Employment

Marathon Oil 5/07-Present Technical architect for Marathon’s User Provisioning project. Responsibilities include developing requirements and use cases, and user provisioning strategies. Technologies involved are Sun’s Identity Management products (Sun Identity Manager and Sun Access Manager). Designed and implemented access request workflows involving SAP (R3, SRM and BI), Oracle, Microsoft SQL Server and Active Directory, and Remedy resources. Determining Access management and provisioning strategies utilizing Role Base Access Control (RBAC) for compliance with Sarbanes-Oxley.

United Heath Care 11/04-5/07 Technical architect for UHC’s User Provisioning project. Responsibilities include developing requirements and use cases, DIT and schema design, migration tools and user provisioning strategies. Technologies involved are Active Directory, Sun One Directory servers and Identity Management products (Sun Identity Manager, Sun Access Manager, and CA’s eTrust). Designed and implemented cross division federation utilizing Ping’s federation solution. Determining Access management and provisioning strategies utilizing Role Base Access Control (RBAC) for compliance with Sarbanes-Oxley and HIPAA requirements

Pearson Vue, Bloomington MN 9/04-12/04 Developed an in-house PKI solution for Pearson consisting of Microsoft Certificate Authority and Active Directory. Part of the project was the development of a “self-service” Registration Authority using Microsoft’s Cryptographic interface and Certificate Services, ADSI, and Openssl. The first deployment of the system was for the British government for client authentication for driving test.

TORO Corporation, Bloomington MN 6/03-11/05 Application Security Architect for TORO’s e-Commerce services. This involves designing and implementing a security infrastructure to provide a secure single sign-on and access control solution for TORO’s extranet. The project integrates Entrust GetAccess and CA, Lighthouse Waveset, Microsoft’s AD, ADSI, Novell’s eDirectory and DirXML to provide security for on-line ordering and reporting applications build on Documentum content management, BEA and IBM application and Plumtree portal servers.

Jostens, Bloomington MN 2/03- 6/03 Directory Services Consultant. Project consists of migrating existing Windows Domain Controllers to Microsoft Active Directory 2003. A key product of this project was to integrate Active Directory, for internal user, with Oracle’s Internet Directory Server (OID) for external user. This involved utilizing Oracle’s Directory Integration and Provisioning services and plug-ins and the development of custom OID plug-ins. Investigated the use of Meta and Virtual Directory technologies for user policy control and provisioning. Implemented a PeopleSoft to AD interface for automating user provisioning.

Deluxe Corporation, Shoreview MN 12/01-2/03 Senior Security Architect for Deluxe’s e-Commerce Directory and Security services. This involved designing and implementing iPlanet. Microsoft Active Directory and digital certificates services. The object for the project was to provide a secure single sign-on solution for Deluxe’s on-line product offerings and services to over 70,000 financial institutions. This project integrated e-Commerce on-line ordering and reporting applications build on IBM Websphere, BEA Weblogic, and iPlanet web and application servers utilizing Java, C/C++,, Oracle, and MQ series middleware. Interfacing with vendors to ensure they conform to Deluxe's requirements, specifications and security standards as related to the Gramm-Leach-Bliley (GLB) Act.

Sprint, Kansas City Mo. 9/98-12/01: Project Architect for network design and security on the Sprint ION (Integrated On Demand Networking) project. Assisted in the design and phased rollout of the project’s network and security infrastructure. This work includes:

· Technical Lead for a 12 developer team in developing a detailed design and implementation of an in-house PKI utilizing CORBA, J2EE, C/C++. This system provided secure authentication and authorization for internal and external users as well as providing security for network elements.

· Senior Architect for the deployment of IPsec, for the ION project. Worked with vendors (i.e. Cisco, Nokia) to determine product requirements. Assisted in the development of the IPsec code for an internally developed CPE device.

· System designer for the deployment of the LDAP and Meta-Directory infrastructure for the Sprint ION project. Evaluated and deployed directory services based on the iPlanet, Siemens DirX, and Microsoft’s Active Directory products for both customer and network element profile and policy information. This involved the development and defining of new object classes as well as the integration with the existing Sprint directory schemas and Directory Information Tree.

· Setting project milestones and timelines with other Sprint teams and outside vendors.

· Worked with the Web Services single sign-on developers to integrate the project’s directory services with the Netegrity SiteMinder and Entrust GetAccess products on the BEA WebLogic and iPlanet web servers.

· Member the One Sprint Application Security Architecture team. This involved developing a enterprise security infrastructure and architecture for

· Corporate wide directory services, user and application security applications.

Secure Computing Corporation, Roseville MN. 1992–1998: Design and development of Inter/Intranet systems to prevent unauthorized access of computer systems. Developed state of the art Network security systems on NT, UNIX, IBM, and VMS platforms. This work involved programming in both operating system and TCP/IP network protocol internals. Original member of the team that designed and developed Secure’s patented Sidewinder firewall. Performed network security and vulnerability assessments for both government and commercial customers. Extensive experience with PKI and Directory Services technologies i.e. X509, ASN.1, and LDAP (iPlanet, OpenLDAP). Senior project architect that involved several government agencies. Project lead on the company's Fortezza authentication product. Worked extensively with C/C++, JAVA/J2EE, CORBA on UNIX, and Visual C++, MFC, COM and DCOM on Windows

Sick Optic-Electronic, Inc. Eden Prairie, MN. 1990–1993 Supervisor Computer Application Worked for the leading manufacturer of surface inspection equipment specializing in moving web applications. I was responsible for all software support and development in the U.S and Asia. Interfaced with applications department in Munich on the development of the next generation of systems. Provided worldwide support and development of software in C/C++ in the UNIX and VMS environments. Designed and implemented system interfaces to customer quality control systems. Participated in all phases of project development and implementation.

E.I Dupont. Brevard, NC 1986-1990: System Manager of the process control facilities of an E.I. DuPont manufacturing area. I was responsible for system and network maintenance including system tuning and operating/layered product upgrades. Project lead for the application programming, maintenance, and development of new and existing systems. Acted as a resource for all areas of the technical service organization and was a consultant to the various areas' technical staff in determining both the hardware and software requirements for several of the plant's improvement projects.

Exxon USA & Shell Oil Company, Houston, TX 1985-1986: Installed and implemented several third-party software packages of both IBM and CRAY computers. Worked with the vendor in debugging early releases and in converting VAX FORTRAN and MACRO to IBM and CRAY compatible code.

ANR Production Company, Houston, TX. 1981-1985 Supervisor of Computer Applications for the geological and geophysical programming that supported four district offices in Denver, Co., Jackson, Ms., Oklahoma City, OK. and Houston, TX. Installed interactive computer graphic workstations in the district offices. I was responsible for networking of the remote sites as well as the interconnection of the in-house IBM and VAX computers. Programmed and implemented two and three dimensional geological graphing models and image processing techniques.

RACAL-DECCA Survey Systems, Inc. Houston, TX. 1973-1981 Senior technical engineer for South American operations. This included interfacing with clients and managing local logistics. Managed numerous geophysical surveys for major oil companies, sold hydrographic surveying equipment to several South American naval departments, and provided training on the equipment and general geodetic techniques. Returned to United States from South America and assumed the responsibility for data processing operations. Specifically, this included:

· Quality control for all seismic and geophysical surveys.

· Development of cartographic systems for both in-house and for sale to customers.

· Interfaced between the company and government and business clients. the most notable being, USGS (United States Geological Survey), NOS (National Ocean Survey), DMA (Defense Mapping Agency), Shell Oil, EXXON and Mobil corporations.

AT&T Kansas City, Mo. 1966-1971 Maintained and repaired system equipment. Received extensive training in digital electronics. Learned macro programming and board-level repair of electronic equipment. Attended night school for degree in Mathematics.

Education University of Illinois BS Mathematics 1973

Computer Experience

Languages: C, C++, CORBA, Java, Pascal, Perl, DirXML, XPRESS, .Net

User Interface: ASP, Javascript, VBS, HTML, Java, MFC, XML, X11, OSF/Motif

Database/tools: SQL/Server, ODBC, JDBC, ORACLE, and ORACLE RDB,

DB2(UDB), DBMS, PL/SQL, SYBASE

Networking: LDAP, IKE, IPSec, SCEP, SSL, SOAP, SAML, CORBA, COM, DCOM, OLE, OSF DCE, DECNet, LAN/LAT, SNA, SNA/Gateway, X.25, Ethernet, TCP/IP, MAP, TACACS/+, RADIUS, IOS

Applications: PKI, Cryptography, ASN.1, SAS, SAP, J2EE, Workstream, ManMan CiscoWorks, and OpenView

Operating Systems:

HP/DEC: OpenVMS, RSX11M/+, RT-11, VAX/ELN, OSF/1, ULTRIX

IBM: MVS/JES2/TSO/XA, VM;

RTOS: pSOS, VxWorks, OS9;

UNIX: System V/68, Linux, SunOS, Solaris, AIX, HP/UX, SCO, DEC

Windows NT/2000/XP/2003