow, Active Directory and LDAP authentication.Oversee the fixes & filtering false findings for the vulnerabilities reported in the scanned reports.Operations Management Security & Authentication Trisync Technologies Inc March 2008 April 2018Operations Manager EY, NJ March 2016 April 2018Involved in Privileged Access Reviews, Compliance Reporting, Access Control Processes and other associated tasks with Privileged User Management.Managed team of operations who administer User accounts, Group memberships, and Organizational Units using Active Directory.Responsible for end-to-end process of change management related to Siteminder and Pingfederate to various sites across different Data Centers.Provided quality reports to summarize test activities, including objectives, planning, methodology, results, analysis and recommendations to both technical and non-technical audiences. From the output of the reports provide suggested approaches to enhance further.Owned new integrations for infrastructure and production performanceSupport / oversee IT teams based on latest risks and possible remediation vulnerability remediation of VBlock Infrastructure.Managed SOC team for cyber incidents and compliance towards PCI DSS, NIST framework.Given valid inputs for Vulnerability assessment and penetration testing on web applications and underlying infrastructure.Authentication / Validation Lead Belk, NC Nov 2014 Feb 2016Managed / oversee the Configuration CA Siteminder Policy Server for Federation SSO, created Identity and Service Provider in Policy Server for SAML Federations for business partners.Validate and provide inputs for IWA Authentication Scheme for client user authentications and authorizations, developed Custom Login Forms using Java, JSP, HTLM, Servlets to use digital certificates for SSO.Provided subject matter expertise to management, business areas, and IT Teams as well as implement appropriate security controls and monitoringOwned SPLUNK deployment and SPLUNK instances and analyzed security-based events, risks & reporting.Oversee physical security assessments of systems, servers and other network devices to identify areas that require physical protection.Proposed remediation strategies for mitigating system vulnerabilities.Identified false-positives and modified IDS/IPS signatures to minimize the number of false positives.Implemented Simulation plans for Pen and Security exercises to predict and prevent vulnerable weak spots in the devicesDesign and plan simulations and security assessments designed to probe existing cybersecurity measures for potential weaknesses.Data / Security Lead AstraZeneca, MD Feb 2011 Oct 2014Involved security practices, procedures and security analysis tools in order to perform non-repetitive, analytical work.Daily assessment of vulnerabilities identified by infrastructure scanManaged a team for application penetration testing of business applications acquainted with various approaches to Grey & amp, Black box security testing, etc.,Oversee and managed a team for remote testing of a client's network or onsite testing of their infrastructure to expose weaknesses in securityResponsible for evaluating and remediating all security vulnerabilities per HIPPAA & ITIL guidelines to ensure stability and risk mitigationFacilitated the PCI external audit, Managed end to end co-ordination and support during the onsite assessment.Worked on SIEM, Solar winds, Symantec end point security for malware detection and threat analysis.Oversee application penetration testing on web, thick client to identify significant vulnerabilities that threaten the confidentiality, integrity, and availability of client applications.Shared reports and recommendations to management from findings, including the security issues uncovered and level of risk.Given valuable directions to the team in collecting, assessing, and cataloging threat indicators.Peoplesoft / Data Engineer Asurion, TN March 2008 December 2010Involved in Design, Development, Testing, and Enhancement of PeopleSoft HRMS for HR, Payroll and Base Benefits modules.Handled bundles for the process of solving the issues in the enhancements.Created Permission lists, users, roles and assigned roles to users through Maintain Security.Utilized Tanium Endpoint security to create reports to resolve various information security issues.Conducted meetings with the Users and the testing team and involved in discussing their problems and helped them out in finding the proper solutions for their requirements.Provided guidance and recommendations to ensure a uniform approach to security and risk management across the organization.Oversee internal control procedures were incompliance by examining reports, documentation, and operating practices.Performed systems and network vulnerability scans to identify and remediate potential risks.Monitored customer environments for security threats via IDS/IPS event monitoring and analysis as well as firewall and OS log monitoring.Handled patches & bundles for the process of enhancements.Peoplesoft Consultant BearingPoint Business Consulting June 2005 February 2008Involved in Design, Development, Testing, and Enhancement of PeopleSoft for Payroll and Finance modules.Created and modified Components, File Layouts, Pages, Records, Fields, Process Definitions and registering Components in Portal, Menu and Permission Lists.Developed number of interface reports using SQR to read the data from file and load it into PeopleSoft tables and send data from PeopleSoft to other external applications.Involved in online changes to the delivered pages, components, menus and translate values.Developed and modified People Code to implement specific business rules and validations to enable the system to perform the business process.Worked on interface programs for migrating data from other systems to People Soft.set up reports to run at specific time and implementation of batch processing for scheduling recurring process using process scheduler.Peoplesoft Analyst Opus Solutions Pvt Ltd June 2002 May 2005Involved in Development and Testing of PeopleSoft HRMS.Modified, designed, configured and built fields, records, sub records, setting up keys to records, assign table edits like prompt table.Created Permission lists, users, roles and assigned roles to users through Maintain Security.Handled bundles for the process of solving the issues in the enhancements.Created Permission lists, users, roles and assigned roles to users through Maintain Security.Developed ad-hoc reports and ad-hoc queries developed Run Control Pages as per requirements and attached to menu to run SQRs for the developed sqrs.Involved in Unit testing of peoplesoft delivered and modified functionality & customized SQR programs.EDUCATIONMaster of Computer Application, Anna University, IndiaBachelor of Sciences, Nagarjuna University, India |
