JIMMY PAZOUKI
8250 WESTPARK DR SUITE 516
MCLEAN VA 22102
STATUS:
US CITIZEN with Active Public Trust Security Clearance
EDUCATION:B.S. In Computer Information Systems (CIS)
STRAYER UNIVERSITY:
June 1989 - Washington, DC
Bank of New York
Mellon Government Solutions
05/14 – Present
Cloud Architect/Information Risk Officer
Assigned
to the Bank of New York Mellon Government Security Information Risk
Management group supporting their Federal clients HUD/ Government National Mortgage Association (Ginnie Mae) and Small
Business Administration (SBA). In this capacity, supported NIST/FISMA/FISCAM/RMF/FedRAMP
& Cyber Security Framework (CSF) programs encompassing Vulnerability
Assessment & Management, Information Security Continuous Monitoring
(ISCM) SP 800-137 and Authorization to Operate (ATO) related controls &
activities.
Performed
Security Assessment & Authorization (SA&A), Cybersecurity Monitoring,
Malware Analysis, Threat Analysis, Network/Host Intrusion Detection, Security
Operations Center (SOC), Triage, Containment, Reviewing Nessus Scans,
Remediation recommendations for high risk business systems and reporting
within the NIST SP-800 61r2, Incident Response Life Cycle. Designed and
implemented Identity & Access Management (IAM), Single Sign On (SSO) and
SIEM technology solutions using Splunk Enterprise monitoring a Complex
GinnieMae Production environments.
Subject
matter expert in complex Cloud ERP & CRM system Migration &
Integration (Office-365, NetSuite, UltiPro, Salesforce & Halogen
TalentSpace) encompassing Single Sign On (SAML, OAuth2, ADFS, Multi-Factor
Authentication, Active Directory Provisioning & Synchronization,
integration using Cloud Identify Providers (Okta, SailPoint, PingIdentity,
Centrify, OneLogin). Security Information and Event Management (SIEM),
Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint
Protection, Network Protocols and Operating Systems. Proficient in Splunk
Enterprise, ArcSight, Nessus, TripWire, DbProtect, AppDetective, IBM RACF
Security, Windows, UNIX, Linux, DBMS, and IBM Mainframe.
Proficient
in the following government regulations and standards: National Institute of
Standards and Technology (NIST), NIST SP 800-53 rev3/rev4, Federal
Information Security Management Act (FISMA), Federal Information System
Controls Audit Manual (FISCAM), Gramm Leach Bliley Act (GLBA), HUD Handbook,
Sarbanes Oxley (Sox) and National Housing Act.
US Department of
Education – Federal Student Aid
(FSA)
08/12 – 04/14
Sr. Security Enterprise Architect
Assigned
to Office of Chief Information Office (OCIO) at FSA to support the execution
of Technology Office Enterprise IT Architecture and Strategic Infrastructure
Group (EITASIG) mission in providing enterprise-wide technology planning and
oversight; developing and evolving technology architecture; developing and
promulgating technology standards; and providing and maintaining the
necessary governance, processes and discipline to ensure that FSA is
investing and using information technology wisely. In this capacity,
Performed Market Research, Prepared Technical/Non-Technical Presentations,
Generated White-Papers, and other technical advisory activities in support of
EITASIG’s solution architecture and enterprise architecture activities.
Contributed and participated in FSA’s Technical Proof of Concept (TPOC)
projects encompassing FedRAMP, Enterprise Content Management, Mobile
Strategy, Business Intelligence in support of Architectural Review Board
(ARB) and Engineering Review Board (ERB) and their activities.
·
FedRAMP
Compliance & Implementation (CSP, 3PAO, Continuous Monitoring, Threat
& Risk Assessment, FISMA, NIST SP 800-Series)
·
Enterprise
Mobility Roadmap (HTML5, CSS3, WebKit, jQuery Mobile, PhoneGap,
Responsive Design, IBM Worklight Mobile Platform)
·
Emerging
Technologies & SOA Roadmap
·
Technology
Standards and Products Guide (TSPG)
·
Content
Management System (CMS) & Collaboration (HP Automy TeamSite, SharePoint)
·
Business
Intelligence Tools Comparative Analysis & Recommendation (ETL, Data
Warehousing, Data Marts, OLAP, Dashboards)
·
Service
Oriented Architecture & Governance (Oracle Fusion Middleware Stack)
·
Virtualization
using VMware Horizon View (VDI), Hypervisors, Citrix NetScaler,
Citrix XenApp
FSA
Production environment is comprised of the following Products:
Informatica
PowerCenter 9.5, IBM Data Stage Warehouse Builder, Oracle Warehouse Builder,
SAS/Warehouse Administrator, SQL Server Integration Services (SSIS), IBM
Cognos, Oracle Hyperion, Information Builders – WebFOCUS, MicroStrategy
9.3.1, SAP Web Intelligence, IBM InfoSphere Information Server (IIS), Oracle
Data Integrator, SAS Data Integration Studio, DB2 Universal Database, Oracle
11gR2, SQLServer-2012, Mainframe Legacy (IBM DB2, IDMS, CICS, VSAM, JCL,
Cobol), IBM WebSphere Application Server (WAS), HP Autonomy TeamSite 8.4,
Tivoli Access Manager (TAM), Tivoli Identity Manager (TIM) and
MS-SharePoint.
Department of
Treasury
US MINT
08/11 – 08/12
Sr. Security Cloud Architect
Assigned
to the Department of Treasury, US MINT OCIO PMO technical support team
implementing a Cloud Service Model by Integrating Infrastructure Services as
an eCommerce Software as a Service (SaaS) Transactional solution in
supporting the Sales & Marketing, Finance, Legal, Enterprise Operations
& Manufacturing department. Responsible for Governance, Technical
Architecture, Project Management and Systems Integration for the following
functional areas: Interface Design, Business Process Monitoring,
Human Workflow User Interface, Business Process Management (BPM), Connectors,
Transaction Manager, WS-Security, Web-Services, Application Container,
Messaging Services, Metadata Repository, Naming and Directory Service and
Distributed Computing Architecture.
JBoss
Enterprise Service Bus (ESB), Oracle Fusion Middleware 11g, Oracle SOA Suite
11g, Venda Cloud Commerce Platform, MS-Active Directory Federation
Services (ADFS), Security Assertion Markup Language (SAML), Single Sign On
(SSO), Red Hat Enterprise Linux Server, VMware Private Cloud Solution, Cloud
Lifecycle Management, Application Release Automation, Service Level
Management, Dashboards and Analytics and Orchestration.
United States
Department of Treasury
Internal Revenue
Service (IRS)
MITS-Cybersecurity
eAuthentication Single Sign-On (SSO) Initiative
03/11 – 08/11
Sr. Security Specialist
Assigned
to the US Department of Treasury, Internal Revenue Service (IRS) and
MITS-Cyber Security eAuthentication Single Sign-On (SSO) technical Support
team. In this capacity worked closely with IRS eAuthentication group,
Computer Associates professional services and PRIME Development organizations
in Planning, Engineering, Installing, Configuring and Implementing the CA SiteMinder
Web Access Manager (WAM) r12 product within the IRS Production environment.
Initially
created the IRS CyberSecurity eAuthentication Design Specification Report
(DSR-1) artifact that Captures & Documents all IRS integration
components impacted by implementation of CA Identity and Access
Management (IAM) solution with the following Key functional capabilities:
·
Web
Access Manager (CA SiteMinder WAM)
·
Policy-Governed
Authentication and Authorization
·
Administrative
Delegation
·
Identity
Federation (X.509, OTP, RACF, ACF2, SAML
& ADFS)
·
Single
Sign On (SSO)
·
Identity
and Access Management (IAM)
·
CA
Identity Manager
·
CA SOA
Security Manager
·
WS-Security
·
Non-Web
Applications
·
Authentication
Technologies (X.509, One-Time Password (OTP), RACF, ACF2)
·
Policy
Decision Point (PDP)
·
Oracle
Java 2 Enterprise Edition (J2EE)
·
Microsoft .NET Architecture
·
IBM SNA, ATM & MPLS
United States
Department of Agriculture (USDA)
Forest Service (FS)
Litigation Hold –
eDiscovery Program Support
05/10 – 03/11
Sr. Enterprise Architect
Assigned
to the US Department of Agriculture (USDA), Forest Service (FS), Office of
Chief Information Officer (OCIO) Litigation Hold Technical Program support
team. As a Sr. member of enterprise architecture team and Subject Matter
Expert (SME) responsible for creating Enterprise technology strategies,
architectures and technical plans that were aligned with the Agency's
Mission, Strategy, Goals, and Business Objectives in supporting the
Litigation Hold & eDiscovery Program initiative. eDiscovery program uses
Electronic Discovery Reference Model (EDRM) framework to ensure that policies
set by Office of General Counsel (OGC) are properly translated into IT
processes to Collect Forensic Images & Preserve Electronically Stored
Information (ESI) at the agency level.
·
Established
communication strategies among USDA Legal, Business & Technical
entities: Office of General Counsel (OGC), Office of Regulatory
and Management Systems (ORMS), Freedom of Information Act (FOIA), Investment
Review Board (IRB), Capital Planning, Investment Control (CPIC) and Office of
Chief Information Officer (OCIO) to Plan, Design and Implement Litigation
Hold – eDiscovery operational requirements.
·
Established,
Maintained and Managed Key Documents & Procedures in Security Testing
& Evaluation (ST&E) process in support of Business Continuity
Planning (BCP), Disaster Recovery Planning (DRP) and Continuity of Operations
Plan (COOP) initiatives. Performed Business Risks & Impact of Potential
Emergencies, Application Availability, Business Continuity, Disaster Recovery
& Compliance.
·
Established
technology and architecture related SOA policies, standards, and guidelines
and provided architectural oversight and support to solution delivery teams
·
Established
and maintained alignment of the Enterprise technology architecture to
Agency business strategy, goals and objectives, and the defined
architectures of other key Enterprise architecture domains (e.g. Application,
Data, Security, etc)
·
Developed
and maintained future state technology architectures and transition roadmaps
which met the enterprise needs as identified during current state
architecture analysis and the assessment of gaps and opportunities by creating
the CONOPS artifact
·
Collaboration
with key stakeholders to translate strategic requirements into a future state
vision, architectural blueprint and migration roadmap for Agency’s technology
infrastructure and platform. In this capacity, Educated, Evangelized and
Conducted transfer knowledge sessions regarding technology strategies,
architectures and migration plans
·
Facilitated
the definition of, and adherence to, technical standards and usage guidelines
set by OMB Enterprise Architecture Framework (FEAF), FSAM, CSAM, TRM, BRM,
DRM, SRM & PRM
·
Maintained
an ongoing awareness of emerging technologies and industry trends to inform
enterprise technology strategy and direction of agency in support Litigation
Hold initiative. SOA, Oracle BPM (ADF), Cloud Computing (Private, Community,
Public), Software as a Service (SaaS), Enterprise Content Management (ECM),
Oracle 11g Stack, Guidance EnCase, Clearwell eDiscovery Platform, IBM, SAN,
Technology Bricks, FISMA, Security Architecture, Virtualization, Business Continuity
Planning (BCP), Disaster Recovery Planning (DRP), COOP strategies and
Business Intelligence.
United States Department of Treasury
Internal Revenue
Service (IRS)
MIT-CyberSecurity
FISMA Program Support
10/09 – 05/10
Sr. Security Specialist
Assigned
to the US Department of Treasury, Internal Revenue Service (IRS),
MITS-CyberSecurity FISMA Program Support team. As a member of Security
Assessment & Authorization (SA&A) Documentation team, Planned,
Managed, Coordinated and Conducted working sessions for different IRS
Applications in support of NIST-800 Series and FISMA’S Information
Security Domains for application to grant Authority To Operate (ATO).
Performed Security Assessment & Authorization (SA&A) activities
including Security Assessment Report (SAR) creation, Developed & Executed
Security Control Assessment (SCA), Populating System Security Plan (SSP),
Information Technology Contingency Plan (ITCP), Privacy Impact Assessment
(PIA) and other SA&A related documents in compliance with NIST 800-37 and
FISMA requirements.
Established,
Maintained and Managed Key Documents & Procedures in Security Testing
& Evaluation (ST&E) process in support of Business Continuity
Planning (BCP), Disaster Recovery Planning (DRP) and Continuity of Operations
Plan (COOP) initiatives. Performed Business Risks & Impact of Potential
Emergencies, Application Availability, Business Continuity, Disaster Recovery
& Compliance.
Subject
Matter Expert (SME) in the following Security Domains:
·
Business
Continuity Management . Policies and Procedures
·
Information
Classification . Identity & Access Management
·
Access
Control . Infrastructure & Operations Security
·
Incident
Response . Privacy & Data Protection
·
Network
Security Operations . Security Management
·
Security
Architectures . Vulnerability Management
·
Disaster
Recovery & Business Continuity . Security Governance and
Management
·
Risk
Management . System Development Life Cycle
United States
Department of Health & Human Services
National Institute
of Health (NIH)
National Heart, Lung
& Blood Institute (NHLBI)
Center for Biomedical Informatics and Information Technology
(CBIIT)
03/09 – 10/09
Sr. Enterprise Architect
Assigned
to the US Department of Health & Human Services (HHS) National Institute
of Health (NIH), Office of Chief Information Officer (OCIO) Enterprise
Architecture team responsible for development of the Modernization Blueprint
for National Hurt, Lung, Blood Institute (NHLBI) Enterprise Architecture
Steering Committee Clinical Systems. This Model Driven Architecture (MDA)
will leverage the latest Object Oriented Industry Standards and Office of Management
& Budget (OMB) Federal Enterprise Architecture Framework (FEAF). In this
capacity, I was responsible for Development of NHLBI Technical Architecture
using J2EE Specifications, NIST Security Requirements (800-53 Series),
Defining Application Security Patterns, UML, SPARX Enterprise Architect
Modeling Tool, IBM Cognos (BI), Oracle BPM (ADF) and Constructing Meta Models
with Platform Independent views.
This
included using the Federal Segment Architecture Methodology (FSAM) which
defines a specific process and set of deliverables, intended to bring
consistency in describing IT Models, Business Processes, and Data across the
US Government. The FSAM approach was used in defining the performance view of
a given Business Segment. Specifically in defining the strategic objectives
of the organization’s leadership, expressed in terms of specific business
performance metrics and goals. The end results included a Target
Architecture, Business Process, Business Performance Metrics, and a well
defined Solutions Architecture that will guide the implementation of the
future-state IT systems. Together, these formed the Modernization Blueprint
for the NIH Business Segments.
Established,
Maintained and Managed Key Documents & Procedures in Security Testing
& Evaluation (ST&E) process in support of Business Continuity
Planning (BCP), Disaster Recovery Planning (DRP) and Continuity of Operations
Plan (COOP) initiatives. Performed Business Risks & Impact of Potential
Emergencies, Application Availability, Business Continuity, Disaster Recovery
& Compliance.
United States
Department of Commerce -
National Oceanic and
Atmospheric Administration (NOAA)
National
Environmental Satellite, Data and Information Service (NESDIS) - OCIO
10/08 – 02/09
Sr. Enterprise Architect
Assigned to the NESDIS Chief Enterprise Architect
in Developing Functional and Technical Architectural Layers for the NESDIS
Enterprise Architecture Program. In this capacity performed the followings:
·
Served
as the primary NESDIS EA Repository steward responsible for configuring IBM
System Architect for the NESDIS EA Programs, Defining and Populating the
NESDIS EA Encyclopedia within System Architect, acting as a liaison between
IT Solution Architects and System Administration staff to create system-level
encyclopedias, publishing EA content to the web, defining EA repository
processes for access, configuration management, and Business Intelligence
functionalities.
·
Developed
EA Artifacts across the full lifecycle of EA support, including Baseline
Architecture, Enterprise Requirements Definition, Target Architecture,
Transition Planning, Implementation, Segment Architecture, EA Governance, EA
Program Management, EA Communications, EA Integration with related
Disciplines, including IT Portfolio Management, Business Process
Reengineering, IT Security Management, and IT Strategy Development
·
Established,
Maintained and Managed Key Documents & Procedures in Security Testing
& Evaluation (ST&E) process in support of Business Continuity
Planning (BCP), Disaster Recovery Planning (DRP) and Continuity of Operations
Plan (COOP) initiatives. Performed Business Risks & Impact of Potential
Emergencies, Application Availability, Business Continuity, Disaster Recovery
& Compliance.
·
FSAM
(Federal Segment Architecture Methodology), Service Oriented Architecture
(SOA), Web Services Methodology and Best Practices Life Cycle
·
Security
Architecture and IPv6 Transition, Certification and Accreditation (C&A),
CSAM, Security and Privacy Profile (SPP) and Defining Plan Of Action and
Milestones (POA&M)
·
Integrating
EA Governance with Portfolio Management Activities - Refining CPIC (Capital
Planning and Investment Control) Cycles, Aligning NESDIS Desk Top Operations
with ITIL, COBIT, and ISO-17799, Complying with Federal Transition Framework
(FTF), FEA Reference Models Mapping (BRM, SRM, CRM, TRM, PRM, DRM), DoDAF,
TOGAF and Governance within the Enterprise
United States Department of LABOR
Office of Chief
Information Officer – Enterprise Architecture Program Office
05/08 – 10/08
Sr. Enterprise Technologist - PM
Assigned to the DOL OCIO for Managing DEAMS (DOL
Enterprise Architecture Management System) a Case Management System encompassing DOL Enterprise Strategic
Goals, Business Transformation, IT Simplification and Rationalization,
IT Modernization and comply with changing Federal Mandates by OMB (Office of
Management and Budget).
Subject Matter Expert (SME) in the following
areas:
·
Case Management
System, Workflow, Business Rules Engine, Business Intelligence (Reporting)
Selection and Implementation Strategies in support of Customer Relationship
Management and Enterprise Performance Management
·
Biometrics
and Personal Identity Verification (PIV) efforts in support of NIST
Guidelines, PKI and HSPD-12 initiatives
·
Developed
Multiple Framework for Case Management System implementation at the
Enterprise (Agency) Level
·
Established,
Maintained and Managed Key Documents & Procedures in Security Testing
& Evaluation (ST&E) process in support of Business Continuity
Planning (BCP), Disaster Recovery Planning (DRP) and Continuity of Operations
Plan (COOP) initiatives. Performed Business Risks & Impact of Potential
Emergencies, Application Availability, Business Continuity, Disaster Recovery
& Compliance.
·
FSAM
(Federal Segment Architecture Methodology), Service Oriented Architecture
(SOA), Web Services Methodology and Best Practice Life Cycle
·
Security
Architecture and IPv6 Transition, Certification and Accreditation (C&A),
CSAM, Security and Privacy Profile (SPP) and Defining Plan Of Action and
Milestones (POA&M)
·
Integrating
EA governance with Portfolio Management Activities - Refining CPIC (Capital
Planning and Investment Control) Cycles
·
Provided
Input to EA Team in Aligning with ITIL, COBIT, and ISO-17799
·
Federal
Transition Framework (FTF), FEA Reference Models Mapping (BRM, SRM, CRM, TRM,
PRM, DRM), DoDAF, TOGAF and Governance within the Enterprise
·
Assisting
Federal agencies to evaluate and implement interoperability standards
Creation of a technologically current and cost effective IT environment
Deployment of new technologies in an orderly and effective manner
·
DEAMS
is Designed & Developed using Troux Technologies (Metis) Transformation
Platform, eaGov Semantics, Troux Architect 7.1, Metaverse Repository and IBM
Cognos BI.
United States
Department of Treasury – IRS
Office of Chief
Information Officer – Enterprise Architecture Division
08/07 – 05/08
Principal Enterprise Architect
·
Provided
expertise in key Enterprise initiatives to the IRS EA Executive Committee in
achieving a Successful Modernization and Business Transformation goals
·
Provided
expertise in selecting a Case Management System, Workflow, Business Rules
Engine, Business Intelligence (Reporting) and Implementation Strategies in
support of Customer Relationship Management and Enterprise Performance
Management
·
Contributed
to the CPIC (Capital Planning and Investment Control) process and EVM (Earned
Value Management) in achieving Business Transformation strategic goals
·
Provided
Expertise and Leadership in Implementing and Adhere to OMB Standards that
Encouraged Interoperability and Integration for the entire IRS Infrastructure
·
Established,
Maintained and Managed Key Documents & Procedures in Security Testing
& Evaluation (ST&E) process in support of Business Continuity
Planning (BCP), Disaster Recovery Planning (DRP) and Continuity of Operations
Plan (COOP) initiatives. Performed Business Risks & Impact of Potential
Emergencies, Application Availability, Business Continuity, Disaster Recovery
& Compliance.
·
Assisted
in the Developing of OMB-Ready Exhibits (E-300) in support of the agency’s IT
Investments
·
Managed
Biometrics and Personal Identity Verification (PIV) efforts in support of
NIST Guidelines, PKI and HSPD-12 initiatives
·
Provided
Technical Assistance in creating of a complex Collection Systems (Filing
& Payment Compliance) Target Architecture using SOA Methodologies
·
Provided
Input to EA Team in Aligning with ITIL, COBIT, and ISO-17799
·
Contributing
Member of IRS-SOA Working Group
US HUD
Office of Chief
Information Officer – Office of Chief Architect
10/06 – 07/07
Principal Enterprise Architect
United States
Department of Homeland
Security
Citizenship &
Immigration Services
10/05 – 09/06
Principal Enterprise Architect
United States
General Services
Administration
12/03 – 10/05
Principal Enterprise Architect
United States
Department of Homeland Security
Customs and Border
Protection
04/02 – 07/03
Sr. Enterprise Architect
Openwave Systems
Inc.
09/00 – 03/02
Sales Engineer / Technical Architect
Systems Integration Services Inc.
10/89 – 09/00
Principal Consultant
FannieMae
Internet Engineer
FEDERAL DEPOSIT INSURANCE CORPORATION
Network Security Specialist / WEB
System Architect
Bell Atlantic
TELECOMMUNICATIONS
Project Leader
MCI TELECOMMUNICATIONS
Data Warehouse Architect
ICMA - RC
Sr. Systems Analyst
THE WYATT COMPANY
Sr. Systems Analyst
AMTRAK
Sr. Systems Analyst
EXECUTIVE OFFICE OF THE PRESIDENT OF U.S.
Sr. Systems Analyst
CABLE & WIRELESS TELECOMMUNICATIONS
Sr. Systems Analyst
MCI TELECOMMUNICATIONS
Sr. Systems Analyst
WASHINGTON CONSULTING GROUP
Sr. Systems Analyst
MCI
TELECOMMUNICATIONS
07/85 - 10/89
PLANNING RESEARCH CORPORATION
07/84 - 07/85
COMPUTER BASED SYSTEMS INC
06/83 - 07/84
Technical / Functional Expertise:
Mobile
Technology, IBM WorkLight, Cloud Computing, SaaS, PaaS, IaaS, HP TeamSite
Autonomy, Oracle CRM Oracle SOA Suite, Oracle ESB, BPM, UDDI, Web Services,
BEA AquaLogic Suite, EMC Storage, Content Management System (Documentum),
Cisco Products, Tibco Business Works, WilyTech, Empirix, NetIQ, WebTrends,
MicroStrategy Products, Business Intelligence, OLAP, Siebel Analytics,
Metastorm, IBM RUP, IBM Z/OS Series, .NET Framework, J2EE, Unix, Perl,
EJB,TCP/IP, SNA, OSI , XML, Virtualization, Quality Assurance, Stress
Testing, Load Testing, End-To-End Monitoring, Capacity Planning, Traditional
Security, Business Continuity and Disaster Recovery (DR), Data Center
Operations, Application Security, Encryption and Key Management, PKI,
Identity and Access Management, Large & Complex Database Design, Large
Data Warehousing Projects, ETL, OLAP, Website Monitoring, Cache Management,
Virtualization (VMware Horizon Suite).
`
703.371.1435
(M)
JamshidPazouki@yahoo.com
703.790.0242 (H)
Page | 1