Summary
Overview
Work History
Education
Skills
Websites
Certification
Timeline
Generic

Kennedy G. Doss

E. Brunswick,NJ

Summary

Dynamic and results-oriented leader with over thirty years of experience as a Systems Integrator and Management Professional in prestigious organizations, including J.P. Morgan Chase, IBM, and Sanofi. Expertise in developing and implementing innovative IT and security strategies that align with business objectives while prioritizing security initiatives and managing the deployment of FIPS-140-2 Level 3 certified Cyber Security appliances across global data centers. Proven ability to resolve technical challenges swiftly, enhance operational quality, and maintain a strong customer focus. Successfully led diverse teams of Security, Systems, and SAN Administrators in executing critical projects such as data center consolidations and disaster recovery, consistently delivering results on time and within budget.

Overview

30
30
years of professional experience
2
2
Certifications

Work History

Cyber Security Lead (Sr. Lead Security Engineer/Sr. Vice President)

J P Morgan Chase & Co.
Jersey City, NJ
07.2015 - Current
  • Partner with and facilitate between the Application Development, Database, Risk and Control teams to determine the best security solution for specific application/database based on risk profile and data protection requirements.
  • Represent the Global Security Service Delivery team (Firm wide, local and regional) and ‘vulnerability & data protection’ committees.
  • Involved in pre-deployment preparations, testing and deployment of cyber security related products including encryption, decryption, access control and other Key Management Services.
  • Plan and coordinate deployment of cyber security products with technology and business partners. Provide project management for BAU initiatives.
  • Worked with Internal Customers from various Lines of Businesses within the Bank in implementing and managing standards like PCI-DSS 4.0 Compliance.
  • Manage, maintain and trouble shoot Vormetric (DSMs – 5800s and 6100s), CipherTrust/KeySecure Appliances (KS70s), Guardium, SmartCrypt, PKWare, DocuSign Solutions, Gemalto (HSMs – SA1700, SA 5 and SA 7), Thales and Delphix infrastructure. Create security policies and define security rules per requirements.
  • Work with DBAs, Unix & Windows System Administrators, Application development, Technology and Security Monitoring Teams to facilitate the encryption of sensitive Personal Information data, to deploy access controls, policies and configure security monitoring reports.
  • Administer and manage Keys for Oracle TDE, CipherTrust Products and other Key Management Interoperability Protocol (KMIP) compliant encryption platforms using Thales CipherTrust Key Management.
  • Manage access rights, manage certificates and keys, promote best practices and ensure that the Line of Business’s risk profile is minimized.
  • Develop, document and continuously improve the support model and underlying processes. Work with and educate management to address current concerns, prevent or minimize cyber security threats. Update cyber security protocol, procedural shortfalls and develop effective training procedures.
  • Periodically update the security software and firmware of the related appliances to prevent security threats.
  • Compile daily database reports to identify possible vulnerabilities.
  • Develop and implement Business Continuity and Disaster Recovery Plans for Corporate data-centers located globally.
  • Play key role as subject matter expert during internal and external security audits. Collaborate with security auditors to conduct in-depth compliance audits and penetration testing, presenting results to senior management.
  • Coordinated and reviewed the collection of audit requests and worked with the control owners to obtain the necessary evidence required by Audit to validate the controls.
  • Engaged department manager to ensure ownership and remediation of audit-related and regulatory issues identified during periodic examinations.

Global Team Lead (As a Contractor Employed Full-time by IBM and K-Force)

Sanofi
Bridgewater, New Jersey
09.2001 - 07.2015
  • Involved in building IT security policies, performing internal IT Audits, building SOX compliance IT General Control sets, hardening Servers running various Unix operating systems (RHEL, AIX, Solaris, HP-UX), patch management strategies, performing vulnerability assessments along with penetration testing, documenting access control procedures, IT Security procedures documentation and other IT Security related activities. Having dialog with UNIX, Database, SOX Governance and Application Teams about accounting and control issues and provide solutions or provide research guidance for potential solutions. Reviewed deficiencies and formulated solutions for implementation.
  • Involved with SOX regulations, IT General and Internal controls. Performed testing and documented the results of various IT general control processes for program development & changes, computer operations, access to data & programs, and application controls. Evaluated existing internal controls, risk assessment, identifying the control gaps and suggesting remediation of the control gaps. Extremely familiar in running reports using EMC’s Enterprise Configuration Manager (Formerly Configuresoft’s ECM Product) to maintain the designated SOX Servers in the environment.
  • Function as the technical lead for a global staff of 13 L3 Unix Systems Admins and train Junior System Administrators and new recruits to enhance their productivity and participation. Responsible for teams’ end result when acting as
  • Managed virtual off-shore teams. Provide direction and guidance to the off-shore teams to maintain the SLAs and perform the risk assessment.
  • Instrumental in the decommissioning of 5 CLARiiON Arrays and migrating the data to VPLEX Arrays. The project included several off-shore sessions, minimal downtime windows, zero data corruption and involved more than 200 Windows/ESX, HP-UX, AIX, Solaris and Linux Hosts. Effectively made use of tools like Mobility Central for Array based migration and tools like Mirror-UX for host-based migrations. Lead multiple Teams in several SAN Virtualization and Migration projects. Played a key role in deploying an environment of around 200+ HP-UX SAP Servers involving multiple High-Availability and disaster tolerant Gold Clusters with VPLEX Metro & VMAX SRDF LUNs.
  • Provide 24 X 7 Level 3 Support for critical platforms.
  • Worked very closely with the Architecture/Engineering Groups and Vendors to evaluate new products, prepare for proof of concepts and later implement the same. Instrumental in setting up an isolated Network of UNIX Servers for testing open-source software for areas related to Bare Metal Recovery, SAN Virtualization (IBM SVC & VPLEX), Active-Directory to Unix Integration using Centrify, System monitoring tools, Enterprise Configuration Management, etc.
  • Lead several matrix teams, including a Level 3 team of 13 employees and contractors to maintain the 2000+ Unix Servers in the Legacy and New Generation Datacenters spanning across the Americas.

Consultant – Senior Systems Integration and Management Professional

Sanofi
09.2001 - 04.2005
  • Employer: IBM Global Services, Raritan, NJ

Senior System Administrator (UNIX)

Telcordia Tech (Bell Communications & Research)
06.1996 - 09.2001

Education

Bachelor in Engineering - Electronics

Bangalore University
Bangalore, India
01-1988

Skills

  • Systems Security – Data Security Engineering / Encryption of data at rest and in transit Proficient in encryption and masking of sensitive data and personal information
  • Real-time aggregation of security-relevant data, incident and infractions, investigations/forensics, security reporting and visualizations, real-time correlations and alerting upper management for threat detections Analyze threat and risk of cryptographic implementations across file systems, raw devices, disks, volumes, SAN and NAS Storages, Databases and applications
  • Set guidelines, review architecture alternatives and perform technical evaluations – focused on Data-at-rest Cryptographic and Key Management solutions
  • Research, development and implementation of new technologies
  • Migration from appliances that are at the End of Life to newer technologies
  • Service Delivery Management, Client engagement, SLA, Cost Benefits Analysis
  • Provide expertise in Cyber Security Standards in Encryption and Key Management areas related to Cryptographic Policies and standards
  • Understand the importance of protecting data confidentiality, implementing cryptographic algorithms, protocols and focusing on automating repetitive daily, weekly monthly, quarterly procedures and processes
  • Risk Assessment / SOX Implementation / SOX Reporting
  • Data Integrity / Disaster Recovery
  • Experienced in mergers, integration activities, reducing costs in Annual Maintenance Contracts with Hardware & Software Vendors and Software Licensing
  • Highly experienced in supporting and managing critical and highly visible enterprise cryptographic infrastructure for multiple lines of businesses in the Bank
  • Strong outsourcing / in-sourcing experience Contribute to the full SDLC of outsourced/ offshore projects including but not limited to architecture, design, production support, software / tools deployment, client consulting and implementation
  • Maintain excellent rapport with various stakeholders, end-users across customers located in EMEA, APAC and Americas ensuring that the services offered meet or exceed their needs in our offerings in Cyber Space
  • Very strong in Mentoring and motivating the Cyber Security and Key Management Global Teams across all regions
  • Excellent documentation skills
  • Excellent in maintaining a very strong working relationship with technology groups, clients supporting various lines of business in the bank, internal auditors and external vendors as well
  • Strong work ethic that includes solid attendance record & long overtime hours
  • Security Platforms: SIEM, Thales Luna HSMs, CipherTrust KeySecures Appliances etc
  • Security Software: ECM from Configuresoft, Guardium (IBM), Vormetric Data Security (Thales), Splunk (Security Information and Event Management Tool), Delphix Masking Solution, DocuSign etc

Websites

Certification

Thales Cloud Security - CipherTrust DSP Professional Engineer

Timeline

Thales Cloud Security - CipherTrust DSP Professional Engineer

09-2024

Amazon Web Services - AWS Certified Cloud Practitioner

09-2023

Cyber Security Lead (Sr. Lead Security Engineer/Sr. Vice President)

J P Morgan Chase & Co.
07.2015 - Current

Global Team Lead (As a Contractor Employed Full-time by IBM and K-Force)

Sanofi
09.2001 - 07.2015

Consultant – Senior Systems Integration and Management Professional

Sanofi
09.2001 - 04.2005

Senior System Administrator (UNIX)

Telcordia Tech (Bell Communications & Research)
06.1996 - 09.2001

Bachelor in Engineering - Electronics

Bangalore University
Kennedy G. Doss