ATUL C. DOSHI

 

SUMMARY

·   C-level Senior Security Officer/executive and trusted advisor to C- Levels, Board of Directors Agency heads and GS15s.

·   Expert at managing a global IT and network security organization providing IT, network and security operations center functions for major Fortune 500 and Federal intelligence/homeland security agencies.

·   Provided 7x24 NOC, SOC, Service desk ITIL standardized functions.

·   Expert vulnerability threat assessment and mitigation, CSIRT, watch desk, firewall/ proxy management. Deployment and 7x24 operations of SIEM systems, ArcSight, Netcool, ISS, Entersys, EPO, WSUS , Splunk etc.

·   Provide technical guidance in security architecture, security applications design, and deployment.

·   Experienced in evaluating networks and security vulnerabilities, daily management of production security systems including firewalls, intrusion detection/prevention, antivirus, patch management, and encryption.

·   Deployment of infrastructure with FISMA, NIST, FEDRAMP, NISPON , HIPAA and PCI frameworks/standards.

·   Experienced with compliance with FISMA, HIPAA and PCI.

 

CERTIFICATIONS

·   Certified Information Security Manager (CISM)

·   COBIT

·   ITIL Practitioner (Combined Service desk, Incident Management, Problem Management).

·   Project Management Professional (PMI/PMP)

·   Certified IBM Business/IT Restructuring Professional

·   Security Clearance: Top Secret

 

 PROFESSIONAL EXPERIENCE

 

IBM.  Denver, CO       

December 2004-June 2016

Manager, CISO—Security Innovation Laboratory (Aug 2014—June 2016)

·   Managed a staff of 14 Sr. Security Architects, 22 software developers and systems engineering personnel globally spread in India, Romania, Brazil and Mexico. Their skills included:  

o   Strong Java development skills as well as other other coding skills (e.g. PERL | PHP | Ruby | Python)

o   Relational database design/development (e.g. DB2 | MySQL)

o   NoSQL database design/development (e.g. MongoDB | HBase)

o   Web Application Development (HTML | CSS | JavaScript)

o   Front end toolkits (DOJO | jQuery)

o   Hadoop / Big Data analytics platforms

o   Data visualization

o   Linux | AIX, scripting and system administration

o   WebSphere Application Server or other middleware.

o   Agile development

·   Focused on rapid development and deployment of Cyber Security applications and appliances using DEVOPS and agile methodologies.

·   Performed POC on non IBM Security products and integrating them into legacy platforms which gave them exciting new functionalities.

·   Focused on security infrastructure i.e. Single SignOn (user and applications boarding), ID and Access Management, End Point (400K employee workstations) management, Certificate of Authority, Graded Trust, Virus and Malware management, end point Wireless management, Global Phishing Simulation and exercise.

·   Upgraded/ modified the current state of the art products (QRadar, ISAM, IBMCA, Graded Trust, etc.) and integrating into existing IBM infrastructure. Our modifications are then released as product enhancements in future releases of IBM products.

·   Security platforms/ applications were: SIEM platforms, Splunk Enterprise, Cloudera, Symantec End Point Manager, Qradar, Tivoli Identity and Access Managers, Graded Trust, Lighthouse, Big Fix, IBM Identity and Access Manager, McAfee E-Policy Orchestrator, McAfee Virus Scan, McAfee HIPS/NIPS, Tenable Security Center, Rational AppScan, WebScan, App Det Pro, Ping Identity, Oracle Identity Management, Nitro ESM/EML/Log Correlation and Management/ Reporting, Phishing with PhishMe.

·   Led and managed the installations, monitoring and operations of Cisco 5500 series firewalls, IDS/IPS, HID/NIDS, DHCP, Microsoft AD globally.

·   Led, directed, managed the installation and operations of Hadoop platforms for Cyber analytics and Big Data feed analytics.

·   Global deployment and operations of Cloud based virtualized security infrastructure platforms on IBM Softlayer global virtual data centers.

GBS Service Area Manager, Senior Managing Consultant (December2004-August 2014)

·   NAVY ABL 14 Data Center Consolidation and integration, Chief Information Security Officer and Architect.

o   This project focused on the consolidation of 14 global data centers in Norfolk, Mayport, Portsmouth, Puget Sound, ABL, Indianhead, Pearl Harbor, Yokosuka, Guam, Subic Bay, Charleston, San Diego, Jacksonville, King Bay, and New London.

o   Under this TI IBM is required to provide a technical strategy (immediate, medium term and long term), architecture and a bill of materials required to consolidate 14 data centers and the applications they host for the business customers they serve.

o   The infrastructure consisted of over 2500 servers from 14 data centers being consolidated into 4 data centers in ABL, Portsmouth, San Diego, and Jackson. Over 250 applications were virtualized and integrated. The completed infrastructure met the DIACAP MAC 1 specification.

o   Further, as part of the deliverables the team was to secure this platform using DIACAP and NIST frameworks and meet all certification and accreditation requirements. 

o   This division/section of the Navy supports the ship building and maintenance activities of the Navy globally.

o   Assembled a team of architects from various IBM divisions.—with Oracle DB, Microsoft, Sun Solaris, Citrix, Networking, VMWare, Storage, SOA, IT Security expertise.

o   Architected and designed a zoned 3 data centers meeting NIST 800 Security framework specifications.

o   Architected and deployed a global network connecting the ‘to be’ 3 data centers into a private Navy Cloud.

o   Migrated and upgraded over 250 legacy applications with a DEVOPS model.

o   Migrated to the Chief Information Security Systems role.

o   Architected a Defense in Depth security overlay for the Navy Cloud.

o   Architected and deployed Identity and Access management, IDS/IPS, continuous monitoring, malware detection and remediation, encryption of data at rest and in motion, virus and applications scanning system into a Security Services Management cloud servicing the 3 data centers.

o   Designed and deployed 7x24 SOC operations monitoring of the Navy Cloud with Incident Management, continuous monitoring, virus and malware detection and remediation, Applications scanning of over 250 applications, Identity and Access Management, and patch management.

·   Major Federal Security Agency: $110 million contract, Chief Security Officer/executive

o   Managed a global IT and network security organization providing IT, network and security operations center functions for a major Federal intelligence/homeland security agency with 20k employees, 450 global locations, and 1500 servers.

o   Providing 7x24 NOC, SOC, Service desk ITIL standardized functions.

o   Team size: 100.

o   Expert vulnerability threat assessment and mitigation, CSIRT, watch desk, firewall/ proxy management.

o   Deployment and 7x24 operations of CISCO MARS, ArcSight, Netcool, ISS, Entersys, EPO, WSUS etc.

o   Provided technical guidance in Security architecture, design, and planning.

o   Analyzed and evaluated networks and security vulnerabilities, daily management of production security systems including firewalls, intrusion detection, antivirus, patch management, and encryption.

o   Evaluated the network to determine vulnerabilities and risks, identifying mitigating strategies, directing resources to implement efficient and effective solutions for Incidence and Event responses.

o   Ensured potential solutions were interoperable within the existing network and security infrastructure.

o   Managed forensics investigations and consulted with senior executive C-levels, Administrative and General Counsel.

o   Expert vulnerability threat assessment and mitigation, CSIRT, watch desk, firewall/ proxy management.

o   Deployed infrastructure with FISMA and NISPON standards. FISMA C&A. All NOC functions based on CISCO.

·   GSA TMMS SaaS.  Chief Information Security Officer.

o   The GSA TMMS SaaS is a transportation management system Software as Service project wherein the GSA is a providing a transportation Management Service to ALL Federal Agencies. The GSA and its customer agencies use the platform for the relocation of Federal personnel communicating, placing movement orders and tracking the movements to completion with a large number of moving vendors in an open bid format. IBM is supplanting an existing ‘home grown” service and an incumbent service provider. The driver is the potential cost savings.  GSA believes the current annual budget for relocation of personnel can be reduced by 50%.

o   Operated as the Security systems team lead and CISSO (Chief Information Systems Security Officer) for the project and the operating platform at the Federal Data Center.

o   Provided a complete DS&P framework of policies, practices and deliverable artifacts based on a systematic analysis of the project, applications and customer requirements. 32 control elements were identified and delivered .

o   Provided a detailed version of a NIST 800-53 ver 2 based 200 pages GSA TMS Security Plan that was approved by the GSA client.

o   Provided Security functional inputs to the Managed Hosting team at the Boulder FDC.

o   Proactively worked with the Managed hosting Architect and my team in Boulder to review, critic and recommend changes to the architecture from a security perspective. Weekly conference calls and monitoring of teams progress and outputs.

o   Provided best practices for Authentication Authorization and Access Management and password management.

o   Reviewed and researched the GSA IT Security Policy CIO P2100E.

o   Jointly developed GSA TMMS SAAS scanning tools document. Provided the acquisition budget section.

o   Provided a list of Open Source solutions for GSA TMMS SAAS Security functionality for review and assessment. (Ping and other open source tools).

o   Participated in collaborative weekly technical and project architecture calls and provided constructive suggestions and alternatives to improve the migration/transition of client applications.

o   Collaborated with the functional team to identify business processes, a role based access methodology.

o   Stepped up to support the analysis of various platform types i.e. Cloud computing, dedicated hosting etc.

o   Lead and Supported the C&A activities of the GSA client at the Boulder FDC.

o   Lead and supported the Pen testing of the GSA TMS platform.

o   Accepted the vulnerability scans and POAM received from the GSA client and responded with POAM responses.

o   Lead the remediation/ mitigation of the POAM items. Directed multiple weekly vulnerability scans performed by the FDC.

o   Coordinated the remediation/ mitigation of vulnerabilities between the FDC and the IBM GSA TMS applications development team.

o   Successively completed and delivered the POAM to the GSA client resulting in the granting of an interim ATO.

·   United Healthcare Group. CISO, PM and Technical Lead.

o   HIPAA based security project for the securing of PII/PHI information throughout a subsidiary of UHG.

o   Initial task was to process map all business flows within the subsidiary.

o   Based on the process flows security risks were identified in the business processes as well as in over 320 major software applications, shared network storage devices and sharepoints.

o   Remediation activities were recommended and carried out.

o   Role based access controls and Enterprise Identity and Access Management (IAM) solutions implemented.

o   Hardening and vulnerability assessments carried out on all servers in all data centers.

·   Siemens Medical Systems. Lead Project Manager and Security Architect.

o   $145 million contract. Global client.

o   Developed requirements for and providing architecture for the security of IT operations (SOC), applications development, network and data center to comply with HIPAA and Sarbanes Oxley.

o   Architected and deployed a massive distributed server architecture consisting of 8 cluster/locations of over 500 servers each connecting to over 1500 locations with minimum of 50 servers each.

o   A web hosting ASP architecture.

o   Implemented a continental DR strategy. Hosted financial, ERP, Supply chain, hospital management systems.

 

Municipal Broadband Networks Inc. Denver, CO 

August 2001-December 2004

Head of Global Outsourcing

·   Provided to the CEO, CIO, and CFO a 5-year roadmap for outsourcing/offshore in sourcing and transitioning of core service provider operating functions.

·   Project managed the entire enterprise undertaking. A total of over $320 million of infrastructure was transitioned into India and China.

·   Deployed networked multi continental disaster recovery.

·   Managed local networks /ordering, provisioning and turn-up of network facilities and circuits in 120 countries.

·   Managed global network control centers and dispatching for trouble fix in 120 countries.

·   Deployed and operated a SOC and NOC with Voyence,  Netcool, Cisco Works,NetQoS, Cisco ACS (TACACS) ,Cisco Security Manager ,McAfee TOPS ,Cisco MARS ,WSUS, Enterasys Dragon , ArcSight ,Tenable Nessus.

·   Managed global outsourcing team in Australia, India, Kuala Lumpur, France, US.  Provided RFP, RFI structure to procurement.

·   Supported all operating divisions of the company (Finance, A/P, A/R, G/L, Billing, marketing/sales, MIS/IT, Network Operations, Data Centre, call centers.

·   Worked with COO, CFO, Business Unit Heads, Senior IT Executives, participate in the development of strategic sourcing strategies and vendor relationship management strategies focused on application development and maintenance. 

·   Provided C-Levels with 3 year ROADMAP.

 

DANTIS Inc- Large Web hosting centers Co., Chicago, Ill

Feb’2000-August 2001

COO/CTO

·   Organized a data center outsourcing, Applications Services Management, web hosting / IT outsourcing firm.

·   Directed and managed services strategy and architectures for—Managed services hosting, applications management, performance management, Business Assurance Guarantees (SLAs), customer experience and custom Dashboards.

 

High Speed Access Corp, Broadband ISP Co. Denver, CO          

Dec 1998 Feb 2000

CTO

·   Organized a venture backed firm into a full-fledged Broadband ISP network service operating company and took it for an IPO through Lehman Bros.

 

MediaOne Group, Jacksonville, FL

1996-1998

Regional VP-Engineering and Construction-National Markets Region

 

EDUCATION

·   Columbia University, New York                                 

o   Post MSEE Professional degree (Engineering Sciences) in Electrical Engineering and Computer Science. Major in packet switching.

o   MSEE, Electrical Engineering and Computer Science                           

·   University of Baroda, India

o   BS Electronics Engineering

 

TECHNICAL EXPERTISE

·   IT Security Infrastructure:

o   Netcool, MARS, Arc Sight, EPO, WSUS, ISS- Proventia, Enterysys, OPENLDAP, OPENAM, PING IDENTITY, HP Openview. IP routers, switches, firewalls, proxies. SIEM platforms, Splunk Enterprise, Cloudera, Symantec End Point Manager, Qradar, Tivoli Identity and Access Managers, Graded Trust, Lighthouse, Big Fix, IBM Identity and Access Manager, McAfee E-Policy Orchestrator, McAfee Virus Scan, McAfee HIDS/NIPS, Tenable Security Center, Rational AppScan, WebScan, App Det Pro, Ping Identity, Oracle Identity Management, Nitro ESM/EML/Log Correlation and Management/ Reporting, Phishing with PhishMe

·   IP Networking and Telecommunications Technologies:

o   IP networking. MPLS, IP routers, switches, firewalls, proxies.

o   Network surveillance and alarm monitor systems.

o   LAN/WANS. Satellite, Cellular and wireless (802.11) transmission technologies.

o   Security, Network and SD operations centers deployment with ITIL.

·   Software:

o   Enterprise Security systems MARS, ArcSight, Netcool, ISS, Entersys, EPO, WSUS.

o   Remedy DNS, DHCP, Radius, Hp Openview, Netcool, Mercury Interactive, Metasolv)

o   Applications: Portal billing, CRM (Clarify, Siebel), ecommerce (Broadvision), supply chain management (Peoplesoft, JD Edwards, SAP, Oracle), ACCESS, EXCEL.

·   Management:

o   150 plus software architects, designers and integration personnel on large developmental programs.1200 network and IT personnel.

o   Over $300 million in capital and $420 million in revenues.