Director (Cloud Security) - Strategy, Architecture & Innovation @ BMO Financial Group
Tech Fellow @ EP3 Foundation
Specialist Director (IAM & Cloud Security) @ KPMG US
CICISO, CSO @
Executive Architect well versed in Enterprise Architecture (EA) and Enterprise Security Architecture (ESA) and Identity driven Integrated ESA. Subject Matter expert in Integrated Identity Infrastructure that includes IDM, IAM, GRC, Entitlement Management, Risk Management, RBAC, Audit, Compliance, etc., and the Integration of this Infrastructure for Mobile Security, Cloud Security, Data Center Security, Network Security, Application Security and
Executive Architect well versed in Enterprise Architecture (EA) and Enterprise Security Architecture (ESA) and Identity driven Integrated ESA. Subject Matter expert in Integrated Identity Infrastructure that includes IDM, IAM, GRC, Entitlement Management, Risk Management, RBAC, Audit, Compliance, etc., and the Integration of this Infrastructure for Mobile Security, Cloud Security, Data Center Security, Network Security, Application Security and Data Security. 23+ years IT experience and 13+ years in Identity and Security. Extensive experience of IT and cloud regulatory compliance and audit frameworks including ISO 27002, ISA99, SSAE16, HIPAA, PCI, and more.
Rakesh is often called by his peers as:
1) Inventor & Father of Fifth Gen AC Model (40+ inventions TBAC),
2) Prolific Author (3 books and 50+ papers),
3) World Renowned Keynote Speaker(100+ speaking engagements; 20+ keynotes),
4) Trailblazing "Thought Leader" in this space (Integrated Sec in Stack), and an,
5) Architect "Guru" & Renaissance Architect, who enjoys extensive Collaboration.
He is currently innovating on use case driven (usage model driven) Integration Designs for Optimized ESA and cross control co-ordination (actionable intelligence). Extensive experience in Architecture driven Program Management & Acquisition Management. C|CISO, CISSP, CCSK, CRISC, CGEIT, SCEA, SEI Certified SW Architect, Six Sigma GB, Prince 2, ITIL, TOGAF certified, Peoplesoft Certified Systems Architect and many more.
Innovation and Leadership
Big Data and MDM
Enterprise Security Architecture (Integrated Stack)
Cloud Computing (PAAS, SAAS, IAAS, Private, Hybrid Public)
Cyber Security (Data Center, Compute, Storage and Infrastructure)
Mobile & BYOD End Point Security
Enterprise Risk Management
Executive Program Management
Specialties: XML, XACML, SAML, STS, JEE, Federation technologies, TOGAF/ADM, SEI ADDM, Six Sigma, SABSA, etc.
Natonal Practice Lead & Principal Consultant @ National Lead (US) for IAM practice and acting Principal IAM Consultant
Consult and Innovate on IAM Maturity Models for;
* IAM in Cloud Computing (IAAS, PAAS, SAAS, Hybrid, etc.)
* IAM for Internet of Things (IoT)
* NG Threat Centric IAM
* IAM for Compliance Domains
* IAM for Integrated ESA
and more. From August 2015 to Present (5 months) Independent Consultant @ Proposed new TC for STIX (threat IN) based XACML (dynamic Access Controls) for OASIS
ISACA LA event organization, volunteering and speaking engagements
ECC CISO Trainer Certification (Certified to teach ECC CISO)
IAPP CIPT Test & Certification Preparation
Review AWS Cloud Security Certifications Curriculum
Research on advanced Big DATA technologies for Security Analytics and ESA From June 2015 to July 2015 (2 months) Senior Director; GIS, Security Architecture & Engineering @ Lead a Team of Security Architect's, reporting into Corporate CISO (at Carnival). Collaborate extensively with Senior Directors (peers) leading Security Operations (applied architecture), IAM (integrated IAM Architecture) and Compliance (Compliance driven Architecture) teams. Acting (brand level) C ISO for PCL location in Valencia. Led the development of 7 parallel POC projects (with 4 team members) with Use Case/Requirements and Integrated Design Specifications for:
a) Global Vulnerability Management (Qualys)
b) Advanced Threat Management (Fidelis vs Fireeye)
c) NG SIEM
d) NG Data Center Security Design
e) Shipside and remote LAN security
f) Data Security
g) App Consolidation and Security
all part of Transforming Enterprise Security, posture ! Transitioned work artifacts (architecture, design, engineering and integration artifacts) to E&Y. From January 2015 to May 2015 (5 months) Principal (Chief) IS Security Architect @ As a Principal (Enterprise) Security Architect playing the role of a Chief Security Architect responsible for conceptualizing, planning, designing and implementing complete and integrated security architectures, that support Amgen's Business Strategy and Specific Business Initiatives/Direction. Member of a group of Principal Architects at Amgen (Principal Network Architect, Principal Cloud Architect, etc) -defining the NG of IS reusable Designs and Patterns. Work closely with the EA team, CSO office, Compliance Office and the Research Department on various Amgen initiatives, relating to Enterprise Wide Identity & Access Management and Integrated Enterprise Security Architecture. Key initiatives includes:
a) Integrated ESA Vision 2020 - Risk driven Policy based Control Normalized Target - definition, assessment, report, presentation and socialization for Alignment across organizations
b) Security Design, Use Case design, Test Case validation for a critical NG SAAS platform aligning with HIPAA, HL7 and FDA Security/Safety regulations/recommendations along with the definition of Applications Technology Architecture, Secure SDLC and Integrated Data Security/Integrity (API/XML FW, App FW, DLP and DB FW) with common policy framework.
c) Design Patterns Catalog for - PAAS Security (Cloud-foundry and Open-shift), IAAS Security (Open-stack and AWS), Mobile Security Architecture/Design (SSO, layered VPN, MDM, NAC, etc), M2M security (RFID, bluetooth, NFC, Device IDP), Cloud DC optimization, MOF/SCADA manufacturing systems security design, BigData Sec IN and Compliance Oriented Sec Architecture (policy automation and control normalization), SAML/XACML in the Stack Design, etc.
d) Provide Direction for vendor activities and tasks in accordance with Target Design Architecture definition -including workshops, white boarding, reference design docs, etc.
e) based on ISO27002 - lead external auditors assessment of Security Policy & Procedures From March 2013 to December 2014 (1 year 10 months) VP, Senior IAM Architect, Enterprise Security Architecture @ Member of the Bank of America - Enterprise Security Architect team as a Senior IAM Architect. Lead the Bank's FG XACML based entitlement project, defined 37 Patents around a 5th Generation AC model - that goes beyond ABAC and RiskADAC, defined a Target AuthN and AuthZ Architecture for the Bank for 2012 to 2017 - and 5 stages for each year (validated all 5 proposed stages via a POC,Pilot and Prototype). Enterprise Entitlement project resulted in the definition, design and deployment (partial) of the very First Integrated Enterprise Security (Technology) Architecture for Bank Enterprise Wide. Alignment of IAM Architecture with Information Security Architecture, Application Security Architecture and Network Security Architecture. Alignment of Applied Architecture with Aspired Architecture. Awarded "Inventor of the Year for 2011" by Bank's CIO. Lead several 2 day to 4 day workshops with different security and developer groups.
Risk Assessment and Technology Due Diligence of nearly 24+ Security Projects, to ensure alignment and architectural direction. From March 2011 to November 2012 (1 year 9 months) Chief IAM Architect -Sr. Security Solutions Architect @ Technology Lead for Integrated ID Infrastructure and GRC solutions for OEM/NEP BU within CGBU. Lead a Reference Architecture and Reference Implementation model for IDM Integrated Cloud Security. This Reference Architecture included integration of 24+ security products from Oracle and the Partner community.
Lead multiple POC, Pilots, Proto-types and Production release of Integrated IDM Infrastructure for the Telco vertical and 30+ ISV SW partners. Broad range of Integrated ID Stack experience that includes; Identity Management, Role Management, Access Management, Admissions Control, Authorization and Fine Grained Access Control, Audit/Logs, Adaptive/Risk engine, XACML based master PDP, SEIM, ID warehouse/Analytics, Device and Service AuthN, Federation, and more. Lead Architect for one of the largest rollout of Integrated ID Stack at Verizon Comms, Verizon Wireless and Verizon Business. Directly worked 30 + ISV SW CTO's integrating OpenSSO and Sun IDM Stack. Completed several (20+) Architecture Assessments for Customers including; Amdocs, Optiglobe, Telcel, Telus, AT&T, Nextel, Verizon, Vodafone and accounts in Canada, US, Latin America and EU. Assessments focussed in one domain for each effort: for example;
a) Risk & Controls Assessment (of a large ecommerce Site),
b) High Availability Assessment (of a 90million subscriber Billing System),
c) Scale Assessment (performance and stress test -pre production of a Financial Exchange),
d) Security Assessment (security design of an Application/Data and Pen Tests),
e) DR Assessment (Datacenter Disaster Recovery Comparative Assessment),
f) Operations (Integrated SIEM & Incident Response effectiveness)
g) Compliance Assessment (against NIST, FIPS, PCI, etc.)
h) Architecture/Infrastructure Consolidation
I) App/Tech and Platform Modernization
Each 6-12 week engagement resulted in delivering an Architecture Workshop and a Architecture Assessment Report. From September 1999 to December 2010 (11 years 4 months) Enterprise Systems Architect @ Sybase DBA, Solaris Administration and Peoplesoft Architect - Program Management at CERTLAB (BLS/DOL) .. Lead Architect for Unix/Sybase env for Peoplesoft implementation. Got Certified as a Sun Certified Solaris Admin and Sun Certified Network Administrator (self study). Also got certified as a Peoplesoft Systems Architect Pro (with F2F training) and fully trained as a Sybase DBA. Designed Secure OS, Secure Volume Management (veritas), Secure DB and Network Security for peoplesoft deployment, which included People Tools Security Administration and Tuxedo Security Administration. Lead a Team of IT staff at CERTLAB - with a mission to TEST and Standardize IT infrastructure across DOL along with the Governance of IT (DTMSI team). From August 1995 to September 1999 (4 years 2 months) Sr. Systems Admin/Test Lead @ Lead Solaris Systems Administrator and Test Lead for the Infrastructure supporting DO, DU and DT (mortgage applications). Designed, Developed and Deployed a home grown Monitoring and Sys Admin tool written in SED, AWK, Grep and Perl. This tool was widely used across 1000+ Unix Boxes in the Network. From 1995 to 1995 (less than a year) Communications Engineer @ Novel LAN Administration, Cisco Switch and Router setup and configuration, Connect Devices and PC's to common network shared services. From 1994 to 1995 (1 year) Systems Analyst @ Novel LAN Administration and COSTAR Database Administration. Trained staff on advanced features of MS Office Suite. From 1993 to 1994 (1 year) DB Administration Intern @ DB Programming in AREV v2, DB Design and DB Administration for real estate database and prospects DB. Setup Advanced Reporting based on NG Query Language. Migrated data from local economic development agencies across Norfolk, Suffolk, Portsmouth, Chesapeake, Virginia Beach, Hampton and Newport News (hampton roads region). Masters project in MBA was based on work done at FHR. From 1990 to 1992 (2 years)
CCSK, Cloud Security, PASS @ Cloud Sec Alliance From 2013 to 2013 CICISO, CSO, PASS @ EC Council From 2013 to 2013 CRISC, Risk Management and Control, PASS @ ISACA From 2012 to 2012 CGEIT, Governance of IT, PASS @ ISACA From 2012 to 2012 CISSP, Information Security, Pass @ ISC2 From 2011 to 2012 SCP, Java Security, n/a @ Sun Education From 2000 to 2010 ITILv3, Basic, Pass @ OGC From 2009 to 2009 Prince 2, Program Management, Pass @ OGC From 2008 to 2008 SW Architect, SW Architecture, Pass @ Software Engineering Institute From 2007 to 2008 Green Belt Six Sigma, QA, Pass @ Sun Six Sigma School From 2007 to 2008 TOGAF v8, Enterprise Architecture, Pass @ The Open Group From 2007 to 2007 EXEC MS, Management of IT @ University of Virginia From 2003 to 2004 Systems Architect Pro, Peoplesoft Systems Architecture, Pass @ Peoplesoft Education From 1998 to 1999 MS, Computer Science, completed 30 credits out of a 39 credit program (relocated) @ University of Maryland From 1996 to 1998 Sybase Certifications, Database, n/a @ Sybase Education From 1996 to 1997 ECCSE, Enterprise Computing Certified Systems Engineer, Pass @ Sun Education From 1996 to 1996 MBA, MIS @ Strome College of Business From 1990 to 1992 Rakesh Fellow" is skilled in: Enterprise Architecture, Security Architecture Design, Identity Federation, XACML, Security, Java Enterprise Edition, Information Security, Strong Authentication, Application Security, Infrastructure Security, Identity Management, Strategic Architecture, Network Architecture, DB Security, GRC