Professional Documents
Culture Documents
General - Resume - 6 2020 IAM and PM Okta 2
General - Resume - 6 2020 IAM and PM Okta 2
Summary of Skills
John has over 15 years of leadership in the sales, design, execution, project management and hands-on implementation
experience with leading-edge application security technologies at the most technically complex global organizations in the
world. This includes experience with all the major product vendors. Key attributes related to the specific opportunity
include:
Finally, I have lead numerous teams of resources of up to 30 persons in geographically disperse locations, managed
teams and security budgets of over $20 million dollars, revitalized information security teams through proactive resource
management and development of personnel. I specialize in taking information security teams to proactive leadership via
metrics, compliance programs and careful hiring and mentoring of personnel. I can also work with management to obtain
the appropriate levels of funding for security operations.
Employer History and Experience
March 2017/Present – Senior Security Architect –Large FSI
In this role, I functioned as an enterprise security architect and program manager for 6 full scale IAM projects. For the
below roles, I functioned as PM, Program Manager and Architect for a large number of implementation of Oracle/Sailpoint
IAM and Governance solutions, Cyberark for PRiv Accounts and SiteMinder for WAM/SSO. User base is over 10
million.Wrote JIRA Epics stories and defined requirements. Used Olaf that has a long experience in Internet technology
and policy matters, Also, implemented 5 Okta solutions using the SSO, MFA, Universal Directory, LifeCycle Management
and API Secuirty. Used OpenID Connect which lets developers authenticate their users across websites and apps
without having to own and manage password files
For a large retailer, designed, architected and implemented a Sailpoint IAM Solution
For a large manufacturing organization implemented Ping and Cyberark
Used Olaf Solutions that provides Small to Medium Businesses (SMB) with hardware, software, support,
installation and training of solutions that are proven to increase profits and the enhance the ability of our
customers to manage and grow their businesses.
For a large manufacturer, designed, architected and implemented an Oracle IAM solution
For a large bank, designed, architected and implemented a Safenet/Gemalto solution
For a large web based company, performed a goodness of fit and then lead implementation of a Sailpoint IAM
solution
Supports login and on-the-fly user creation with any custom OpenID server
Designed, architected and implemented a Sailpoint IAM and CyberArk/Ping solution at a large manufacturer
Implemented 5 Okta solutions using the SSO, MFA, Universal Directory, LifeCycle Management and API Secuirty.
For a large retailer, implemented a conversion from TDI to Sailpoint for over 20 provisioning processed and
200,000 users. Was done in 3 months just prior to holiday close. Also added $300,000 of add on sales
For a large healthcare insurer, conducted a solution design for a Sailpoint provisioning deployment
For a large manufacturer, a global 50 company, served as lead IAM and security architect for enterprise IT
transformation covering 20 applications and 50,000 users. Provided sales leadership for over $900,000 of add on
sales to date.Sailpoint and Oracle was the solution
For a large FSI, designed, and implemented a CA IDM solution using the complete CA IDM solution set
For numerous large firms, developed a 1,3,5 year SailPointsecurity architecture strategy. These include a large payer,
retailer and a large bank,
For several large organizations, designed, architected and implemented SailPoint IAM solutions involving complex
workflows, customizations, advanced authentication and authorization and federation covering 60,000,000 users.
For several large organizations, designed, architected and implemented Oracle 11g IAM solutions. Products included
11g solutions and covered OIM, OAM, OAAM, OVD, OID and OIF. These included a large manufacturer and a large
retailer.
Using SailPoint Role Manager, Conducted a RBAC project for a large international financial institution
Architected an SailPoint IAM solution for Federation and SSO
For a large government agency healthcare payer, architected and implemented an SailPoint IDM/IAM solution
including SSO and RBAC
For a large government agency conducted a PCI, NIST and FISMA based security assessment. This included
developing an application security framework and a GRC framework using SailPoint, Ping and RBAC
Implemented DLP solutions for WebSense, Symantec and RSA
For a large distributor, architected a IBM Guardium DB Security solution
For a large online retailer, designed, architected and implemented an Ping IAM solution.
For a large manufacturer/distributor, implemented a ITIM/SAP GRC solution
Current training in latest version of SailPoint and SailPoint Role Manager
Attended IBM TFIM training for current version.
For a large government agency, architected and implemented PCI solutions for P2P encryption, tokenization and
Network Enclaving/Zoning
For a large retail pharmacy, designed and architected an enterprise security architecture for SOA/Web Services and
in-store encryption this was using the SailPoint SSO and AES solution including RBAC. Also introduced a mobile
security solution for web users and employee.
For a large pharmacy, designed, architected and implemented a Q-Radar solution for SEIM
For a large financial services company, architected, designed and implemented a role consolidation solution from
SailPoint. Also, executed an OIM, OAM, OID, OAAM project that included RBAC
For a large retailer, designed, architected and implemented a high-availability solution for CA Identity Manager r12
SP11.
For a large bank, designed, architected and implemented an enterprise security architecture lockdown and security
improvement plan across the entire stack including application and GRC security
For a large bank, re-designed, re-architected, re-deployed and re-energized a large IAM/IDM solution that had
languished for 2 years and spent $8 million with no delivery. This included an SailPoint IAM Solution and RBAC
As a contract architect and security director lead an enterprise buildout of security architecture for a large health
insurer offering a cloud-based solution. Included in this efforts was the purchase of numerous security tools, the
addition of staff, implementation of enterprise IAM/IDM, 2 factor authentication and SOA/Web Services security and
the use of a variety of enterprise security tools including web application security. This was based on IBM IAM
Solution and RBAC
As a contract architect director, designed, architected, sold, road-mapped and lead the implementation of an
enterprise WS/SOA, DB, VM and IDM/IAM/Federation security architecture for a large online education
institutionusing the SailPoint IAM/SSO/Federation stack and OIM. This solution would lead the organization to adopt
the latest in authentication, authorization centralization and other advanced security solutions. Post go-live, lead
various problem resolution sessions. Lead Security Architectural Review Board meetings focused on
securityroadmapping. Additionally, designed a password self service solution that lowered help desk costs by over $1
million dollars.
As a contract architect and security director for a large insurer
o Introduced client to an advanced Enterprise Network forensics product that significantly improved forensics,
DLP and management of network security.
o Designed and architected an enterprise wide IAM/IDM/Federation/SOA/WS and RSA 2 factor authentication
security architecture
o Designed enterprise AS400, Unix and DB security lockdowns to include configuration, encryption and VM
ware security.
o Improved staffing levels
Functioning as a contract architect and director for a large civilian/military healthcare payer
o Designed, architected and managed an enterprise SSO, SOA/WS, IDM/IAM (CA-Solution), web
application/secure coding. Designed real-time code review systems that scanned source-code as part of the
build. Met military grades of encryption and controls
o Lead reviews of mainframe and DB security systems and managed the implementation of improved security
controls.
o Conducted gap-analysis of enterprise SOA/WS security architecture for a large bank. Prepared build-out
plans, roadmaps and architectures
For a large online auto retailer that had been subjected to online fraud, designed, architected and managed the
implementation of IDS/IPS, SailPointIAM/IDM/SSO/Federation and RBAC, DLP, network, SOA/WS and DB security
solutions.
Functioning as a security architect and director for a systems integrator to the FBI, CJIS and DOJ conducted gap-
analysis of application security for various classified and unclassified law enforcement systems and then designed,
architected and lead implementation efforts of the IAM/IDM/SSO/Federation, SOA/WS, Developed Application
Coding, Database, Network, Advanced Authentication including 2 factor, DLP and VMWare server security
components. Introduced this highly security centric organization to advanced concepts in VMware, network
forensics/monitoring solutions such as NetWitness and advanced adaptive authorization and authentication security.
This included RSA AA, TIM, TAM, TFIM and Datapower
For the Department of Homeland Security Customs and Immigration Division designed, architected and lead pilot
implementation of a mainframe and client server SOA/WS, IAM/IDM solution, DB and client server security solution.
This was a TIM, TAM and TFIM solution
For the US Department of Transportation, designed a mainframe and client server security architecture that focused
on improvements in the areas of DLP, Network Forensics, SEIM, IAM/IDM/SSO and SOA/WS security. Managed the
day to day implementation of the IAM/IDM/SSO solution.
November-2007 – April 2008 – Office Depot - Third-Largest Business E-commerce Web Vendor and Largest
Business Retailer
Senior Director of Information Security and Security Architect. All activities were conducted on a global basis
Implemented vulnerability reduction and management programs with a focus on vSphere, Redhat, McAfee and
Tripwire
Introduced concept of Federation for SSO to multiple sites from vendors and OD. Lead a pilot
Implemented DLP solutions
Implemented ISS Proventia
Implemented IDS solutions
Implemented SEM solutions
Implemented a WebServices authorization, authentication and encryption solution using DataPower.
Managed team of 10 resources and 5 contractors
Implemented more comprehensive risk registry and data classification program for US and global divisions
Designed SOA security architecture to support ORacleE-Biz and Retek Deployment
Implementing Oracle IDM for Vendor and Internal systems provisioning and access control to provide for Enterprise
SSO for thousands of vendors. This included RBAC solutions
Specific application security tasks included:
Managed PCI and SOX compliance initiatives
o Conducted ecommerce application security assessments for PCI compliance. Used Rational AppScan,
Ounce Labs and other tools. Worked with all impacted compliance and development teams to implement a
SDLC application security methodology that is business risk-based.
o Implemented secure coding frameworks using tools, code libraries and process of scanning a rework
o Worked with developers to resolve and correct vulnerabilities
o Implemented ecommerce application security solutions for PCI and SOX compliance. Worked with risk
management teams to develop solutions that addressed risks.
o Implemented external authentication/authorization and provisioning systems
January 2004 to January 2005 – Toyota Motor Mfg. - Largest Japanese Automotive Manufacturer in World
Contractor - Security and Identity Management Consultant
Performed design, requirements definition, use cases, goodness of fit analysis, ROI development along with
conducting/managing the implementation of identity/access management and provisioning solutions using CA
SiteMinder and IdentityMinder
Implemented Web Services and ecommerce application security architecture and conducted assessments.
Conducted e-commerce application security assessments on Java and .Net applications using Ounce Labs, App-
Scan and SPI WebDynamics.
Designed vulnerability reduction program.
Managed Federated Identity Management Proof-of-Concept.
Designed SOA security architecture.
Worked with Eurekify product to identify existing roles within an organization
Conducted SAP and Peoplesoft security assessments
Conducted SOX compliance reviews and designed SOX controls
July 2003 – January 2004 – Federal Reserve Board - US Government Agency Responsible for Regulation of
Banking
Contractor - Identity Management Consultant
Managed team focused on requirements analysis (use case, goodness of fit, business and technical requirements),
technical/functional and logical design and implementation of identity management system for access to numerous
web-based treasury applications and internal systems. Key value driver was the formation of a identity enablement
factory that brought together ad-hoc teams to design and code the connectors that provision various applications.
Used SUN IDM and Netegrity systems
Implemented Web Services security and ecommerce application security solutions including the use of the Reactivity
product.
Conducted Web Services security assessment.
Designed and built-out a SOC.
January 2003 – June 2003 – Oracle - Worlds’ Second Largest Software Company
Contractor - Identity Management Consultant
Identified significant product gap issues in the identity management space. Lead a team of four professionals in
redesigning the vendors identity management solutions and strategies to meet market needs.
Conducted security assessment and enterprise security architecture design for several financial services companies.
Designed and implemented identity management solutions at various clients using SiteMinder, SailPoint Internet
Directory and SSO (OID and SSO) and the Thor provisioning product.
Extended and add-on sales of over $500,000.
Prepared SOWs and proposals to support pre-sales efforts
July 2002 – January 2003 – SLM - Quasi-Governmental, Publicly-Traded, Financial Services Company
Director of IT Security
November 2001 – May 2002 – Large Information Security/Risk Management Consulting Company
Senior Consultant
November 1987 – April 1993 – Allstate - Worlds’ Second Largest Insurance Company
Security Consultant
Education
B.S. in Accounting and Computer Science. LoyolaUniversity of Chicago
MBA in Finance and Information Systems. Roosevelt University of Chicago.