Peningo Systems, Inc.

Resume of Consultant: PEN173

Rate: email us at for rate information

Forgerock Consultant

Has and expertise in SSO / access and identity management solutions for the last 10 years with clients in UK / Europe and the United States. Has worked
for all the largest ISV's

Product's used range from IBM Tivoli SSO Suite / Oracle SSO Suite / CA / Forgerock and other's

As a senior consultant, he can design and architect solutions as well and day to day installation / configuration / troubleshooting , this is helped by 20
years Unix and network experience, with load balancing / clustering and high availability options.

•        Design of a Load Balanced dual OpenAM Infrastructure
•        Installation and configuration of OpenAM 10.0.1 / 10.1.0
•        Installation and configuration of OpenDJ
•        REST based integration for mobile applications
•        OpenAM Integration into Google
•        OAuth2 Integration with Openam to Facebook
•        Amazon EC2 design to a global multi zone global OpenAM Infrastructure
•        SAML Based Authentication with a SP and IDP
•        Load Balancing / Clustering / High Availability / Ldap Replication

Technical & Management Profile
•        Enterprise         Architecture  
•        Security            Architect  
•        Solutions         Architecture
•        Performance         Architect


IBM Tivoli        Tivoli Federation Identity Manager ,Tivoli Access Manager , Tivoli Identity Manager ,Tivoli Webseal , Tivoli Directory Server, Tivoli
Omegamon, Tivoli Monitoring,Tivoli Security compliance Manager, Tivoli Security Operations Manager, Sterling
Documentum        Content Server Site Delivery Services  ,
Site Delivery Services, Rendition Server, WDK ,Content Caster ,  web publishing , web admin, webtop Version 5.2.5 sp 1 2 3 4 , 5.3 , 5.3 sp 1
JAVA        Weblogic , Websphere , Jboss , Tomcat , JMS , JNDI
SUN        Web Proxy , Squid ,  Webmail , Directory Server (ldap), Sun Access Manager , Java Identity Manager
Peoplesoft        Peopletools , CRM, HR , FIN , Integration Broker , Version 8.8 Ptools 8.4.1 , 2,3,4,5,6
Security        CA (Siteminder) , Entrust ( Getaccess ) , Tivoli Access Management
Tivoli Identity Management , Tivoli ESSO , Tivoli Directory Server, Sun Access Manager , Sun  Identity Manager, Ping Identity , Camsoft , SAML, WS
Security, Open SSO 8 , 8.1 , OpenAM 9.5
Security n-tier Design , OS Hardening , firewalls , Intrusion Detection Systems, Virtualisation , Cloud Security , SAML
Ldap        Tivoli Directory Server , OpenLdap , Sun Directory Server , OpenDJ
Hardware        E10 K , Netra Enterprise 300,400,6500 , 6800
Sun        All Versions from Solaris 2.5 to Solaris 10
Linux        Fedora
Microsoft        Windows 95, 98 , 2000 , 2003
Employment History

Feb 2013 – May 2014         

Position:                Mobile Identity Architect

Engaged to help client design and implement a Single Signon Solution using the Forgerock stack using OpenAM and OpenDJ for a billion users, with a
rapidly changing software base using an Agile model and continual build / test process.

•        Design of a Load Balanced dual OpenAM Infrastructure
•        Installation and configuration of OpenAM 10.0.1 / 10.1.0
•        Installation and configuration of OpenDJ
•        REST based integration for mobile applications
•        OpenAM Integration into Google
•        OAuth2 Integration with Openam to Facebook
•        Amazon EC2 design to a global multi zone global OpenAM Infrastructure
•        SAML Based Authentication with a SP and IDP
•        Load Balancing / Clustering / High Availability / Ldap Replication
•        OWASP Zap proxy / Nessus vulnerability testing
•        F5 WAF ( Web Application Firewall ) design
•        Design of XML Gateway Vordel / Layer 7
•        Jenkins/Bamboo/svn/maven continual build/test model

March 2013 – November 2014                 

Position:                OpenAM Architect

Design and lead a team of 10 guys doing a custom openam solution for a 4g network rollout for a billion users.
Enough said I think.

March 2013 – June 2013                   

Position:                Tivoli Integration Consultant   

Engaged to help multiple clients design and review of their current and future use of the Tivoli Access and Identity Management Stack

•        Design and Review Tivoli Access Manager
•        Design and Review Tivoli Identity Manager using Sterling and its integration with the Tivoli SSO stack.
•        Design and Review Tivoli Directory Server
•        Design and Review of External Authentication Service
•        Design and Review Tivoli Federation
•        Bespoke Installation and Configuration of any and all of the Tivoli Stack
•        Application integration of TAI with Websphere 8.x
•        Design / Review/  of Build Forge Implementation

Feb 2013 – March 2013                 

Position:                Sailpoint Consultant

Reviewed and wrote a report on sailpoint existing installation and configuration issues.
Provided recommendations.

October 2012 – Feb 2013                   

Position:                Oracle Security Architect   

Engaged to help multiple clients design and review of their current and future use of the Oracle Middleware Fusion Access and Identity Management
•        Design and Review Oracle Access Manager 11g R1
•        Design and Review Oracle Identity Manager 11g R1
•        Design and Review Oracle Federation Manager 11g R1
•        Design and Review Oracle Enterprise Gateway 11g R1
•        Design and Review Oracle Virtual Directory 11g R1
•        Design and Review Oracle Internet Directory 11g R1

April 2012 – October 2012           

Position:                Tivoli 3rd line Support   

Working with IBM Partner Portal Partnership, to provide a fully managed third line support and projects model
•        Technical review of TAM 6.0.0 and TDS 6.1 implementation
•        3rd line support of TAM / TDS / Webseal
•        Liaising with LogicaCMG for hardware and networking issues
•        Provided customised TAM and TDS training
•        Websphere support , deployment and configuration
•        Websphere Portal Support
•        Websphere Upgrade 6.x to 7.x to 8.x
•        Websphere TAI configuration
•        Upgrade Webseal configuration , junction level to handle password replay to backend  Business Objects
•        Looked at the options of upgrading from TAM 6.0.0 to TAM 6.2.1
•        Upgrade of TAM ESSO from 8.0 to 8.1
•        CI Integration using Build Forge
•        Deployment of new envs , upgrades and patches all done via Build Forge

March  2012 – April  2012                 

Position:                Tivoli Consultant

Enhancement to the South West One shared Infrastructure,
•        Update of Tivoli Access Manager
•        Update of Tivoli Federation Identity Manager
•        Update of Tivoli Identity Manager
•        Update of Tivoli Directory Server
•        Install and config or new DEV and UAT environments for TAM / TDS / Webseal and SAP App
•        Installation and configuration of Build Forge to all automatic upgrade of Tivoli Access Manager and Websphere

April  2011 – March  2012         

Position:                Security Architect IDM

Design and create a Pan European Portal and SSO Infrastructure.

•        Design of a Load Balanced dual OpenAM Infrastructure
•        Installation and configuration of OpenAM
•        Installation and configuration of OpenDJ
•        Performance Testing and Tuning using JMeter , garbage collection and tuning
•        Cookie based integration
•        OpenAM Integration into Google
•        OAuth2 Integration with Openam to Facebook
•        Amazon EC2 design to a global multi zone global OpenAM Infrastructure
•        Integration of Vordel’s XML Gateway
•        SAML Based Authentication with a SP and IDP
•        HOTP 2 factor Authentication
•        Design of REST based OpenAM use.
•        Migration of Legacy Apps from Siteminder to OpenAM
•        OpenAM Integration with ADFS 2 and Sharepoint 2010
•        Openam upgrade from 9.5.1 / 9.5.2 / 9.5.3 9.5.4

Feb  2011 – April                  

Position:                Security Architect

Working on various short term engagements for Nixu as a OpenSSO/OpenAM expert.

•        Review Finish University OpenSSO requirements
•        Review and advice on opensso clustering and performance enhancements
•        OpenAM low level 2 node cluster design
•        Migration Strategy for  Nokia from Siteminder to a OpenAM Solution
•        Fedlet integration into OpenAM
•        Creating Identity profiles for application
•        Installation and configuration of application on Jboss with JMS ,messaging using HornetQ verion 2.2.5
•        Creating a series of REST interfaces to HornetQ
•        Performance Testing  Jboss/HornetQ/JMS to 10,000 messages minute

October  2010 – Feb 2011 – PriceWaterHouse Coopers                          

Position:                Security Siteminder   Architect

I am working for Tata Consultancy on client site at PWC. We are migrating to Siteminder R12 and also doing a data center move. There will also we a
global consolidation exercise as well.

•        Siteminder Upgrade to R12
•        New Projects , where they need a Siteminder SME
•        Sunone Installation , configuration and replication
•        Siteminder Agent Registration
•        Replacement of Apache Webservers with IIS , Sharepoint and ADFS integration
•        Proof of Concept to replace IBM’s MQ with a open source alternative using
•        JBOSS and HornetQ version 2.1.2. This nneded to be highly secure and very fast.
•        Proof of Concept to introduce Siteminder Federation for B2B services over SAML
•        Proof of concept to introduce Transaction Minder , to authenticate Web Services with pwc.
•        Performance Testing of java with Siteminder R12

October  2010 – October 2010 –                    

Position:                Security OpenSSO  Architect

A short 4 week engagement to help Steria upgrade Sun Access Manager 7 to Open SSO 8 and integrate Sales Force in a SAAS model

•        Defined OpenSSO upgrade process
•        A did a POC upgrade from Sun Access Manager 7 to Open SSO 8 in a VMware environment.
•        Produced a detailed upgrade process and document.
•        SAML integration with CRM Sales Force in the Cloud
•        Reverse Proxies Squid for Caching and Apache as a Reverse Proxy

April  2010 – October 2010 – General Motors                           

Position:                Security   Architect

Currently GM have three totally separate SSO based solutions , using various COTS products IBM Tivoli , CA Siteminder and Oblix. These are for separate
parts of the business. Therefore they have decided to rationalise this and for cost  purposes, decided to start again and implement a brand new Open
SSO based solution.

My sole in this process is to create and validate the SSO Architecture , provide standards and to ensure that there is a corporate architecture in place
that is followed.

•        High Level Open SSO Architecture, 3 tier design
•        Low Level Design for a secure Reverse Proxy being Sun Proxy and Squid
•        Low Level Design for a clustered Open SSO Policy service
•        Low Level Design for Open DS , separate instances for policy and user store
•        Performance Analysis and tuning of OpenSSO
•        High Availability design using load balancing , clustering and ldap replication

June  2010 – October 2010 – CMEC                           

Position:                 Security  Tivoli Architect

I am currently employed on contract basis as a senior Tivoli Architect working within a small  team at CMEC, via Tata Consultancy Services . CMEC are
totally replacing the old CSA system , with a new enterprise wide solution , and Tivoli is at the heart of the Access Authentication Identity and Federation
of this enterprise. There is also a citizen’s portal to access these new services.

•        Low Level Design Tivoli Access Manager 6.1
•        Low Level Design Tivoli Identity Manager 5.1
•        Low Level Design Tivoli Federation Identity Manager 6.2
•        Low Level Design Tivoli ESSO
•        Installed and configured all elements in development
•        Creation of build documentation for production usage.
•        Government Gateway integration with TFIM via SAML 2.0
•        Implemented CARS audited reporting solution for TAM
•        Low Level Design for the Tivoli Monitoring 6.2.2
•        Low Level Design of Build Forge as a automatic integration and deployment tool
•        Automation of Tivoli Access Manager via Build Forge
•        Created and installed the ITM Development /Test and UAT Environments
•        ITM installation agents / TEMS and TEP for aix
•        Basic unix level monitoring for disk / cpu / memory and network
•        Performance and Throughput Testing of the whole solution
•        Advanced monitoring application integration for Webshpere / MQ and Tivoli Directory Server
•        Designed and build production clusters for TEMS and TEP.

November 2009 – June 2010 – AVIVA Insurance                  

Position:                  Tivoli Architect

I am currently employed on a long-term contract as a senior Tivoli specialist working within a large team at Aviva (Norwich UK). My role consists of the
completion of several key TAM/TIM/ITM projects within Aviva working to strict regulated processes & procedures.

•        Provision of TAM Support.
•        Application of patches/e-fixes/Fix Packs to TAM Environment Configuration of all TAM components in the Production environment.
•        Operational Acceptance of new deliveries throughout the delivery life cycle.
•        Monitoring/resolution of Incidents and Problems.
•        Development of monitoring for TAM 6.1  components.
•        Low Level Design for ITIM 5.1.
•        Development of ITIM 5.1 components and infrastructure / adaptors.
•        Liaison with key Infrastructure teams to ensure stability and responsiveness of TAM infrastructure.
•        Manage backup/restore strategies to ensure that backups are being taken regularly and periodically test restoration process.
•        Monitoring of LDAP replication.
•        Certificate management & licences.
•        Maintenance of documentation.
•        Configuration Database Maintenance.
•        Support for User Administration Tools.
•        Service Improvement Requirements and Implementation (e.g. monitoring, DB2 database reorg, proactive maintenance activities).
•        Worked in a small team enhancing the existing Tivoli Monitoring 6.2.1 infrastructure.
•        Planned the upgrade of the Tivoli Monitoring Infrastructure from 6.2.1 to 6.2.2
•        Proof of concept to prove that a smooth upgrade process can and will take place from ITM 6.2.1 to 6.2.2 for the Nexus project
•        Enhanced level monitoring for applications like IHS , Websphere , Websphere Portal , MQ , Message Broker , Tivoli Access Manager , Tivoli
Directory Server.


•        Reporting specialist
•        Working in a complex technical team.
•        Supporting both Unix (AIX) and Windows environments
•        Operating in a process driven environment.
•        Working with incident, problem and change management principles.

May   2009 – September 2009  Siemens

Position:                  Security Architect

Siemens Enterprise have won a single sign on access and identity management project to implement  their Dirx Access and Identity Management
Products for the National Police Information Agency.

1*        Proof of Concept to build all the Dirx Products
2*        Review of Overall Solution
3*        Review of High Level Design
4*        Produce and Review Risk Management Accredited Document Set
5*        Create component design for Access Model
6*        Create component design for Authentication and Authorisation
7*        Proof of concept for Siemens to prove there Federation FEP work with both SAML 1.0 and 2.0 ,
8*        Also WS TRUST in a portal to portal model , using WSRP , Web Services Remote Portlets.

March   2009 – May 2009    UK Border Agency

Position:                  Tivoli   Security SME ( Subject Matter Expert )

The UK Borders Agency have awarded IBM Global Services a ten year passport and biometric system project.

9*        Proof of Concept to build all the Tivoli Products
10*        Proof of Concept  to build all the Tivoli Security Products
11*        Proof  of Concept for Tivoli Security Operations Manager
12*        Proof of Concept for Tivoli Compliance Insight Manager
13*        Low Level Design for Tivoli Security Operations Manager and Tivoli Compliance Insight Manager
14*        Low Level Design for Tivoli Access Manager
15*        Low Level Design for Tivoli Motoring
16*        Integration of ITCAM products
17*        Integration of Tivoli Monitoring
18*        Integration of Omegamon into ITCAM for MQ
19*        Integration of Tivoli Security Products , TSOM , TCIM

Oct 2008 – Jan 2009   Ministry of Justice

Position:                  Tivoli   Architect

The Ministry of Justice are working with EDS on the Nomis Project. This is a new prisons and probation nomis offender management system.

·Review Tivoli Monitoring 5.1.
·Upgrade of Tivoli Monitoring to 6.2.1
·Designing new Alerts for Tivoli Enterprise Console
·Upgrade to Tivoli Netview , for SNMP based Alerts.
·Low Level Design of Tivoli Composition Manager
·Design and Integration for ITCAM j2ee
·ITCAM Integration with Business Object
·ITCAM Integration with Oracle Application Server
·ITCAM integration with Apache and IBM Httpd
·Design /install/config Tivoli Enterprise Portal
·Design and install for ITM 6.2.1 operating system agents
·Design and install for ITM 6.2.1 oracle agents
·Design and install for ITM 6.2.1 log file adaptor’s

March 2008 – July 2008   Met Police

Position:                  Technical Architect

The Metropolitan Police  are in a large transformation exercise

•         Worked on multiple project as a Technical Architect
•        Reviewed existing High Level Design
•        Advised projects on standard Met Police Architecture
•        Advised new projects

January 2007 – March 2008    NPIA

Position:                Integration Security Architect

The Police government body PITO has now been renamed NPIA, this is an amalgamation of 3 separate divisions...
NPIA has an enterprise wide single sign-on solution using Siteminder and Identity Minder.

•                Proof of concept of moving over from Siteminder to Sun Access Manager
•        Design of Siteminder upgrade from version 5 to 6
•        Design of Identity Minder upgrade  from version 5 to 6
•        Proof of concept of the Siteminder upgrade and migration process
•        Upgrade of Sun One Ldap server from 5.1 to 5.2
•        Apache Upgrade from 1.3.27 to 2.0
•        Installation and configuration of Wily Introscope , a java based performance management tool.
•        We used the Wily tool successfully with the Police Service Bus , to measure bottlenecks.

March 2007 – September 2007    Bank of Ireland

Position:                 Tivoli Security Architect

The Bank of Ireland has introduced a suite of applications for External and Internal Customer. This is being combined with a single sign-on project, to
have an Enterprise Wide Security and Access Control Mechanism. A further addition to this has been following an internal report to have an audit and
compliance section built in for Sarbanes-Oxley Act (SOX).

Alongside with this, the Bank of Ireland are outsourcing the production and disaster recovery capabilities to a British Telecom managed site...

•        Proof of Concept of Tivoli Access Manager and Sun Access Manager
•        Proof of concept for Tivoli Security Compliance Manager
•        Proof of concept for Tivoli Security Operations Manager
•        As part of the POC I did a full hands on installation of Tivoli Access Manager
•        Upon successful completion of the proof of concept for  the audit and compliance section, this was been  added to the BT Managed Environment
•        Design of Tivoli Compliance Manager
•        Design of Tivoli Security Operations manager
•        Both the Compliance and Operations Manager  have their own private section on a dedication san for log collection and investigation
•        There is a specific policy for SOX compliance within the Bank of Ireland that has been implemented using the Compliance Manager.
•        The Tivoli Security Operations Manager has been integrated into a custom Monitoring solution using Netview to immediately raise alerts of a HIGH
nature for intrusion detection.
•        Creation of a development system using Sun Access Manager , Sun Identity Manager, Tivoli Access Manager , Apache and Directory Server
•        Design of production and DR capabilities for   Tivoli Access Manager , Ldap , Policy Server , Webseal
•        Design and build  of a Tivoli Access Manager  Policy Server Clustered Solution
•        Design and build of a 4 node Websphere application server cluster
•        Design and build of a 4 way Tivoli Directory Server multi master ldap setup.
•        Design of a Dmgr deployment
•        Design and build of a fully resilient solution for Websphere , using Websphere ND , IBMHTTPD , and load balancing
•        Design and build for a 3 tier solution, utilizing a DMZ and reverse proxy.
•        Design of a production Load Balanced solution
•        Design and Configuration of al Webseal Junctions.
•        Custom Development of the Tivoli Access Manager API
•        Support of Production and Disaster Recovery Sites

Jan 2007 - March 2007    GEA

Position:                Peoplesoft /Security Architect  

GAE are implementing a Human Capacity Management solution for their newly combined HR department
This is a Linux based solution, with multiple development, system test and UAT environment all based upon VMware. As part of the project they have an
amalgamation of other application / systems that they want to create a unified simple single sign-on solution for.
•        High Level Design for Siteminder / Identity Minder SSO
•        Proof  of concept for a single sign-on model
•        Design and architecture of a highly resilient SSO solution
•        Low level design of a Linux based redhat operating system
•        Low level design for VMware based environment
•        Low level designs for apache , weblogic , PeopleSoft internet architecture , tuxedo , oracle
•        Development and test installation  / configuration for all PeopleSoft components
•        Peoplesoft Broker installation and configuration

May 2006 – December 2006   Government DVLA

Position:                Tivoli Security Architect

DVLA have undertaken a large migration / tech refresh series of projects to replace legacy mainframe based systems with heterogonous UNIX based and
j2ee application based applications. This transformation has been managed by IBM and Fujitsu.

•        Architecture / Design of a SAP shared services project for Dept of Transport. This was the single sign-on  layer (sso) using Tivoli Access Manager
and Tivoli Identity Manager
•        Built a VMware based proof of concept for Tim / Tam.
•        Created all High Level and Low Level Designs for Webseal, Policy Server, Authorisation Server for Tivoli Access Manager.  This was based upon the
Webseal Layer being on Windows 2000 and all other layers using Aix 5.2.
•        Proof of Concept of TSCM both client and server.
•        Design of  a IDS ( Intrusion Detection System) and Policy  , based upon Tivoli’s Security and Compliance Manager
•        Design and build of a MQ message hub using standard MQ , but then later on we have done a proof of concept to move to IBM Message Broker to
integrate messaging  and web services as a third party interface system
•        Infrastructure Architect for the SOM project, this based is for the sales of license plates. It will be a web channel based upon weblogic portal 8  ,
apache ,  but there will be a separation of the portal presentation layer and business logic layer. This separation is down via the use of Weblogic
Integration Server and Web Services.
•        Libra is a  government gateway project that links up with CJIT , Criminal Justice  IT. This handles speeding fines and points.  As part of this project
there is a simple workflow element to process messages using Weblogic Integration Server.

Feb  2005 – March 2007   Government UK Inland Revenue

Position:                Security Architect

Under the Aspire project both the UK government departments of Inland Revenue and  Customs and Excise are joining together to create a single
unified department called HMRC .
One of my main responsibilities was the weblogic architect / design , the other main responsibility was for the  design / upgrade  of the whole document
management system based upon documentum. This held all the static and dynamic content for HMRC.

•        Design and upgrade of BEA weblogic portal 6 to BEA weblogic portal 8 from an  Integration point of view.
•        Proof of Concept about the use of Weblogic  Integration Server  , specifically to split up the portal into two separate layers , one acting as the e
presentation layer , the other as the business layer.
•        Design and documentation of  weblogic 8 sp 1 ,2 ,3 , 4   build . Also weblogic express.
•        Design and Implementation of Clustered and non Clustered weblogic solutions.
•        Design and build of weblogic portal 8 producer / consumer tier. This is a basic level of abstraction.
•        Liaising with the Aspire E Delivery  , AAG Architects and Support Teams , for a consistent end to end process.
•        Migration of Documentum from a windows environment to  a mixed Solaris / HPUX environment.
•        Upgrade of  Documentum  5  to version 5.2.5 sp 5 . Also upgraded to the latest version 5.3 sp1  for
•        SDS,  SCS Content Server  and WebPublishing.
•        Performance testing the Documentum Architect and single components to  the agreed SLA.
•        Integration Engineering are the middle of middle teams. Therefore we act as a single point of contact for all technical queries and provide
•        Single Sign on Integration of the whole IR Portal using Get Access Entrust.
•        Proof of Concept project using Tivoli Access Manager , Tivoli Identity Manager compared with Get Access from Entrust. This implementation a
single sign-on solution , back ending into an ldap repository using Tivoli Directory Server.
•        Redesign from IIS on Windows to Apache on Solaris. Using mod_security , mod_apache  and BEA plug-in.
•        Overall Design of the Complete Web Hosted Business Objects Solution
•        Design of Business Objects Sever
•        Benchmarking and Performance Testing of Business Objects.
•        Design of  Web Intelligence running on Clustered Weblogic, this is a n tier environment both horizontally and vertically
•        Design and implementation of clustering and failover on all tiers
•        Integration work done via Webmethods and Informatica, using JMS and JNDI
•        Integration of COTS products using SOA and web services ,UDDI
•        Integration of Services between Webmethods and Weblogic 8.1
•        Design and Implementation of the TPSS  Pensions project using the GSI network to a separate DIS
•        Design and build of Webmethods and Pegarules for TPSS

April 2004 – Feb 2005   Government DERA

Position:                Senior Solutions  Architect

The Defence and Research Agency have started on a process of  Integrating their PeopleSoft  HR and FIN  applications into business objects and  a
project management tool..
This has lead to the concept  of an EAI Backbone as the method of integration PeopleSoft , and business objects.

•        Design  of the whole integration solution
•        Design of the EAI backbone
•        Design of PeopleSoft Integration Broker
•        Function and Performance Testing of Dera whole  Infrastructure hardware and applications.

April 2004 – Feb 2005   Government UK Trade and Industry

Position:                  Solutions  Architect

The UKTI and the Foreign Commonwealth Office are creating a single worldwide CRM solution using the j2ee application Epiphany over the GSI network.
Currently all the local offices around the world have their own separate system. There are lots of data duplication and no common single way of working.

Also UKTI have commissioned the migration from a manual CMS system to a generic COTS based product using  Percussion

•        Liaising with UKTI . DTI , DETICA staff.
•        Provide a single end to end solution and point of contact.
•        Vendor Management for fixed price deliverable.
•        Build Development Test and Production Systems
•        Design of apache , weblogic and oracle
•        Design and Integration of Percussion into the existing Infrastructure using Solaris , netegrity , tomcat and oracle
•        Design and Integration of existing Weblogic Portal into CMS specific portlets using web services.
•        Installation and configuration of the j2ee application Epiphany using Weblogic 8.1
•        Design and implementation of clustering and failover on all tiers, this was a n tier architecture
•        EAI integration done via web services using a Service Orientated Architect for CRM , PORTAL and CMS.
•        Integration from within CRM to Weblogic Portal 8.1
•        Content Management is done via static web pages on the Apache Servers. But Document Management is done via the database via the concept of
•        Performance testing of the infrastructure and j2ee environment to make sure that we can scale to a 300 user system. With 10 % concurrent activity.
•        Integration of siteminder into Epiphany
•        Solaris Hardening using jumpstart and JASS.
•        The next phase will be to implement a series of common web services between the portal and CRM.

November 2002 – April 2004 Pricewaterhouse Coopers

Position:                Technical Architect  / Security Architect

Pwc are the first company in the UK to implement Peoplesoft CRM 8.8 across the whole of the UK. Currently we have 8000 users. Each line of service had
a separate and local method for handling data and relationship.  This has now been brought into a single unified system. Also there is a two way multi
master replication with SAP Financials using idocs and business connector.

•        Detailed design and implementation of Websphere 3.5.1 upgrade to Websphere 5.0.1
•        Generated build documentation for Websphere upgrade , and third line support
•        Updating from current system to Peoplesoft  8.44 , with tuxedo 8 and websphere5.1 , web services clustering and failover
•        Upgrade of Websphere 3.5.1 to 4.0.1.
•        Migration of applications from 3.5.1 to 4.0.1
•        Design and Build Documentation for Websphere 4.0.1 Advanced Edition.
•        Liaison and management of CRM implementation to pwc standard and polices
•        Defining CRM within  pwc , working closely with Third Party Vendor i.e. Peoplesoft
•        Liaising with both us and UK portal  staff and the SAP financials project.
•        Design / Integration of Peoplesoft 8.8 CRM into a Websphere 4.0.3 advanced server environment. This involves apache, Websphere, Peoplesoft,
tuxedo and oracle.
•        Setting up and testing of Peoplesoft  Integration broker , using ftp , http and MQ interfaces
•        Implemented a 2 way interface via MQ into SAP R3 and Business Connector
•        Installation in development of Tomcat/Jakarta and another jsp container as opposed to Websphere
•        Implementing  JMS and JNDI for a j2ee application , and interfacing into MQ to connect to SAP financials via MQ and MQSI.
•        Testing out  Web Services with soap and it’s integration into Site Minder and SAP
•        Performance Testing on our UAT Environment to prove that we can cope with  8000 users at the  same, but with a 1000 concurrent users at any one
•        Integration of netegrity  Site Minder single sign on , in the environment , based upon site minder and ldap
•        I was part of pwc’s team doing a proof of concept for moving to Websphere portal 4.1. This was based upon Solaris  8 and  Websphere advanced
server 4.0.4. In particular  we were looking into Web Services and using a UDDI database to register the services .
•        I found the Websphere Portal project very interesting and spend a significant part of my own time learning web services and UDDI in relation to
Websphere. I also spent time getting an appreciation of
•        websphere5.
•        Design and implementation of a VCS Oracle Cluster using 2 SUN 1280’s and 4 3510 fibre array’s with 2 brocade switches.
•        Design and configuration of a Solaris based Anti Virus Solution
•        Design / configuration and implementation of IDS Intrusion Detection System from IIS. We are using host based and network based detection system
•        Utilising ISS , nmap and nessus to proactively test the ability of ISS
•        Review and enhancement of existing Solaris Jumpstart Implementation
•        Building Solaris based Packages for deployment

Mar 2003 – July 2003  Entra.Net

Entra are a small software consultancy that are selling a bespoke range of software applications that I  design and installed weblogic and  weblogic portal

Position:                 Websphere Infrastructure Consultant

•        Design of Infrastructure for weblogic
•        Design and implementation of  weblogic portal
•        Design and install of  apache  clustering and load balancing.
•        Integration with development for software application upgrade to support new weblogic j2ee infrastructure

October 2002 – November 2002 Tui Lunn Poly

Position:                 Technical / Solution Architect  

Lunn Poly has an internal j2ee intranet application that is used to book holidays. It uses the standard 3-tier logic with front-end web servers, middle tier
web logic application servers and back end oracle and legacy systems.
The client was encountering real performance problems and I was introduced  with a team of 3 consultants to help and advise. They are using sun
hardware netra’s, e20R’s and a e10K

•        Liaising and advising from a consultancy to Lunn Poly’s internal Staff
•        Working with third party vendor IBM global services
•        Review of existing design and infrastructure of weblogic
•        Analysis of problem and solution
•        Analysis of MQ  channels and mqsi
•        Review of Bea Web Logic Installation, memory, clustering
•        Review of Ldap Configuration for sign on
•        Re-installation of Netscape Web Server.
•        Testing done via Load Runner
•        Initial UNIX performance test analysis done with sar, top, vmstat, netstat and iostat, this was then graphed and analysed.
•        Installation and configuration of j2ee performance tool.
•        It ended out after lots of work that there was a in-house written application that spend lots of time doing synchronous MQ message calls and bad

Apr 2002 – October 2002 : Britannia Building Society

Position:                 WebsphereEAI  Infrastructure Consultant

Britannia are a mutual building society with 30 billion pounds of assets. In 2002  they were going through a 40 million transition from an ICL mainframe
system to a distributed Solaris based system. Using the technologies e1000 , cluster 2.2 , MQ  , mqsi  , message hubs and Websphere..
I  worked on the design / implementation and support of their whole new production system. This encompasses a whole spectrum of work  , dealing with
production installation , UAT testing , Regression and updating integration Rigs.

I also worked on a proof of concept for a BPM (business process management ) project  whereby we reviewed and tested the latest EAI software. This
being webmethods and  seeBeyond. IBM crosswords  and Tibco were eliminated early on . I worked on a webmethods side.  Britannia had just 20 million
doing there “big programme”  as described above. But still had very disparate and logically separate systems. So we looked at the possibility of
integrating then and creating a business process.

This involved installing and configuring the base webmethods , talking via MQ and interfacing into Summit.

•        Security hardening of the OS , Chrooting , removing services , VPN’s
•        Installation and configuration of MQ  series
•        Installation and  configuration of mqsi
•        Interface work which summit's Frontline suite.
•        Installation and configuration of IBM’s Edge Server , network load balancing system version 2
•        Migration from Websphere 3.5 to websphere4.0.1
•        Installation and configuration  of IBM Websphere 4.0.1  /2 / 3
•        Installation of tomcat  / jboss  for a free implementation of jsp / servlets.
•        Creating a new MQ Series data service for sun cluster 2.2
•        Iplanet LDAP configuration and replication for base ldap definition with also customer specific definitions.
•        SSL configuration end to end for ldap  , IBM apache  and Websphere
•        Integrated Websphere and ldap for Single Sign on
•        Installation of new versions of software using ANT. Ant was our standard generic built and configuration wrapper tool

Sept 2001 - Apr 2002: Maersk Data
Position:                 Solaris/Security  Architect

I worked for MaerskSealand, they are the world’s largest shipping company with sites all over the world. Currently they are transferring all their
production machines from Windows NT to Sun running Solaris 8. This is primarily using sun’s latest Starfire (Seringeti ) technology. This is also utilizing
the latest sun cluster 3.0 products.
I eventually moved back over from the client side of the organization to the implementation part. My name focus is on their worldwide document broker
system using  E1000. This has Oracle Parallel Server and IBM MQ Server for message passing using Hitachi SAN.

•        Internal security review using , nmap , nessus and ISS
•        Installation and  Configuration of E10K's
•        Installation and config of MQ Channels.
•        Sun 280 Starfire installation and configuration of test system using sun cluster 3.0 and  oracle parallel server.
•        Implementation of Hitachi SAN with use of VERITAS  file  system and VERITAS volume manager
•        Installation of Tivoli Storage manager

July 2001 - Sept 2001: AP Moller
Position:                 Senior Systems/Security Designer / Engineer

I worked with AP Moller, they are contracted to the world’s largest shipping company with sites all over the world. The Project involved  transferring all
their production machines from Windows NT to Sun running Solaris 8. This is primarily using sun’s latest Starfire (Seringeti ) technology. This is also
utilizing the latest sun cluster 3.0 products.
•        Design and implementation of Jumpstart using SUN PS’s Quark Modules , VERITAS, Flash, Jass.
•        Created Jumpstart course for new internal Staff
•        Installation and configuration of Sun Cluster 3.0, with VERITAS Volume manager and File System
•        Configuration of E10K
•        Created a standard set of hardware models
•        Created a security standard, utilizing the use of SSH , iplanet LDAP , tcp wrappers, Instruction detection systems, and firewalls
•        Created  designed and test implemented  Waveset central security management system, akin to site minder
•        Installation and configuration of both IBM Web sphere and MQ Series
•        Installation and configuration of plug in security module webseal to IBM’s ldap server Tivoli Access Manager
•        Installation and configuration of Redhat for portables.
•        Build kickstart for Linux platform

July 2000 - July 2001: Contracted to Vodafone - Vizzavi
Position:                Senior Solaris  Administrator / Systems/Security Architect (Team of 5)

I worked with Vizzavi for six months,  during a critical roll out phase  attributed to their Development of a Web Portal Site. This is the first initial stage
before they become an  ISP for their PAN European deployment.
Vizzavi had 3 main datacenters based about the major cities in Europe. This is for Disaster Recovery purposes. Initially all European sites will run out of
London. There were over 300 varied Solaris Servers.
Vizzavi’s main purpose in creating a Web Portal Site was for a single unified access point on the internet, whether you are accessing it via  a pc , a wap
phone of the tv.
•        Team Leader for 5 guys
•        Oracle Installation and basic configuration
•        SSH installation and security set up. Applying Cisco ACL rules.
•        Security Review of ESM. This is an enterprise based management system from Symantec. This involved installing and configuring the master
console, manger and agent hosts.
•        Security Review of Netegrity siteminder , as  a way of handling central security access for SSO and application logon.
•        Definition of security standard. Configuration and deployment of jumpstart with VERITAS Volume and vxfs ( file system).
•        Installation and configuration of Weblogic
•        Installation and configuration to vizzavi standards for oracle and Sybase. Also help in implementing a test datawharehouse.
•        Cisco switch and router configuration
•        Adhoc Installation of all Development Software and set up  with the use of  Clearcase
•        Writing bespoke scripts in Ksh and Perl
•        Design and configuration of VERITAS Netbackup.
•        Redesign of apache front end from Solaris to Linux
•        Tested Solaris HP and Linux for web server farming
•        Application Problem Solving for Developers , installing and integration of all java , JSP and servlets,
•        Tested the usefulness of Kerberos

April 2000 - July 2000: Contracted to NSC Technology
Position:                Unix Architect (Team of 6)

I worked with NSC Technology and one of their customers in Baltimore(USA). This customer is a leading international accountancy firm. They have built
with our help an e-commerce PKI Digital Signature Site. This site has the same capabilities as Verisign, but they already have a solid client base, whereby
the accountancy firm have full access to all areas of the business, and are trusted implicitly.
•        Team design of the customer site
•        Design of security standards of all Solaris machines, SSL , SSH , SEOS
•        Design and build of each application via the use of a Jumpstart Sever for 40 E420 and E200’s
•        Team design and configuration of PKI solutions Baltimore and Entrust.
•        Iplanet Netscape Enterprise design and implementation using iplanet LDAP directory server, enterprise web server and messaging server.
•        Implementation on 18 Firewall one machines across 2 sites. Each machine is connected to a separate set of Cisco vlans , and perform separate
business functions
•        OS installation using a mixture of Disk Suit and Volume Manager.
•        Security review
•        Set up of the X500 public certificate on the DMZ of our public interface.

April 1999 - April 2000: Contracted to UBS(GAM)
Position:                Senior Unix SA (Team of 3)

Union Bank of Switzerland is one of the largest banks with a trillion dollar turnover. They recently  have bought Global Asset Management  (GAM) for its
use of multimedia and its private clients.

September 1994 - April 1999: Pindar
Position:                Technical Support Solaris/Network Manager

Pindar is a medium sized family owned company of over one thousand staff. The division that I worked for. They are employed exclusively to the Yellow
Pages organisation, this is a wholly owned subsidiary of British Telecom plc.
Back to Peningo ForgeRock Sample Resumes
Back to the Peningo Forgrock Consultants
If your organizations has an IT Staffing or Consulting need for a
Foregerock Resource, please email us at . If you wish
to speak with someone from Peningo Systems, please call 914-921-3102,
 please click here to contact Peningo.