John J.

Masiliunas – Managing Consultant –

Security and Privacy
CISSP, CISA, Certified Internal Auditor, Certified Public Accountant, Certified Bank
Auditor, Tivoli Certified Solutions Specialist, Certified Financial Services Auditor, IBM
Project Management Certified, Department of Treasury Secret Clearance, Department
of Homeland Security and FBI Secret Clearance
Contact Information: 7138 Eagle Trace Way, Indianapolis, Indiana 317-417-5829
Or 317-881-0883. email johnmasiliunas@hotmail.com

Summary of Skills
John has over 15 years of leadership in the sales, design, execution, project management and hands-on implementation
experience with leading-edge application security technologies at the most technically complex global organizations in the
world. This includes experience with all the major product vendors. Key attributes related to the specific opportunity
include:

 Specifics regarding the opportunity include:

o Managing support offshore teams
o Developing 1,3,5 year security architecture and IAM plans
o Implementation experience with Oracle, Sailpoint, CA and IBM IAM solutions on all current versions for all
major components
o IBM certified project manager and program manager
o Lead efforts as a program manager for large scale Sailpoint projects
o Ability to enter organization, establish beachhead and expand sales
o Contacts with skilled resources to build teams and bring resources into practice
o Introducing new technologies and concepts into organizations and managing POC
o Experience with mobile and BYOD security solutions
o Associations with various information security leaders world-wide in industry and academia
 Passed exams - CISSP, CISA, CISM, Certified Financial Services Auditor, Certified Bank Auditor
 Trained in Oracle and SailPointsolutions and other SailPointIAM security solutions
 Consulting experience with Big 4, Andersen and Large System Integrators such as IBM and CSC
 Experience with all security architecture methodologies including ISO, COBIT, FFIERC, NIST, CAP, FISMA, FRB and
SABSA
 Lead Information Security positions. In this role:
o Reduced Costs
o Developed Solutions
o Built security delivery teams
o Brought global security architectures to best practice standards
o Introduced more sophisticated and comprehensive risk management practices that included the use of risk
registers, data classification and metrics
o Upgraded staff
o Projected improved image of information security
o Became authority on all areas of security and business risk
o Chaired key committees on security and improved relations with audit and compliance
 Lead Security initiatives in all areas of information security. All the projects involved initial conceptual design, cost-
benefit analysis, road-mapping, gap analysis, build-out project plans, leading execution initiatives and post go-live gap
analysis along with some post-go-live support. I am an expert at identifying solution and gaps and proactively working
with clients to design, build and deploy security architectures. I am known as a take-charge resource and leader who
through visual and verbal communications can sell the facts to management while saving money on security
initiatives. Finally, I am always up to date on newest trends and technologies that add value to organizations.
o Architecture Design, Gap-Analysis and Deployment Management experience with some of the most security
driven organizations in the world in the Financial Services Industry and major government agencies. Sample
clients include the Department of Homeland Security, FBI, Department of Justice, US Criminal Justice
Information Systems, Wal-Mart, Federal Reserve Board, Department of Defense, Toyota Motor Corporation,
American Express, Chase, Nationwide Insurance, Allstate Insurance, State Farm Insurance, Bank of America,
Duke Power, Marathon Oil, and numerous other organizations that value information security.
 Security Lockdown Experience with the following platforms; IBM Mainframe (MVS/VSAM), Websphere, SailPoint
Application Server, SAP, WebLogic, SailPoint ERP, Java, SOA and Web Services security in client and mainframe
 environments, Active Directory, SailPoint Internet Directory, DB2, SQL, Custom Java and .NET applications, Windows
and UNIX (RedHat and Sun)
 Experience with all major enterprise security tools forSOA/WS Security, Identity and Access Management, Encryption
in Transit and at Rest, Operating and Network Security Vulnerability Management and Reduction, DLP technologies
such as Vontu and Verdasys, RSA 2 factor authentication and integration with IDM/IAM solutions. IDS and IPS
including newer solutions from Palo Alto Networks, Secure Code Application Development, Forensics and Advanced
Network Monitoring and Threat Analysis
 All solutions were integrated with Enterprise High Availability, Help Desk, Failover and Disaster Recovery solutions

Finally, I have lead numerous teams of resources of up to 30 persons in geographically disperse locations, managed
teams and security budgets of over $20 million dollars, revitalized information security teams through proactive resource
management and development of personnel. I specialize in taking information security teams to proactive leadership via
metrics, compliance programs and careful hiring and mentoring of personnel. I can also work with management to obtain
the appropriate levels of funding for security operations.
Employer History and Experience
March 2017/Present – Senior Security Architect –Large FSI
In this role, I functioned as an enterprise security architect and program manager for 6 full scale IAM projects. For the
below roles, I functioned as PM, Program Manager and Architect for a large number of implementation of Oracle/Sailpoint
IAM and Governance solutions, Cyberark for PRiv Accounts and SiteMinder for WAM/SSO. User base is over 10
million.Wrote JIRA Epics stories and defined requirements. Used Olaf that has a long experience in Internet technology
and policy matters, Also, implemented 5 Okta solutions using the SSO, MFA, Universal Directory, LifeCycle Management
and API Secuirty. Used OpenID Connect which lets developers authenticate their users across websites and apps
without having to own and manage password files

Implemented OKTA access gateway to protect multi-cloud systems

April 2015 – March 2017 – Senior Security Architect - TechMahindra

In this role, I functioned as an enterprise security architect and program manager. For the below roles, I functioned as PM,
Program Manager and Architect

 For a large retailer, designed, architected and implemented a Sailpoint IAM Solution
 For a large manufacturing organization implemented Ping and Cyberark
 Used Olaf Solutions that provides Small to Medium Businesses (SMB) with hardware, software, support,
installation and training of solutions that are proven to increase profits and the enhance the ability of our
customers to manage and grow their businesses.
 For a large manufacturer, designed, architected and implemented an Oracle IAM solution
 For a large bank, designed, architected and implemented a Safenet/Gemalto solution
 For a large web based company, performed a goodness of fit and then lead implementation of a Sailpoint IAM
solution
 Supports login and on-the-fly user creation with any custom OpenID server
 Designed, architected and implemented a Sailpoint IAM and CyberArk/Ping solution at a large manufacturer
 Implemented 5 Okta solutions using the SSO, MFA, Universal Directory, LifeCycle Management and API Secuirty.

July 2014 – April 2015 – Manager - Accenture

In this role, I functioned as an enterprise security architect and program manager.

 For a large retailer, implemented a conversion from TDI to Sailpoint for over 20 provisioning processed and
200,000 users. Was done in 3 months just prior to holiday close. Also added $300,000 of add on sales
 For a large healthcare insurer, conducted a solution design for a Sailpoint provisioning deployment
 For a large manufacturer, a global 50 company, served as lead IAM and security architect for enterprise IT
transformation covering 20 applications and 50,000 users. Provided sales leadership for over $900,000 of add on
sales to date.Sailpoint and Oracle was the solution

April 2008– July 2014– Independent Consultant

In this role, I functioned as a Security Architect with the responsibility for introducing new solutions, managing POCs,
developing business cases and then architecting and delivering solution, Additional sales totaled over $2 million even
though I was not in a sales focused role.

 For a large FSI, designed, and implemented a CA IDM solution using the complete CA IDM solution set
 For numerous large firms, developed a 1,3,5 year SailPointsecurity architecture strategy. These include a large payer,
retailer and a large bank,
 For several large organizations, designed, architected and implemented SailPoint IAM solutions involving complex
workflows, customizations, advanced authentication and authorization and federation covering 60,000,000 users.
 For several large organizations, designed, architected and implemented Oracle 11g IAM solutions. Products included
11g solutions and covered OIM, OAM, OAAM, OVD, OID and OIF. These included a large manufacturer and a large
retailer.
 Using SailPoint Role Manager, Conducted a RBAC project for a large international financial institution
 Architected an SailPoint IAM solution for Federation and SSO
 For a large government agency healthcare payer, architected and implemented an SailPoint IDM/IAM solution
including SSO and RBAC
 For a large government agency conducted a PCI, NIST and FISMA based security assessment. This included
developing an application security framework and a GRC framework using SailPoint, Ping and RBAC
 Implemented DLP solutions for WebSense, Symantec and RSA
 For a large distributor, architected a IBM Guardium DB Security solution
 For a large online retailer, designed, architected and implemented an Ping IAM solution.
 For a large manufacturer/distributor, implemented a ITIM/SAP GRC solution
 Current training in latest version of SailPoint and SailPoint Role Manager
 Attended IBM TFIM training for current version.
 For a large government agency, architected and implemented PCI solutions for P2P encryption, tokenization and
Network Enclaving/Zoning
 For a large retail pharmacy, designed and architected an enterprise security architecture for SOA/Web Services and
in-store encryption this was using the SailPoint SSO and AES solution including RBAC. Also introduced a mobile
security solution for web users and employee.
 For a large pharmacy, designed, architected and implemented a Q-Radar solution for SEIM
 For a large financial services company, architected, designed and implemented a role consolidation solution from
SailPoint. Also, executed an OIM, OAM, OID, OAAM project that included RBAC
 For a large retailer, designed, architected and implemented a high-availability solution for CA Identity Manager r12
SP11.
 For a large bank, designed, architected and implemented an enterprise security architecture lockdown and security
improvement plan across the entire stack including application and GRC security
 For a large bank, re-designed, re-architected, re-deployed and re-energized a large IAM/IDM solution that had
languished for 2 years and spent $8 million with no delivery. This included an SailPoint IAM Solution and RBAC
 As a contract architect and security director lead an enterprise buildout of security architecture for a large health
insurer offering a cloud-based solution. Included in this efforts was the purchase of numerous security tools, the
addition of staff, implementation of enterprise IAM/IDM, 2 factor authentication and SOA/Web Services security and
the use of a variety of enterprise security tools including web application security. This was based on IBM IAM
Solution and RBAC
 As a contract architect director, designed, architected, sold, road-mapped and lead the implementation of an
enterprise WS/SOA, DB, VM and IDM/IAM/Federation security architecture for a large online education
institutionusing the SailPoint IAM/SSO/Federation stack and OIM. This solution would lead the organization to adopt
the latest in authentication, authorization centralization and other advanced security solutions. Post go-live, lead
various problem resolution sessions. Lead Security Architectural Review Board meetings focused on
securityroadmapping. Additionally, designed a password self service solution that lowered help desk costs by over $1
million dollars.
 As a contract architect and security director for a large insurer
o Introduced client to an advanced Enterprise Network forensics product that significantly improved forensics,
DLP and management of network security.
o Designed and architected an enterprise wide IAM/IDM/Federation/SOA/WS and RSA 2 factor authentication
security architecture
o Designed enterprise AS400, Unix and DB security lockdowns to include configuration, encryption and VM
ware security.
o Improved staffing levels
 Functioning as a contract architect and director for a large civilian/military healthcare payer
o Designed, architected and managed an enterprise SSO, SOA/WS, IDM/IAM (CA-Solution), web
application/secure coding. Designed real-time code review systems that scanned source-code as part of the
build. Met military grades of encryption and controls
o Lead reviews of mainframe and DB security systems and managed the implementation of improved security
controls.
o Conducted gap-analysis of enterprise SOA/WS security architecture for a large bank. Prepared build-out
plans, roadmaps and architectures
 For a large online auto retailer that had been subjected to online fraud, designed, architected and managed the
implementation of IDS/IPS, SailPointIAM/IDM/SSO/Federation and RBAC, DLP, network, SOA/WS and DB security
solutions.
 Functioning as a security architect and director for a systems integrator to the FBI, CJIS and DOJ conducted gap-
analysis of application security for various classified and unclassified law enforcement systems and then designed,
architected and lead implementation efforts of the IAM/IDM/SSO/Federation, SOA/WS, Developed Application
Coding, Database, Network, Advanced Authentication including 2 factor, DLP and VMWare server security
components. Introduced this highly security centric organization to advanced concepts in VMware, network
forensics/monitoring solutions such as NetWitness and advanced adaptive authorization and authentication security.
This included RSA AA, TIM, TAM, TFIM and Datapower
 For the Department of Homeland Security Customs and Immigration Division designed, architected and lead pilot
implementation of a mainframe and client server SOA/WS, IAM/IDM solution, DB and client server security solution.
This was a TIM, TAM and TFIM solution
 For the US Department of Transportation, designed a mainframe and client server security architecture that focused
on improvements in the areas of DLP, Network Forensics, SEIM, IAM/IDM/SSO and SOA/WS security. Managed the
day to day implementation of the IAM/IDM/SSO solution.

November-2007 – April 2008 – Office Depot - Third-Largest Business E-commerce Web Vendor and Largest
Business Retailer
Senior Director of Information Security and Security Architect. All activities were conducted on a global basis
 Implemented vulnerability reduction and management programs with a focus on vSphere, Redhat, McAfee and
Tripwire
 Introduced concept of Federation for SSO to multiple sites from vendors and OD. Lead a pilot
 Implemented DLP solutions
 Implemented ISS Proventia
 Implemented IDS solutions
 Implemented SEM solutions
 Implemented a WebServices authorization, authentication and encryption solution using DataPower.
 Managed team of 10 resources and 5 contractors
 Implemented more comprehensive risk registry and data classification program for US and global divisions
 Designed SOA security architecture to support ORacleE-Biz and Retek Deployment
 Implementing Oracle IDM for Vendor and Internal systems provisioning and access control to provide for Enterprise
SSO for thousands of vendors. This included RBAC solutions
 Specific application security tasks included:
 Managed PCI and SOX compliance initiatives
o Conducted ecommerce application security assessments for PCI compliance. Used Rational AppScan,
Ounce Labs and other tools. Worked with all impacted compliance and development teams to implement a
SDLC application security methodology that is business risk-based.
o Implemented secure coding frameworks using tools, code libraries and process of scanning a rework
o Worked with developers to resolve and correct vulnerabilities
o Implemented ecommerce application security solutions for PCI and SOX compliance. Worked with risk
management teams to develop solutions that addressed risks.
o Implemented external authentication/authorization and provisioning systems

January 2005 – November-2007 – IBM - Largest Consulting Company in World

Managing Consultant – Security and Privacy Practice. In this role conducted numerous application security assessments
and build-outs related to a secure application security lifecycle development process. I worked with developers,
compliance personnel and business unit stakeholders to design a business-risk based solution. Developed solutions and
contracts to deliver solutions. Hired resources to meet needs.
 Implemented vulnerability reduction and management programs with a focus on vSphere, Redhat, McAfee and
Tripwire
 Implemented ISS PRoventia solutions
 Designed and implemented SOA and Web Services security solutions for encryption, authentication and authorization
using DataPower and TFIM
 Prepared over 40 proposals, SOWs and architecture designs to support pre-sales efforts in the IDM/IAM and
application security space
 Implemented Archer GRC and Tivoli Compliance Insight Manager and Compliance Manager
 Conducted numerous application security assessments using AppScan and Fortify
 Conducted WebSphere application security assessments at numerous corporations
 Designed a PCI compliant encryption architecture for several retailers including DB and transmission systems
 Implemented Tivoli Identity and Access Manager at a large retailer
 ITIM, ITAM, IDI, IBM LDAP and TPM architecture, implementation and configuration on a Red Hat Linux operating
system for a large telecommunications company.
 Completed SAP and SailPoint application security assessments
 Designed Enterprise Security and Identity Management Architecture for a large retail food chain using ITAM, ITIM and
RSA. Additionally, assisted in developing ROI justification cases.
 Assisted in installation of ITIM and ITAM for a large retailer.
 Developed an ITAM v5.1/ITIM 4.6 security architecture for a bank. The system ran on AIX and Windows 2003,
WebSphere and HTTP Server and utilized single sign-on using a combination of SPNEGO/Kerberos and Active
 Directory. In addition to the development of technical design, the work included product selection, requirements
definition, use case development and product justification.
 Designed security architecture for e-commerce based systems at a large wireless services company and a large
utility. Conducted assessments of same.
 Conducted numerous iSeries and DB2 security assessments and security architecture designs.
 Designed SecurityOperationsCenter design for a large wireless company.
 Conducted detailed assessments and security architecture re-design for an outsourced web-services system for a
state that processed credit-card transactions and handled personal data.
 Conducted several HIPAA and PCI assessments and managed security buildouts for those organizations.
 Functioned as an application security architect for a custom-built, internet-based Java order management and pricing
application for a large electronics distributor/manufacturer. Specific tasks includes:
o High level and detailed
 Security architecture designs
 Design of Role-based Access control including roles, functions, design of portlet policy access, data
element access and design of provisioning systems
 Token-based system to manage access profiles
 SAML and WS Security
 Specific RBAC work includes; identification of roles and functions, consolidation of roles and
functions, development of role management policies and procedures
 Design of LDAP schema
 Design of provisioning system
 Configuration of portlet policy-access server
 Design of Identity and Access Management solution using TIM/TAM
 Developed secure Java coding manuals
 Using Fortify and Web-Inspect tools, conducted secure coding assessments over developed Java
code and managed remediation efforts
 Conducted final go-live application penetration tests of the Java-based ecommerce system
 Designed SOA and SOMA security architecture and assisted with implementation of
authorization/authentication and encryption solutions
 System involved TIM/TAM, ITDS, IDI, Vignette, webMethods, WebSphere, Java, SOA and
WebServices
 DataPower encryption and firewall implementation and architecture to protect WS calls
o Won IBM S&P Bravo Award for sales and delivery work on project
 Attended IBM SOA Bootcamp, IBM Ethical Hacking Class, IBM Qualys Training Class
 For an extremely large Financial Services, Banking and Insurance Company, performed the following
o Designed security architecture for SOA/SOMA, DataPower, ISS, z/Series, p/Series and WAS environments.
These environments complied with IBM, industry and regulatory requirements while meeting high-volume
processing requirements
o Implemented WS security architecture
o Conducted SOA security assessments involving banking applications
o Conducted a high-level HIPAA security assessment
o Served as a liason with IBM product security SME’s to address client problems and questions
o Was a part of the client IBM leadership team that defined IBM strategy at client
o Conducted code assessments using Fortify tool
o Designed improved code assurance process using updated guidelines and integration of Fortify and Rational
Tool
o Provided client with state of the art security concepts to improve zoning and segmentation, product
compliance and overall strategy
o Conducted DB2 security assessment
o Conducted PCI assessments and development of PCI compliant security architecture
o DataPower encryption and firewall implementation
 For a large automotive manufacturer
o Designed and managed Sun IDM implementation and upgrade and sold a Tivoli TIM.TAM/TDI project.
Performed key tasks
o Designed and managed e-directory upgrade
o Managed a staff of 4 offshore resources responsible for coding and upgrading Dir-XML drivers. Designed the
new driver systems
o Using ITIL, implemented processes that reduced incidents by over 100%
o Designed new provisioning and password processes that reduced costs by over 200%
 Designed and implemented SUN IDM v7.0 for a large multi-national manufacturer
 Designed revised IDM/IAM architecture for a large financial services and securities processor
 Attended SUN IDM design and deployment class
 Implemented a WebSphere and DataPower based security architecture for an SOA based system
 Implemented ITCAM for SOA and ITCAM for J2EE to monitor database, process and LDAP calls for WebSphere and
a Java-Based system
 Conducted SOX compliance reviews and designed controls to address SOW
 Conducted PCI compliance review and encryption strategy design/implementation for a large retailer
 New and add-on consulting sales of over $1.8 million per year.

January 2004 to January 2005 – Toyota Motor Mfg. - Largest Japanese Automotive Manufacturer in World
Contractor - Security and Identity Management Consultant
 Performed design, requirements definition, use cases, goodness of fit analysis, ROI development along with
conducting/managing the implementation of identity/access management and provisioning solutions using CA
SiteMinder and IdentityMinder
 Implemented Web Services and ecommerce application security architecture and conducted assessments.
 Conducted e-commerce application security assessments on Java and .Net applications using Ounce Labs, App-
Scan and SPI WebDynamics.
 Designed vulnerability reduction program.
 Managed Federated Identity Management Proof-of-Concept.
 Designed SOA security architecture.
 Worked with Eurekify product to identify existing roles within an organization
 Conducted SAP and Peoplesoft security assessments
 Conducted SOX compliance reviews and designed SOX controls

July 2003 – January 2004 – Federal Reserve Board - US Government Agency Responsible for Regulation of
Banking
Contractor - Identity Management Consultant
 Managed team focused on requirements analysis (use case, goodness of fit, business and technical requirements),
technical/functional and logical design and implementation of identity management system for access to numerous
web-based treasury applications and internal systems. Key value driver was the formation of a identity enablement
factory that brought together ad-hoc teams to design and code the connectors that provision various applications.
Used SUN IDM and Netegrity systems
 Implemented Web Services security and ecommerce application security solutions including the use of the Reactivity
product.
 Conducted Web Services security assessment.
 Designed and built-out a SOC.

January 2003 – June 2003 – Oracle - Worlds’ Second Largest Software Company
Contractor - Identity Management Consultant
 Identified significant product gap issues in the identity management space. Lead a team of four professionals in
redesigning the vendors identity management solutions and strategies to meet market needs.
 Conducted security assessment and enterprise security architecture design for several financial services companies.
 Designed and implemented identity management solutions at various clients using SiteMinder, SailPoint Internet
Directory and SSO (OID and SSO) and the Thor provisioning product.
 Extended and add-on sales of over $500,000.
 Prepared SOWs and proposals to support pre-sales efforts

July 2002 – January 2003 – SLM - Quasi-Governmental, Publicly-Traded, Financial Services Company
Director of IT Security

May 2002 – July 2002 – Hoosier Lottery - State Lottery Organization

Contract Security Architect

November 2001 – May 2002 – Large Information Security/Risk Management Consulting Company
Senior Consultant

April 2000 – November 2001 – CSC - Global Consulting Organization

Senior Consultant
November 1995 – April 2000 – Andersen - Information Security/Risk Management Consulting Company
Security Architect
April 1994 – November 1995 – NBD - Large US Bank – Credit Card Divisions
Security Architect

April 1993 – April 1994 – Heller - Large US Finance Company

Security Consultant

November 1987 – April 1993 – Allstate - Worlds’ Second Largest Insurance Company
Security Consultant

Education
 B.S. in Accounting and Computer Science. LoyolaUniversity of Chicago
 MBA in Finance and Information Systems. Roosevelt University of Chicago.