469-693-3397
Srinivas Karedla
skaredla@yahoo.com
Frisco, TX
PROFESSIONAL SUMMARY:
• Over 20 years of experience in IT Strategy, Information Systems Security, Enterprise Security
Architecture, Security Policies & Procedures, Software Design & Development
• Extensive experience in developing and implementing security models, security design
patterns, access control mechanisms, authentication & authorization, auditing and
compliance, risk analysis, industry best practices
• Lead and managed several security implementations at clients from Banking, Mortgage,
Insurance, Pharmaceutical, Academic Universities, Telecom, and National Security
• Experience in leading and managing local and outsourced teams
• Able to combine analytical and creative thinking to deliver the right and economical solution
• Worked with large geographically distributed systems
• Highly motivated and result oriented
• US Citizen
CERTICATIONS:
• CISSP (Certified Information Systems Security Professional) from ISC2
• CISM (Certified Information Security Manager) from ISACA
• PMP certified (past)
EDUCATION:
• Master’s Degree in Computer Science, May 1994
School: University of Missouri-Kansas City (UMKC), Kansas City, USA
• Bachelor’s Degree in Computer Science and Engineering, May 1991
School: Osmania University (OU), Hyderabad, India
SKILLS SUMMARY:
• Familiar with Security Policies/Compliance Requirements:
o HIPAA, ISO, COBIT, SOX, FISMA, GLBA
• Information Systems Security:
o Confidentiality, Integrity, Availability, Reliability, Non-repudiation
o Awareness, Responsibility, Response, Ethics, Risk Assessment
o Access Controls, Administrative Controls, Logical Controls, Physical Controls
o Defense-in-depth, Need-to-Know, Separation-of-duties
o Identification, Authentication, Authorization
o High Availability, Disaster Recovery
• Identity & Access Management:
o Users & Identities, Roles, Organizations, Administrative Roles
o Role Based Access Control, Access Policies, Authorization Policies, Approval Policies
o Password policies, Approval policies, Authorization policies
o Provisioning, Reconciliation, Migration
Srinivas Karedla
CISSP, CISM
• Oracle Fusion Middleware: Oracle Identity Manager, Oracle Access Manager, Oracle Identity
Analytics, Oracle Identity Federation, SOA Suite, Web Services
• Enterprise Security Architecture:
o LDAP directories (MS Active Directory, ADFS, ADAM/AD LDS, Oracle Internet
Directory, Oracle Virtual Directory, Oracle Unified Directory, ODSEE)
o Mainframe security applications (IBM RACF, CA Top-Secret, IBM iSeries AS/400)
o Databases (Oracle, MSSQL)
o SAP, PeopleSoft, Siebel, BMC Control SA, Lawson HR, IBM Lotus Notes/Domino
o Kerberos, Integrated Windows Authentication, SAML, RSA Secure ID
o Oracle Pharmaceutical Applications: Oracle Clinicals/Remote Data Capture
o UNIX (Solaris, Linux, HP-UX), Boks/Keon
o Encryption/Decryption, SSL, HTTPS
PROFESSIONAL EXPERIENCE
Oracle USA; Frisco, Texas
Sr. Consulting Manager; Technical Lead
Achievements:
• Senior member of OCS (Oracle Consulting Services) Security Practice involved in the delivery
of Identity & Access Management solutions at client engagements. Firsthand knowledge of
several clients’ security infrastructures, limitations and pain points. Conduct risk analysis to
identify critical assets and vulnerabilities, evaluate existing security controls. Assist clients to
migrate to more robust enterprise security architecture. Responsible for providing strategic
direction and guidance to clients using industry best practices and security principles and
patterns.
• Managed teams implementing security solutions. Developed security policies, security
awareness programs, development guidelines, training and documentation, testing strategy and
procedures. Advised management on proper usage of information and provided
recommendations for improvement.
• Currently leading Oracle Fusion Middleware implementation at a large mortgage client with
teams from Identity & Access Mgmt, SOA/BPM, WebCenter Portal, WebCenter Content areas.
Involved in performing gap analysis, requirements gathering, use-case design, and solution
presentations to senior management.
• Successfully lead several large Oracle security implementations at clients. Lead client teams
and Oracle teams, both onsite and offsite. Designed and implemented SSO authentication and
authorization, migration from legacy to new security models.
• Lead several IT security projects involved in all phases of the project SDLC including:
planning, business/functional/technical requirements analysis, communication with
stakeholders, hardware planning, high-availability and disaster recovery planning, risk
management, system architecture & solution design, best practices, leading offshore
implementation teams, development, migration and transition, supporting testing and QA, Golive
activities.
Page 2 of 5
July 2008 to present
Srinivas Karedla
CISSP, CISM
• Worked with Information Protection teams for ensuring SOX audit and regulatory compliance
through attestation and remediation. Also provided security related training.
Hewlett-Packard; Richardson, Texas
Sr. Software Development Manager
March 2004 to July 2008
Achievements:
• Managed HP’s Connector Factory team involved in the design and development of security
connectors to HP’s Idm product Select Identity (HPSI).
• Performed architecture presentations, pre-sales POCs/demos, training to customers. Provided
technical direction and consultation to solution architects and delivery team on the field.
Customers include: Bank of America, Citigroup, US Bank, DTCC
• Worked with HP partners and OEM vendors to communicate requirements and manage
software projects involved in development and integration with several security infrastructure
applications. Established and managed development teams.
• Contributed to architectural enhancements on Identity & Access management and Identity
Federation
Trulogica Inc.; Plano, Texas
Software Development Manager
July 2003 to March 2004
Achievements:
• Managed a team involved in the design and development of Trulogica’s Identity Management
product Concero and account provisioning connectors to backend systems.
• Responsible for the architecture, design and development of connectors to several backend
systems for identity management
• Worked with overseas software vendors to communicate the requirements and provided
technical direction and guidance
Verizon; Irving, Texas
Sr. Architect
• Involved in several pre-sales customer visits to present the product and connectors, and POCs
March 2003 to July 2003
Achievements:
• Lead the development of a J2EE based Instant Messaging application that is used for
communication between internal help desk and customer clients.
• Provided technical direction to improve performance of existing J2EE applications
Page 3 of 5
Srinivas Karedla
CISSP, CISM
ASAP Inc. (Advanced Storage Array Products); Richardson, Texas
July 2002 to February 2003
Software Development Manager
Achievements:
• Managed a team involved in the design and development of backup and recovery software to
save and access SAN (Storage Area Network) data on different backup systems such as tapes,
SCSI drives, and RAID drives.
• Responsible for the design and development of ASAP’s StorSight Client application that is
used for the administration of the SAN.
• Designed and developed a plug-in module to HP OpenView Node manager. This module acts
as a gateway between HP OpenView Console and StorSight SAN management application.
Users at the console can directly launch StorSight application and monitor the SAN fabric
management server. Developed a similar application for IBM Tivoli
Trigon Technology Group; Richardson, Texas
Software Development Manager
August 2000 to July 2002
Achievements:
• Managed a team involved in the Design and development of a Java based EMS (Element
Management System) application to manage Network Elements
• Responsible for the design and development of a messaging platform that served as the base for
EMS and NMS (Network Management System) application development
• Responsible for the porting of the EMS application from C++ to J2EE
• Worked with Vertel’s overseas team for architecture transition and technical direction on
product improvements
DSET Corporation; Plano, Texas
Software Development Manager
January 1995 to August 2000
Achievements:
• Managed a team involved in the development of DSET’s OSS (Operations support systems)
Gateway product named LSR (Local Service Request) gateway that is used for passing LSR
orders between CLECs (Competitive Local Exchange Carriers) and ILECs (Incumbent LECs).
• Worked with software partners for interface requirements specification and product integration.
Some of the product integrations were: Metasolv TBS, Vitria Businessware
• Responsible for the design and development of DSET’s CIGP (Common Interconnect Gateway
Platform) that is used by OSS gateway applications for messaging, persistence, auditing etc.
• Responsible for the design and development of DSET’s core communication platform (DSG)
that is used to build several client/server applications exchanging ASN.1 data using CMIP.
• Initially started at DSET as customer support engineer responsible for Level 1 & 2 support.
Soon moved to product development.
Page 4 of 5
Srinivas Karedla
CISSP, CISM
US Sprint; Kansas City, Missouri
Software Developer
May 1994 to January 1995
Achievements:
• Responsible for the development of a Call volume display application to graphically display the
call volume by fetching real time call data from voice applications running on Tandem Nonstop
servers. The application is based on RPC client/server model with secure data transfer
Page 5 of 5