Resume

Skills

  • Identity Management Software: Sailpoint IdentityIQ 7.1 – 8.4, Sailpoint Identity Security Cloud, Oracle Identity Manager 9.0.1 – 12c, Okta Workforce Identity (SSO, MFS, Lifecycle Management), Hitachi Password Manager 11, SecureAuth, Internet2 Shibboleth, ForgeRock OpenIDM, ForgeRock OpenAM, Oracle Access Manager 10g – 11g, Oracle Virtual Directory, Evolveum midPoint Identity Manager
  • ˆIdentity Management Technologies: DXML, SAML, SASL, Kerberos, PKI, XACML, DCE, Biometrics, general cryptography, and federated identity management
  • Cloud Technologies: Amazon AWS, Microsoft Azure/Entra, Oracle Cloud
  • ˆDirectories: Active Directory, 398 Directory Server, Sun Java Directory Server, OpenLDAP, Oracle Internet Directory
  • ˆLanguages: Java (J2EE, JSF, Spring, ADF, Struts), C, Perl, x86 Assembly, s/390 Assembly, JCL, XHTML/CSS, and REXX
  • ˆOperating Systems: Solaris, AIX, Linux, zOS, Windows Server, OS X, and OpenBSD
  • ˆApplication and Web Servers: Weblogic, Websphere, Jboss, OC4J, Tomcat, Apache, IIS
  • ˆProtocols: DCE-RPC, SOAP, 802.11, GSS-RPC, HTTP, NCPASS-TLI, and SASL, WSDL
  • ˆDatabases: Oracle, MySQL, PostgreSQL, SQL Server
  • ˆMainframe Technologies: FDR, ISPF, TSO, Natural, Adabas, Syncsort, NCPASS, and MXI

Vendor Certifications

  • ˆ Sailpoint: Sailpoint IIQ Advanced Provisioning, SailPoint IIQ Basics, SailPoint IIQ Implementation
  • ˆOracle: Oracle Identity Governance
  • ˆHitachi: Hitachi ID Password Manager 11
  • ˆForgeRock: OpenIDM Implementation, OpenAM Implementation

Experience

  • ˆInstrumental Identity—Palmerton, PA
  • Senior IAM Architect / Partner: Nov 2011 – Present
  •  Joined with two of my fellow Principal Consultants from Entology/PwC to build an Identity Management company focused on delivering unparalleled expertise and experience with Oracle, Sailpoint, Okta, and midPoint Identity Management solutions.
    • R1 State University, Texas (Jan 2024 – Present)
      • -Architect and development for a large scale MIM to Sailpoint migration effort
      • -Successfully implemented all aspects of identity governance, provisioning, and account management using Sailpoint IIQ
      • -Developed several custom connectors and IIQ plugins to meet the unique needs of a large higher education environment
    • Insurance Company, California (July 2023 – Dec 2023)
      • -Redesigned Sailpoint IIQ Birthright roles
      • -Assisted in development of CI/CD deployment process
      • -Provided training and codebase cleanup
    • R1 State University, New Hampshire (Jan 2021 – July 2023)
      • -Architect and development lead for a large scale OIM to Sailpoint migration effort
      • -Successfully implemented all aspects of identity governance, provisioning, and account
        management using Sailpoint IIQ
      • -Developed several custom connectors and IIQ plugins to meet the unique needs of a large higher education environment
      • -Developed several custom user interfaces and workflows for accounts teams and helpdesk staff to manage identities
    • Fortune 500 Hotel Company, Scottsdale AZ (Dec 2017 – Dec 2021)
      • -Long term engagement – led restructioning and rebuilding of identity and access management team as well as high level strategy and product direction
      • -Evaluated existing OIM, OAM, and OIF environment and provided recommendations for short and long term identity and access management strategy
      • -Led upgrade project for OIM and OAM from 11gR1 to 11gR2ps3 versions
      • -Developed several new connectors for OIM and oversaw addition of several SaaS applications into single sign on domain
      • -Developed a strategy for migrating identity and access management infrastrcuture into AWS
      • -Implemented SecureAuth IdP and Okta technologies for access management and provisioning
    • Big 10 University, Minnesota MN (Jan 2016 – Oct 2016)
      • -Part of a team of 5 consultants designing a complete replacement for a homegrown identity management environment using Oracle Identity Manager 11gR2PS3
      • -Developed several connectors and event handlers to manage real time processing of identity data from several sources
      • -Responsible for production environment setup and management
    • Ivy League Private University, Providence RI (Jan 2014 – Nov 2015)
      • -Brought in after previous integrator was unable to deliver after two years. Delivered successful implementation on time and under budget
      • -Lead Architect on Oracle Identity Manager implementation encompassing 6 trusted sources and several dozen downstream systems
      • -Developed project schedule, requirements, use cases, and design documents
      • -Provided formal training and led team of 6 client developers in developing integrations
      • -Led go-live operations and provided post production support
         R1 State University, New Hampshire (Jan 2013 – Feb 2014)
      • -Lead Architect on Oracle Identity Manager implementation encompassing four universities, six trusted source systems and 12 target systems
      • -Developed project schedule, requirements, use cases, and design documents
      • -Provided formal training and led team of 4 client developers in developing integrations
      • -Led go-live operations and provided post production support
    • Fortune Global 500 Insurance Company, Novato CA (Aug 2012 – Dec 2012)
      • -Architected and built an Oracle Identity Manager install with trusted source integration to a Lotus Notes database
      • -Designed and built a custom password reset web application leveraging OIM as the backend processor
      • -Designed and built three custom connectors leveraging web services, database links, and remote secure shell script invocation
    • Public Social Network Company, San Francisco CA (Feb 2012 – Aug 2012)
      • -Provided significant enhancements and box fixes to OIM 11g environment
      • -Developed several new custom provisioning/reconciliation connectors for access car system, directory, and SaaS file storage system
      • -Provided ongoing training and knowledge transfer to permanent staff Top Tier Private University, Pittsburgh PA (Nov 2011 – Dec 2013)
      • -Provided in depth training on Oracle Identity Manager 11g deployment, configuration, and custom connector development
      • -Provided on demand support, architectural advice, and development
    • Fortune 500 Pharmaceutical Company, San Francisco CA (Nov 2011 – Dec 2011)
      • -Provided ongoing support and enhancements to existing OIM 11g environment
      • -Demonstrated OIA to steering committee and led discussion on pros/cons of an OIA deployment in their environment
  • PricewaterhouseCoopers LLP—Pittsburgh, PA
  • Manager: Oct 2008–Oct 2011
  • Joined PwC as part of the acquisition of Entology Inc. Served as architecture lead on many of the largest and most complex Oracle Identity Manager and Oracle Identity Analytics implementations in the United States. Responsible for proposing, staffing, and managing engagements of all sizes. Developed many custom connectors, tools, and training to assist the firm in delivering identity management solutions.
    • National Not-For-Profit Healthcare Provider, San Francisco CA (Aug 2011 – Oct 2011)
      • -Joined as architecture lead on in-progress Oracle Identity Manager application integration workstream
      • -Succeeded in turning around negative client perceptions and establishing PwC’s technical expertise credentials
    • Fortune 100 Healthcare Provider, Detroit, MI (Jun 2011 – Aug 2011)
      • -Architecture lead on Oracle Identity Analytics deployment and integration with Sun Identity Manager
    • Global 500 Telecommunication Technology Company, Ontario Canada (Apr 2010 – May 2011)
      • -Architecture lead on Oracle Identity Manager and Oracle Identity Analytics design and
        implementation project
      • -Worked with client’s architects to design highly available and redundant hardware infrastructure and Weblogic 11g cluster to support both applications
      • -Led onshore and offshore teams through requirements gathering, design, development and testing phases
    • Fortune 100 Retail Chain, Minneapolis MN (Nov 2009 – Mar 2010)
      • -Architecture lead on Oracle Identity Manager and Oracle Identity Analytics implementation
      • -Assisted in the design of a custom user interface for end users of both products
      • -Worked with client’s architects to design highly available and redundant hardware infrastructure
      • -Assisted in deployment of software environments, integration connectors, and customizations
      • -Mentored several PwC staff on Oracle Identity Manager and Oracle Identity Analytics software
    • Fortune 500 National Bank, Minneapolis MN (Oct 2009 – Jan 2010)
      • -Architecture lead on Oracle Identity Manager and Oracle Identity Analytics implementation
      • -Led evaluation of several RACF provisioning solutions
      • -Subject matter expert on several work streams to provide technical perspective to role management and provisioning enhancements plans
      • -Mentored several PwC staff on Oracle Identity Manager and Oracle Identity Analytics software
    • Fortune 1000 Higher Educational Institution, Phoenix AZ (Sep 2009)
      • -Developed and presented a week long in depth training session for the client
      • -Training focus was on Oracle Identity Manage architecture, configuration, and development
    • Fortune 500 Utility, Columbus OH (Feb 2009 – Dec 2009)
      • -Technical lead evaluating requirements and developing a multi-year IAM program roadmap
      • -Created infrastructure documents with recommended OIM, ORM, and OID system design for development, testing, and production systems
      • -Led several developer training sessions as well as requirement/technology fit gap evaluation sessions
      • -Developed custom connector and internal OIM process code to meet the company’s specific requirements
      • -Project manager for several month staff augmentation engagement to assist client in
        implementation activities
    • Fortune 1000 Payroll Company, Rochester NY (Dec 2008 – Apr 2009)
      • -Led project consisting of Oracle Identity Manager and Oracle Virtual Directory implementations
      • -Developed several custom reconciliation connector for Oracle eBusiness HR and deployed customized PwC Generic LDAP connector for Sun One LDAP 6.0
      • -Partnered with client architects to develop a roadmap for future phases of project including additional OIM target systems and Oracle Access Manager deployment to replace SiteMinder
    • Fortune 500 Healthcare Company, Philadelphia PA (Oct 2008 – Jan 2009)
      • -Led team upgrading Oracle Identity Manager from 9.0.3.1.6 to 9.1.0
      • -Performed extensive evaluation of existing Oracle Identity Manager implementation and deployed performance and process improvements
      • -Corrected multiple implementation problems with Active Directory and Exchange connectors
      • -Developed custom reconciliation connector for Exchange and OID doubling performance of reconciliation
      • -Evaluated and recommended solution for complex request/approval workflow requirements
    • Fortune 1000 Telecommunications Company, Rochester NY (Oct 2008 – Oct 2009)
      • -Led multi-phase Oracle Identity Manager implementation
      • -Developed custom connectors for Oracle eBusiness Suite HR, ComApp, RevChain, M6, Kintana, Med2, Network Cost, Kenan Arbor, Oracle eBusiness Suite Applications, Centrify
      • Integrated PwC Generic LDAP connector for Active Directory, Oracle Internet Directory, and Exchange
      • Developed custom Attestation Routing engine
      • Developed custom dynamic approval routing and notification engine
      • Performed upgrade from 9.0.3.1.6 to 9.1.0.2
  • Entology Inc.—Bedminster, NJ
  • Principal Consultant: Oct, 2006–Oct, 2008
  • Served as architecture lead on over a dozen Oracle Identity Manager and Oracle Access Manager
    implementations in the United States. Consistently delivered highly visible and successful projects as
    well as internal training and tool development to play a significant role in building the practice into
    leading implementer of Oracle Identity solutions. During tenure with Entology, we were awarded the
    Oracle Titan Award for excellence in security and identity management each year and subsequently
    acquired by PricewaterhouseCoopers.
    • Regional Privately Owned Grocery Store Chain, Pittsburgh PA (Jul 2007 – Dec 2008)
      • -Led multi-phase Oracle Identity Manager implementation
      • -Built custom connector for Peoplesoft HR reconciliation
      • -Integrated Oracle’s Active Directory, Oracle Internet Directory, and Peoplesoft User Management connectors
      • -Developed custom web services interface to Oracle Identity Manager’s API for password
        management use
    • Fortune 1000 Telecommunications Company, Rochester NY (Apr 2007 – Nov 2008)
      • -Led multi-phase Oracle Identity Manager implementation
      • -Developed custom connectors for Oracle eBusiness Suite HR, ComApp, RevChain, M6, Kintana, Med2, Network Cost, Kenan Arbor, Oracle eBusiness Suite Applications, Centrify
      • -Integrated Entology Generic LDAP connector for Active Directory, Oracle Internet Directory, and ExchangeDeveloped custom Attestation Routing engine
      • Developed custom dynamic approval routing and notification engine
      • Oversaw upgrade from 9.0.3.1.6 to 9.1.0.2
    • Fortune 500 Pharmaceutical Company, Madison NJ (Nov 2006 – Oct 2007)
      • -Assisted deployment of Oracle Access Manager
      • -Developed custom login page containing dynamic content based on user context and application
      • -Developed IDXML abstraction servlet to allow simplified clients to call into OAM
  • The Pennsylvania State University.—University Park, PA
  • Lead Systems Programmer: Feb, 2000–Oct, 2006
  • Selected to join 9 colleagues in forming a new department called Emerging Technologies tasked with evaluating, prototyping, and assisting with implementation of new technologies
    • -Technical lead on the Shibboleth team, a higher education federated identity management architecture
    • -Technical lead on single sign on team – evaluated and selected open source SSO system – contributed several enhancements relating to DCE/Kerberos integration
    • -Technical lead on a project to develop a custom DCE/RPC client server framework for integrating Smalltalk web front end with backend mainframe applications running on SoftwareAG Natural
    • -Developed web server modules and Java library to integrate with PassGO NCPass (RSA SecurID token authentication engine)
    • -Responsible for architecture and development of SAML/PKI based authentication/authorization layer for Mellon Foundation funded Peer 2 Peer file sharing utility for higher education use
    • -Provided education and consulting internally for Kerberos, DCE, PKI, SAML, and other security related topics