Curriculum Vitae

Background

Andrew is a member of Accenture’s Digital Identity practice.

Creative problem solver with 20+ years experience in professional IT environments. Multiple skill sets background with focal points on Identity Access Management (IAM), Privileged Access Management (PAM), Automation (Python, Powershell) and Event Management. Seeking opportunities to utilize technology to find solutions for existing and future challenges.

Summary of Qualifications

  • 7+ years working in SailPoint Identity IQ (IAM) & CyberArk (PAM)

  • 7+ years working in Active Directory & LDAP

  • 2 years working in Ansible Automation

  • Maintained quick turnaround of projects and tasks

Platforms

  • Windows, Unix/Linux, Mac OS X

Languages

  • Powershell, Python, Bash, HTML, CSS, YAML, RST

Databases

  • MS SQL server

Selected Accenture Project Experience

Application Developer at Power and Gas company

  • Designed, built, and configured SailPoint IdentityIQ applications to meet business needs

  • Collaborated with multiple teams to gather and analyze requirements for application development

  • Implemented best practices and current security standards in application design

  • Assisted with troubleshooting system connections through multiple domains

  • Tested and debugged applications to ensure functionality and reliability

  • Developed documentation for daily processes

  • Maintained and updated SailPoint and other application code through Azure Dev Ops Repositories

  • Maintained inventory of:
    • SailPoint servers

    • SailPoint and other system accounts

    • Accesses to external systems

  • Accomplishments
    • Extensive PowerShell development for Active Directory research & testing for SailPoint Active Directory connectors

    • Functioned as on call support through two week long Change Go Lives, pushing SailPoint to Production

  • Systems included:
    • SailPoint, CyberArk

Technology Consulting Practitioner at Power and Gas company

  • Designed, built, and configured on-prem CyberArk application to meet business security needs

  • Managed all elements of CyberArk, assisted during system outages, planned and managed upgrades of systems

  • Designed Safe and Group permission infrastructure, which gave better visibility for better auditing users accesses to CyberArk objects

  • Developed PowerShell scripts to streamline and automate processes that were previously tedious manual tasks

  • Accomplishments:
    • Managed and planned CyberArk upgrade within DEV to PROD environments, tracking multiple component upgrades across physical and virtual devices

    • Redesigned Safe and Group infrastructure, updated permissions to over 1000 safes, utilizing PowerShell scripting

  • Systems included:
    • CyberArk PVWA

Technology Architect at Financial Company

  • Chief on-shore engineering lead, served as the key hands-on resource to drive conversations across all work streams. Worked closely with OCM Leads for the PAM work stream to structure and complete project deliverables:
    • Reviewed Client CyberArk Platforms and Policies

    • Onboarded Domain Administrator and other generic accounts to CyberArk with PSM capabilities

    • Established Windows and Linux Platform PAM Requirements including password rotation and connectivity options

    • Collaborated with adjacent PAM/WAM work streams to structure and plan project

    • Built PSM infrastructure in dev and test

    • Prepared PAM Functional Requirements, Solution Build Guide, PAM Use-Cases, PSM Solution Design and other key deliverables

  • Systems included:
    • CyberArk PVWA, PSM, Alero, EPM

IAM Testing Lead at Pharmaceutical Company

  • Reviewed, edited, and built test cases for regression testing of new IAM solution implementations

  • Ensured test cases were built with company policy requirements

  • Systems included:
    • ForgeRock AM & DS, CyberArk, SailPoint IAM, Company Legacy Applications

Information Security Analyst & Account Administrator at Healthcare Provider

  • Managed Identity Access Management through SailPoint IdentityIQ
    • Created certifications at monthly or quarterly intervals, dependent on company policy

    • Daily maintenance and refresh of SailPoint IdentityIQ systems and Identity Cubes

    • Implemented updates, roles, accesses to applications and systems

  • Managed Privileged Access Management and password rotation through CyberArk

  • Provided data security support and guidance to healthcare provider and affiliates

  • Represented the Data Security Office on project teams and other IS initiatives and worked with other IS operations support departments to identify and recommend solutions on security-related issues

  • Provided oversight of design, engineering, analysis, research, testing and monitoring of new applications or systems in the domain

  • Provided regular reporting of security related issues, mostly auditing users with Privileged Access

  • Assisted in technical analysis, design, support, and implementation of the day to day account administration requests regarding various types of access and application usage

  • Provisioned access to employees, contractors and vendors through Active Directory, AIX, AS400, UNIX, Linux, VPN, Remote Access and related systems

  • Assisted in the implementation and support of new technical solutions

  • Worked with regional and project team members to define business and user requirements

  • Upheld security policies regarding access related to job roles of employees

  • Upheld security policies regarding Active Directory access

  • Generated Reports regarding Active Directory access, network shares, application access

  • Developed work process and documentation for new team innovations

  • Accomplishments:
    • Implemented a Server Security Design Standard to ensure server builds met Privileged Access standards

    • Provided security insight and created new processes for employee onboarding and off boarding

    • Lead team and built processes for Server access cleanup project to remove access from servers where privileged access was granted in error

    • Was a key role in updating employee onboarding and off boarding processes

    • Redefined and tuned onboarding process for region specific employees