Implemented critical and high priority Information Security and Fraud Prevention projects for centralized database that serves data to over 1,600 applications and stores information for over 400 million users worldwide. Reviewed and validated over 1,600 applications for security compliance.
Responsible for designing the batch load strategy required to upload data in a batch and scheduled fashion into Oracle EBS. Configured and developed Interfaces, Procedures, Models using Oracle Data Integrator for E-LT uploads of data from file into Oracle EBS for various batch interfaces.
Developed resource capacity planning tool to provide visibility into resource allocation and availability and drive process improvement for source control strategy for multiple concurrent development projects for Cocoa Framework team.
Project Management services for web based application that integrates with various other enterprise systems using SMTP, HTTP, SOAP and LDAP and manages user authorization and provisioning either automatically or manually using complex approval or workflow engines.
Build a tool using SQL, PL/SQL to help the DBA team efficiently manage the increasing number of mission critical databases and which will not only propagate the same changes across a large number of databases quickly, but also reduce possibilities of mistakes, all while making it easy for others to monitor database change activity.
Development of send and receive request for provisioning system that sends set of identifiers to the manufacturing system and receives acknowledgement once a unique identifier is allocated for all manufactured devices in a Java, JBoss, JProfiler, Hibernate environment.
Designed and implemented an Automated Email Verify and Monitor framework to verify that generated email meets specific conditions to ensure proper operation of mail generation and delivery process using Java, JBoss, XML, Oracle technologies.
In the Digital Signature Luna Devices Refresh Project, the client was highly concerned about the roll out of the project as the major revenue security device was getting upgraded. The project was rolled out on time and not a single issue was reported even after 3 months after the roll out.
Built reporting module around existing Generic Mail Service to derive Hourly, Daily, Monthly and Yearly statistics on emails sent, opened counts, undelivered emails etc which was very much needed by business for analytics.
Designed and developed an online mortgage application using Spring Framework, JAXB, JMS, JSTL which facilitates the completion of loan application by guiding the applicants through the loan process from submittal to the approval of a loan.
Provided project management for Web App Support project which created a set of libraries, tools, and/or services to make it easier for software development teams to build web applications and re-use transactions across multiple platforms.
Web security assessment to find vulnerabilities like SQL/XSS and other injection flaws, CSRF, information disclosure and improper error handling, broken authentication/authorization, insecure communication, malicious file execution, privilege escalation on web applications.
Improvements to look and feel of enterprise application system used for generating internal and external communications based on user feedback and in collaboration with in-house UX/UI designers. Implemented redesign of various features, modal windows, customization of jQuery lightbox plugins.
Responsible for design, architecture, implementation and testing of iPhone, iPad application on iOS platforms for a mail promotion system that sends out millions of email messages worldwide.
Introduced and established Autosys workload automation management tools in large infrastructure and installed, configured, documented Autosys R11.3 with failover process using Oracle 10g.
Full black box penetration testing of one of external class C network that included network security assessment to find vulnerabilities on the network, server software layer and find other sensitive information that is publicly available on Internet about the target.
Enhanced existing online banking application to re-structure the checking and saving product lines, which involves re-packaging the products lines, change the product availability among various states within the U.S, as well as re-structure the banking fees using Spring, MVC, JSTL technologies.
Created over 300 SSL certificates for Retail ACL Management project designed to consolidate the access lists (ACLs) to increase security and reduce complexity for applications subject to PCI and SOX compliance in preparation for migrating to a stateful firewall.
Primary responsibility was to investigate and audit the current state of the Apropos system. Analyzed the 83 servers that are currently part of the Apropos system to capture all the relevant information and configuration on each of those servers and proposed solution on how to correct those issues in order to increase the resiliency, security and performance of the entire Apropos system.
Designed and developed a complete search framework from scratch with filters that can parse both email body as well as different type of attachments and evaluate each email against the search criteria, with any matching emails get copied to a specific location for security admin to review them.
The scope of In Product Licensing project was to understand the capacity of existing hardware and tune the J2EE parameters from application software stack to understand the peak load supported by the system. Entire WebLogic setup was done and the project met the guaranteed capacity and response time with 30 % resource utilization.
Improved an account migration tool to balance the Oracle 10g, 11g database load and improve performance of deletes, apart from providing training for performance tuning and troubleshooting performance issues.
Creation of a web portal for monitoring application infrastructure using Storm, Hadoop Map
Reduce jobs that provides support team an integrated view of the system, allowing them to pre-
empt any serious errors, minimize downtime and optimize performance.
Maintained in real-time a centralized enterprise-wide data based repository to identify ownership
of applications and systems, as well as their network details including IP addresses, hosts,
devices, ports, escalation paths, etc.
Assisted Splunk team to configure and automate Rsyslog/syslog-ng/Splunk universal forwarder to transport application logs securely (TCP/TLS) to a remote server used for monitoring fraudulent activities, including testing and implementation of log transport agent.
Create content for distribution across multiple channels and organizational change management (OCM), user experience and in-house communications including video scripts, technical writing, documentation and validation. Perform content analysis, validate existing content, and update keyword tags for improved customer experience.
Management and execution of a global data migration for over 75 large-scale, business-critical
P0 and P1 applications as well as feature and release management for the Mobile Services and
Asset Management Systems teams.
Lead a pilot program to leverage Big Data capabilities to strengthen PCI-DSS compliance and reporting across company-wide network, bringing on new internal organizations one-by-one to demonstrate and deliver value-add to ensure vulnerability remediation initiatives were achieved.
Perform network vulnerability assessments and lead entire Web Applications Security Program, including managing ongoing scanning and testing of external web applications and collaborating to create new tools and process automation capabilities/procedures.
Develop frameworks, applications and data models on high volume and performance scalable systems for reporting under Hadoop umbrella using Map Reduce, Oozie, Pig, Weka and handle aggregation of large volume data sets in range of Petabytes.
Security logging analytics and log onboarding to Splunk and ArcSight via syslog-ng for
PCI/PII/SOX compliant applications including resolution of vulnerabilities and delivery issues.
Migrate users of Entrust SSL certificates to an internally developed system that issued certificates
using existing certificate authority infrastructure realizing in significant cost savings of more than
$750,000 and increased the flexibility of certificate management.
Architect a hybrid public/private cloud platform (IaaS, PaaS & SaaS) across Amazon Web
Services, Terremark, HP Cloud Services, DataPipe, Google Compute Engine, CloudStack and
Rackspace, and implement a new Cloud Management Platform from CloudSwitch, CloudStack,
OpenStack, RightScale, ScaleXtreme and VMware vCloud Automation Suite.
Led a high-profile implementation and rollout of a service life-cycle management platform
including a wizard-based application on-boarding tool to centralize and automate how business
functionalities are exposed and built by various business groups.