Khawar Raja
Project Manager
Ashburn,VA
Summary
An experienced IT professional with a decade of expertise as a Certified Security Analyst, certified PMP, certified Scrum Master, certified CISM and certified SAFe Agile Scrum Master. Diverse background in roles such as Project Manager, DevSecOps/Security Analyst, Data Scientist, and Scrum Master. Proficient in implementing the Agile methodology, facilitating communication between stakeholders and development teams, and in assessing system security risks, as well as managing Authorities to Operate (ATO). Demonstrated expertise in risk analysis, risk mapping, and risk mitigation, with a proven track record of identifying cybersecurity threats and automating security responses, and leveraging data science to enhance decision-making processes. A results-driven and collaborative team member committed to achieving cybersecurity goals within project objectives.
Overview
8
8
years of professional experience
5
5
Certifications
Work History
Project Manager
National Science Foundation (Booz Allen Hamilton)
12.2021 - Current
- Leading the development of the Proposal Submission Modernization (PSM) system for NSF, replacing the legacy FastLane system
- Take ownership of end-to-end delivery
- Create project and process specifications, coordinate with teams to ensure that projects are delivered on time
- Create Project Playbook to highlight all of the key components such as Project overview, constraints, potential risks, roles and responsibilities, task and assignments, project timeline, project scope, deliverables, etc
- Develop detail workplans, schedules, project estimate/budget, resources, and weekly status reports
- Facilitate Scrum Events and PI Planning
- Oversee complete backlog management and refinement
- Coordinate and resolve impediments to support the team's progress
- Monitor progress and provide metrics for decision-making
- Collaborate with stakeholders and Product Owner on requirements and design
- Ensure security principles are followed to maintain regulatory compliance and overall data integrity
- Serve as a liaison between the line of business and the company's Information Risk Management Security Team
- Provide routine updates to leadership regarding Security Health and on-going Risk Management status
- Prepare assessments for senior management and various stakeholders
- Stay current on emerging cyber threats and assess their potential impacts for the organization
- Conduct assessments to evaluate the efficacy of the organization's control suite
- Provide guidance and recommendations on enhancing the organization's security framework.
Project Manager/DevSecOps (SSA - Social Security Admin)
Deloitte
11.2020 - 09.2021
- Supported the integration of Cyber security and compliance into SSA's DevOps lifecycle and Risk Management Framework
- Developed comprehensive project plan, scope, timeline, and resource allocation
- Lead cross-functional teams to achieve project goals
- Provided regular updates on project progress, milestones, and potential risks to senior management and business partners
- Established and enforced quality standards for project deliverables
- Helped work toward establishing streamlined processes to support rapid development efforts while maintaining a strong security posture and compliance with SSA policy and regulatory standards
- Lead the project closure process, including finalizing project documentation and conducted post-project evaluations
- Identified security gaps and technical requirements to highlight security risks and threats
- Assisted with DevSecOps architecture and roadmap to outline the future state of enhanced security integration into CI/CD pipelines
- Managed toolset migration and modernization for the development teams
- Supported ongoing program management
- Facilitated Agile ceremonies and managed product backlog
- Provided expert knowledge on current and potential data security capabilities and standards
- Assumed a leadership position in pinpointing cyber risk areas, offering oversight, conducting analysis, provided effective challenges, and delivering risk-informed recommendations for improvements
- Conducted technical assessments of cybersecurity measures and assessed the design and effectiveness of security controls
- Monitored the performance and usage of Azure DevOps services
- Continuously optimized build and release pipelines for efficiency and speed in Azure
- Implemented best practices for CI/CD to enhance the overall development and release workflow in Azure
- Maintained documentation for Azure DevOps configurations and processes
- Assisted in the implementation and automation of NIST Security Controls within the Risk Management Framework, aiming for robust security, optimal performance, and the measurement of the efficiency in securing and automating applications
- Conducted security audits to assess and evaluate the effectiveness of SSAs Security Controls, identifying vulnerabilities, and recommending remediation strategies to enhance overall cybersecurity posture.
Project Manager/Scrum Master (USCIS/DHS)
01.2019 - 11.2020
- Provided DevSecOps services for USCIS ELIS, supporting application development and modernization
- Maintained and improved DevSecOps pipelines by incorporating best security practices
- Coordinated with the customer for pipeline migration
- Gathered requirements and translated them into user stories
- Facilitated Agile ceremonies and backlog management
- Created test cases and executed manual testing for user story validation
- Provided feedback on code implementation status to ensure alignment with the project timeline and objectives
- Monitored project progress and identified areas that could produce potential delays and proactively took steps to mitigate them
- Maintained high-quality project deliverables by monitoring and assessing project performance
- Identified and developed mitigation strategies for cybersecurity threats and security vulnerabilities
- Assessed Risk Management Framework (RMF) NIST 800-53 information in order to automate the security controls
- Assessed and assisted with implementation recommendations of countermeasures of mitigating controls
- Interpreted, documented, and advised customers on emerging security, governance, and continuous monitoring policies
- Articulated cybersecurity risks to Senior Leadership and provided recommendations for remediation/risk acceptance
- Developed and supported successful development of cybersecurity processes and procedures
- Proficient in Governance, Risk, and Compliance (GRC) frameworks and methodologies
- Implemented and maintained GRC processes to ensure regulatory compliance
- Performed risk assessment, analysis, and mitigation strategies within the context of GRC
- Developed and implemented policies and procedures to align with industry standards and regulations
- Conducted GRC audits to assess the effectiveness of internal controls and compliance measures
- Supported SDCL for USCIS Biometrics Enrollment Tool (BET), focusing on application development and deployment
- Facilitated communication with the customer to gather and document requirements to further modernize BET
- Supported Agile development and backlog management
- Documented system requirements and use cases
- Coordinated UAT sessions with stakeholders for product approval
- Maintained DevSecOps pipelines by automating security testing and scanning to improve code quality
- Utilized AWS Cloud services and Jenkins to create a CI/CD environment
- Maintained project documentation, including requirements, schedules, and change requests
- Contributed to the development and improvement of the project management processes and best practices
- Ensured that the project team completed all deliverables on time and within the budget.
Project Manager/Data Scientist
Wells Fargo
10.2016 - 10.2018
- Served as a servant leader for the team
- Facilitated the adaption, implementation and sustainability of Agile processes, principles and practices
- Helped the scrum team focus on creating high-value increments
- Supported three different Agile teams on different applications
- Partnered with all three scrum teams to estimate backlog and then prioritizes ongoing sprints to maintain Roadmap
- Helped with AI-IS and TO-BE analysis and documentation
- Defined and documented business, functional & technical requirements
- Created multiple Visio diagrams to show the current & future state
- Analyzed and communicated stakeholder needs by translating business requirements into software requirements
- Analyzed and synthesized process and strategy documents into process flows with clear next steps
- Documented Epics, User Stories, Tasks, Technical Stories, and other artifacts as required by Avenue agile development policies
- Ensured that all User Stories are independent, negotiable, valuable, estimable, sized appropriately, and testable
- Acted as liaison between business stakeholders, vendors, customers and the development team
- Coordinated and facilitated discussion sessions between vendors, customers, business stakeholders, product team, subject matter experts, and other contributors as necessary
- Identified business challenges and opportunities for improvement, evaluated impact to the business, and proposed strategic solutions
- Used modeling, testing and data models to improve the flow of information through an organization to enhance project success
- Developed and deployed machine learning models to predict customer churn
- Analyzed large data sets using Python, and SQL to extract actionable insights that informed key business decisions
- Created data pipelines for ETL processes, automating data collection, cleaning, and transformation, reducing manual effort
- Utilized data visualization tools such as Tableau to present complex data trends to stakeholders, improving data-driven decision-making
- Implemented Natural Language Processing (NLP) techniques to analyze customer feedback, enhancing product development strategies
- Conducted A/B testing to optimize marketing strategies
- Collaborated with cross-functional teams to integrate data science solutions into existing business processes, improving overall efficiency
- Built predictive models for sales forecasting
- Mentored other data scientists, providing guidance on model development and data preprocessing
- Automated data reporting processes, significantly reducing the time required to generate weekly and monthly reports
- Worked with big data technologies like Hadoop and Spark to process and analyze large-scale datasets, enhancing data processing speed
- Conducted exploratory data analysis (EDA) to uncover hidden patterns and trends, leading to new insights and strategic initiatives
- Integrated machine learning models into production environments, ensuring seamless deployment and scalability.
Education
Bachelor of Arts - Business Administration
Skills
Operating Systems: Windows NT/XP/2000, Windows 10
Project Methodology: Agile SCRUM, Rational Unified Process (RUP), Waterfall
Tools: Jenkins, GitHub, Bitbucket, Maven, Microsoft Azure DevOps, Splunk, Crowdstrike, MS Office Suite, MS Project, MS Visio, JIRA, Kubernetes, Confluence, AWS, SoapUI, Fortify, ServiceNow, Azure, SonarQube, OWASP ZAP, Blackduck, Checkmarx, Nessus, XACTA, JFROG, Nexus, OpenShift PaaS, Docker, Ansible, New Relic, Nagios, gradle, Chef, Puppet, Salesforce (CRM), A/B Testing tools: Google Optimize and Optimizely, SailPoint
Database: SQL Server, Oracle, DB2, TOAD, Teradata, PostgreSQL, MongoDB, Snowflake
Programming Language: SQL, Python
Risk Management Frameworks: NIST Management Framework (RMF), ISO 3000, COBIT, ITIL
Awards: "Team of the year - 2021" by USCIS for developing a Biometrics Enrollment Tool for the agency
Project Management skills: Project Planning, Stakeholder Management, Risk Management, Change Management, Schedule Management, Budget and Forecasting, Resource Allocation, Project Lifecyle
Certification
PMP
Timeline
Project Manager
National Science Foundation (Booz Allen Hamilton)
12.2021 - Current
Project Manager/DevSecOps (SSA - Social Security Admin)
Deloitte
11.2020 - 09.2021
Project Manager/Scrum Master (USCIS/DHS)
01.2019 - 11.2020
Project Manager/Data Scientist
Wells Fargo
10.2016 - 10.2018