Senior Architect

Identity & Access Management

Systems and Data Integration

George Broomell

Roswell, GA 30075

gbroomell@insolutions.net

678-358-4774

Professional Profile

Over 20 years of experience in designing and building software-based solutions across various industries.

Effective, hands-on leader with a proven track record for delivering security-related, integrated solutions for

large and small companies in various industries. Clients include: BellSouth, MetLife, Merck, United Airlines,

University of Georgia, Walt Disney World, US Bank, Raymond James Financial, Nielsen Media Research,

SunTrust Bank, and the Department of Defense.

Strong technical background in Identity & Access Management, Data Analytics and Systems Integration.

Addresses challenges from both business and technology perspectives with a focus on delivering softwarebased

solutions that reduce risk, automate manual tasks, improve efficiency, streamline business processes

and satisfy regulatory compliance. Specialty areas include Business Process Engineering, Master Data

Management, Fraud Detection, Role Engineering, Access Control and Regulatory Compliance.

Experience and Accomplishments

Regional Auto Insurance Carrier, Atlanta, Georgia

2014 - 2015

Recently completed the development and implementation of a fully-functional, policy and claims management

system for the non-standard auto insurance industry. The multi-state, web-based Policy and Claims

Management System allows the carrier to issue, manage, endorse and renew policies, initiate and process

claims, accept insured payments, pay agency commissions and run real-time and month-end reports using only

a web browser or mobile device.

The solution interfaces with multiple comparative rating providers and allows for multiple payment options,

automates local and state reporting and communicates with appraisers, adjusters and other third-party service

providers. It includes SMS messaging and IVR capabilities to accept payments, issues payment reminders and

automates account inquiry. The system is entirely cloud-based and runs on multiple, private Amazon EC2 and

RDS instances and utilizes MS SQL Server, Amazon DynamoDB and S3 for distributed storage, high-availability

and redundancy.

Lead Architect / Consultant

  · Developed the centralized ratings engine responsible for calculating rates, quoting policies and

adjusting policy changes.

  · Developed a flexible, consumer-facing, ‘online binding’ system for real-time quoting, selling and making

payments over the web using desktop and mobile devices.

  · Developed a web-based, digital signature software platform allowing for the capture, signing and

verification of legally binding electronic signatures.

  · Developed a mobile-based ‘photo-push’ application for requesting photographs and initiating the claims

process on mobile phones and handhelds.

  · Designed overall Amazon AWS infrastructure for deployment and growth of the system.

  · Developed interfaces to various third party service providers including DocuSign, EchoSign,

Authorize.net, NMI, EVO Payment Services, PaymentXP, OFAC, GEICS, TransUnion, CVExchange,

AccuAuto and TurboRater.

  · Led a team of 7 on-shore and off-shore developers using Agile/Scrum approach through the software

development lifecycle to deliver the core system in less than 18 months.

  · Core Policy & Claims system is built in .NET using MVC framework, HTML5 and CSS3 and interfaces

with various Java services through direct API and REST and is deployed on Amazon cloud.

  · Integration services are built in Java and interface with various systems through direct API and looselycoupled

REST services running within an enterprise service bus (ESB) residing on Amazon cloud.

Page 1 of 5

Senior Architect

Identity & Access Management

Systems and Data Integration

George Broomell

Roswell, GA 30075

gbroomell@insolutions.net

678-358-4774

Cummins, Inc., Columbus, Indiana

Global Information Security Division

2012 - 2013

Reported to the Director of Global Information Security as an Identity Management Consultant to advise on

technology strategy, product selection, budget planning, cost justification and deployment approach related to

their Identity & Access Management and compliance initiatives.

  · Interfaced with Cummins’ Executive Management Team to address their overall Identity & Access

Management direction.

  · Mentored internal analysts on strategies for integrating disparate systems, conducting data analytics

and undertaking data forensics across various departments, divisions and groups.

  · Implemented a step-by-step approach for consolidating, synchronizing and managing identity data.

  · Worked with various groups to determine data migration / synchronization approach including

connectivity requirements, data classification, data sensitivity, data transfer and role-mining strategies.

  · Led Cummins development team and third-party consultants in deploying Oracle Identity Analytics (OIA)

for delivering automated entitlement certifications, detailed compliance reporting and closed-loop

compliance to various Cummins lines of business.

  · Built identity data integration platform using a Master Data Management (MDM) approach including data

mapping, cleansing, synchronization and reporting capabilities across various authoritative sources.

  · Led Cummins internal development team in extending their IAM infrastructure in preparation for a

platform migration from Oracle Identity Analytics (OIA) to Oracle Identity Manager (OIM).

Merck & Co., Inc., Whitehouse Station, New Jersey

Global Services Information Security Division

2010 - 2011

Reported to the Director of Global Information Security as an Identity Management Consultant to design and

build a scalable, business-facing, service-oriented, environment using Oracle Identity Analytics (OIA). The

solution enabled Merck to automate entitlement certifications for managers, application owners and data owners

in various Merck lines of business and was scalable to over 300,000 accounts across 100 key applications.

  · Engaged with Merck management and sponsors to define strategy and approach, capture scope and

requirements, establish metrics and prioritize deliverables.

  · Worked with Information Security and Applications teams to install and configure base product, connect

authoritative sources and extract, transform and load user and account information into OIA.

  · Delivered a repeatable, template-based approach for integrating and reporting on various applications in

the OIA framework including Active Directory, LDAP, Oracle DB and multiple Merck SharePoint sites.

  · Built and deployed a file-based, data extraction, transformation and loading (ETL) process to integrate

various Unix, Linux, AS400, and DB2 systems.

  · Delivered technical architecture and roadmap for extending the solution and provided training and

knowledge transfer to Merck management and technical teams for operating and managing the service.

University of Georgia (UGA), Athens, Georgia

Enterprise Information Technology Services Division (EITS), Office of the CIO

Reported to the Office of the CIO as an Identity Management Consultant to redesign and rebuild their Campuswide

Identity Management Infrastructure. Goals were to improve user security and user experience during

affiliation with the University, while automating the manual processes for securely collecting, storing, and

managing Social Security Numbers and their use throughout University systems.

Page 2 of 5

2008 - 2010

Senior Architect

Identity & Access Management

Systems and Data Integration

George Broomell

Roswell, GA 30075

gbroomell@insolutions.net

678-358-4774

  · Worked with UGA executives and management to institute a comprehensive IdM Program consisting of

a formal Charter, executive board, a campus-wide communications plan and an IdM Governance

Framework to support the effort.

  · Held numerous discussion-based, education and awareness sessions with key stakeholders, project

sponsors and team members to promote awareness, garner support and determine scope.

  · Conducted various analysis and discovery sessions with faculty and staff to outline the strategy,

develop detailed steps and outline a specific plan of action.

  · Initiated and chaired various steering, functional and technical committees throughout all phases of the

project addressing status, risk, issues and design modifications.

  · Built and led the core implementation team, consisting of both internal and external members, using an

agile/iterative approach, to construct and deliver the new solution.

  · Conducted hands-on Role Mining and Role Definition exercises, using various Role Engineering tools

and off-the-shelf products to determine, capture and define ‘who has access to what’.

  · Reviewed and prototyped various RBAC solutions (Oracle Identity Analytics, Novell, Sun), to determine

the appropriate RBAC approach.

  · Delivered a long-term roadmap for follow-on phases of the project including high-level requirements,

feature backlog and prioritization recommendations.

Electric Reliability Council of Texas, Austin, Texas

Enterprise Applications / Information Security Division

2007 - 2008

Reported to the Director of Information Security as an Identity Management Consultant for the development and

deployment of an application recertification strategy and infrastructure using Sun Microsystems Role Manager

(formerly VAAU RBACx). The solution integrated authoritative source data from over 100 of EROCT’s SAS 70

applications and addressed access across 70 different departments for both employees and consultants.

  · Installed and configured Sun Role Manager and developed data extraction, transformation and loading

(ETL) processes for unifying identity data across multiple authoritative sources.

  · Used Sun Role Manager to conduct role mining efforts for employee and consultant groups residing in

Active Directory, Siebel, Lawson, Oracle, Badge, VPN and other critical systems and applications.

  · Configured the product to interface with ERCOT Identity Management through Service Provisioning

Markup Language (SPML) allowing for bi-directional exchange of role information on a nightly basis.

  · Delivered a step-by-step plan and ongoing roadmap for aligning and integrating the delivered solution

into ERCOT’s long-term Identity & Access Management strategy.

  · Conducted a comprehensive gap analysis to determine current versus desired state including full

assessment of the previous vendor’s chosen direction to determine the level of reuse attainable with the

partially-delivered solution.

  · Delivered an execution strategy including a three-year roadmap and a specific plan of action, outlining

the cost, schedule and resources required to restructure and deliver the project.

  · Led the development team under the guidance of a newly-formed steering committee to provide

feedback, direction, report progress and overall health of the project to ERCOT stakeholders.

  · Implemented an ongoing IAM Governance Framework including a formal governance board with initial

set of IAM policies, procedures, standards and enforcement guidelines.

United Airlines, Inc., Chicago, Illinois

Enterprise Security Architecture Division

2007

Page 3 of 5

Senior Architect

Identity & Access Management

Systems and Data Integration

George Broomell

Roswell, GA 30075

gbroomell@insolutions.net

678-358-4774

Consulted with United Airlines and led the first phase of an Architecture, Analysis and Planning effort, as part of

an Enterprise-level Role-Based Access Control initiative to define a comprehensive approach for addressing

access to systems and applications across their top 20 airports nationwide.

iHealth Technologies, Inc., Atlanta, Georgia

IT Security Division

2006 - 2007

Consulted with iHealth as partner with Sun Microsystems to design, develop and deploy a Sun Identity and

Access Management Infrastructure which included: gap analysis, business process re-engineering,

network/hardware/software sizing, LDAP implementation and integration of Sun Identity Manager with Lotus

Notes, multiple custom applications and various Oracle databases.

US Bancorp (Elavon), Atlanta, Georgia

Corporate Compliance / IT Security Division

2006

Consulted with Elavon and led the implementation of an Enterprise-wide Identity Management System to satisfy

regulatory compliance and provide better security. Engagement included: risk assessment, business process

gap analysis, cost justification, hardware/software acquisition, LDAP implementation and integration of Sun

Identity Manager with Active Directory, Exchange, PeopleSoft and multiple custom applications.

Raymond James Financial, Inc., Tampa, Florida

IT Security Division

2004 – 2006

Consulted with Raymond James and led the replacement of an existing Syntegra directory infrastructure with an

enterprise-wide, Sun Directory and RSA Cleartrust Access Control solution. Engagement included: data

analysis, cleansing, and transformation, LDAP implementation, Cleartrust integration, data migration and

production deployment.

Walt Disney World Corporation, Orlando, Florida

Information Security Division

2002 – 2004

Consulted with Walt Disney World on the design, development and implementation of a new Authentication and

Authorization system for enterprise applications. Engagement included business requirements analysis,

technical architecture, 3-year roadmap, vendor selection and implementation plan.

Nielsen Media Research, Tampa, Florida

Enterprise Security Division

2002 – 2004

Consulted with Nielsen and led the implementation of an Enterprise-wide Security and Identity Management

Infrastructure using Sun ONE Identity Server/Portal Server, SunONE Integration Server, SOAP web services,

Netegrity Siteminder and custom J2EE Services running on WebLogic Application Server.

State of Georgia, Atlanta, Georgia

Department of Natural Resources

2001 – 2003

Consulted with DNR and led the implementation and delivery of various projects including: an Asynchronous

Data Gateway for the exchange of information with the Federal EPA, a Java-based web application front-end for

multiple environmental protection databases and applications and a Java-based Web application to manage

various functions of the Environmental Protection Division.

Metropolitan Life Insurance Company, Atlanta, Georgia

Institutional Business Applications Division

1999 – 2000

Page 4 of 5

Senior Architect

Identity & Access Management

Systems and Data Integration

George Broomell

Roswell, GA 30075

gbroomell@insolutions.net

678-358-4774

Consulted with MetLife and led the implementation of a common security services infrastructure built upon the

Sun Directory Server for authentication, role-based authorization and unified user management for multiple

Institutional Business applications.

SunTrust Bank, Atlanta, Georgia

SunTrust Service Corporation

1998 – 1999

Consulted with SunTrust Bank and led the re-engineering and building of a factoring system that would take

advantage of Internet-based technology, incorporate a multi-tiered architecture while leveraging the existing

legacy (CICS and DB2) systems and business model as much as possible.

Department of Defense, Fort Belvoir, Virginia

Defense Technical Information Center (DTIC)

1995 – 1997

Consulted with the Defense Department and led various projects for adding the capabilities, along with

appropriate security controls, to disseminate several types of unclassified, protected documents via the Internet.

The documents comprised up to 50% of the DTIC collection and were stored in various databases throughout

the DoD.

Various Projects

1993 – 2004

American Real Estate Association, BellSouth / AT&T, Baptist Health System, CheckFree Corporation, DLJ

Direct, FedEx Corporation, Long Beach Community Medical Center, Penley Systems, Publix Supermarkets,

RSA Security, SkillSoft Corporation, S.P. Richards Co., Sprint Corporation, UCLA Medical Center, The Yankee

Group

Tools and Technologies

Industries:

Methodologies:

Regulatory Compliance:

Standards/Frameworks:

Packaged Solutions:

Financial, Retail, Transportation, Government, Utility, Higher Education,

Healthcare, Auto Insurance and Pharmaceuticals

Agile, Scrum, Iterative, Six Sigma, RAD, RUP

SOX, GLBA, PCI DSS, SAS70, NERC CIP, FERPA, FISMA

ISO/IEC 27002, 17799, COBIT, ITIL, NIST, FIPS, ESIGN, UETA

Oracle Identity Analytics, Sun Identity Manager, Sun Access Manager, Sun

Directory Server, Oracle Fusion Middleware (Identity Manager, Access

Manager, OID, ESSO), Talend Integration Suite, RSA SecurID, RSA envision,

Novell eDirectory, Novell Identity Manager, Quest Authentication Services,

Quest Active Roles Server, Centrify DirectControl, DirectAuthorize, DirectAudit,

MSSql Server, MySql, DB2, Oracle, MongoDB, Talend ESB, Talend MDM,

Talend Big Data, Various Open Source Solutions

Languages:

Server Platforms:

Education

University of Maryland School of Architecture, College Park, MD

Bachelor of Science Degree in Architecture, 1990

Minor in Computer Aided Design, 1990

Page 5 of 5

Java, HTML5, CSS3, JavaScript, jQuery, XML, UML, SQL, Perl, C, VB, SAML,

SPML

WebSphere, WebLogic, Tomcat, JBoss, Glassfish, Jetty, Talend ESB, Amazon

AWS (EC2, RDS, DynamoDB, S3, SNS)