Principal Resume
CF Data Security, z/OS Mainframe Operating Systems and Architecture
Mary Winfield is an experienced Information Technology Consultant who specializes in IBM MVS Z/Series Operating system architecture with a sub-specialty in RACF Security. She supports client engagements and provides high-level technical expertise and management skill for the development, implementation, and maintenance of enterprise-wide security which protects z/OS mainframe application software, networks and systems. Her technical project history begins in and continues into as a dedicated IBM Systems Professional with research interest in Information Security and Privacy. She is a senior Information Security professional with a dedicated, hands-on background as an IBM Systems Engineer who established a consulting practice in .
Mary is a significant project resource who supports creation of IBM architecture Security Server policies, standards, guidelines and procedures for RACF along with other IBM Security Server components including DCE, LDAP, Intrusion Detection Policy Manager. Her project research and due diligence measures identified z/OS security vulnerabilities, associated risks, and potential data loss. Significant z/OS MVS recommendations included mitigation strategies which eliminate direct threat of data loss and system availability.
Mary Winfield demonstrates a thorough understanding of global technology as it relates to information security, including computer virus threat, Spyware prevention, patch management, wireless networking, firewalls, password management, single sign-on, identity management, operating systems, Kerberos security tokens, directory services, Public Key Infrastructure, and applications including e-mail, web technology, Red Hat Linux Enterprise, OS and z/OS MVS.
Recent Accomplishments:
• Principal Pre- Sales and Delivery role in a Canadian federal government security assessment project for major data centers managed by IBM RACF and Computer Associates Top Secret.
• Key resource in Security Assessment role for evaluating security infrastructure for the State of North Carolina’s Department of Revenue and Office of the State Controller
• Speaker at the Vanguard RACF Security Conference
• Developed a project work plan for RACF Security Server Sarbanes-Oxley compliance for a publicly traded corporate client in the insurance industry.
• Conducted an enterprise-wide security assessment of OS RACF Security, corporate network, desktop and server environment for a private healthcare facility and presented remediation findings to its senior management as part of a HIPAA compliance review.
• Due Diligence of z/OS Legacy and Open systems applications
• Began a security vendor regression and new product testing initiative for Microsoft Vista BETA
• Designed a Software solution RACF toolkit using SAS and SyncSort producing Query and Audit reports of RACF Security Server extracted data content using the ETL output of IRRDBU
• White Paper outlining IRRDBU as an inexpensive data collection method for IT RACF environments alone or as a supplement to a secondary security audit tool (such as Vanguard Suite and/ or Consul/Risc)
Current R&D efforts involve normalizing RACF conversion data to review infrastructure of post-migration security database content for a large z/OS installation. Ms. Winfield maintains a Windows and Linux based computing lab for testing and evaluation of emerging technology in the Information Security area. She is experienced providing hands on project support for client upgrade efforts for IBM’s S MVS Operating Systems software and diagnostic tools, Unix Systems Services architecture, Red Hat Linux, Mandrake Linux and Linux . Her current IBM mainframe research includes the IBM RACF ETL IRRDBU Utility and Wireless Communications using Bluetooth and WiFi .b and newer Mbps “G”.
Mary Winfield is a member of Association for Quality, ISSA, New York Software Industry Association and NaSPA. She is currently pursuing certification in Six-Sigma Green Belt Project Management, Oracle OCP Data Base Administration and CISSP. She is active within the NYSIA organization as Principal of a US Based Woman Owned Company.
TECHNOLOGY SKILLS
IBM OS and z/OS MVS mainframe environment and major subsystems including parallel Sysplex, LDAP Server, PKI utilized in mainframe web enabled applications, major subsystem securely deployed into active production usage; SMP/e, Assembler Language Programming, DB Administration, Basic SQL Query, VSAM and IDCAMS Data Manipulation, Network configuration and Security Engineering.
IBM Systems Engineer
Expertise with a solid year foundation as an OS MVS Systems Programmer utilizing Assembler language programming - SVC and Exits, DFP and Access Method Services, Master Catalog and ICF VSAM, S Utilities, RACF internals and data set configuration, JES, TSO, GTF, CICS, DB, IPCS, VTAM, DDR, MQ Series, Language Environment (PL/I, COBOL, FORTRAN, C, Runtime Library Invocation), Network Data, Bulk Data Transfer, FTP, SyncSort, Netview Distribution Manager, DFDSS, DFHSM, FDR/ABR, Computer Associates Tape Mgmt & Job Scheduling, Extract Transfer and Load software, SQL, Oracle, UDB, JCL, AbendAid, WLM (Work Level Manager), Basic & Parallel Sysplex, SMF, CA-Endevor, Panvalet, ACF, RMF and SAS.
• SMP/E to install software product builds, selective APARs and PTFs
• Knowledge of MVS MACRO and Control Blocks used in security exit design and implementation.
• IPCS Debugging and problem determination skills using a diagnostic approach in resolving any vendor engineering issues. Ms. Winfield manages IBM source/object operating system software using standard SMP/E for change control and deployment according to IBM industry standard practice for Global-Target and Distribution zones; she adapts to established convention of a client's data center for SMP/E zones, Master and ICF Catalogs, Shared Proclib and JES Console required by IBM SYSPLEX.
• SNA, TCP/ IP, FTP/Telnet protocols at application and system levels
• IBM's Netview network management software and console automation facility
• Service Level Agreement based configuration of end-to-end physical network components based on device & application
• VTAM, CDRM and NCP sub-area configuration and dynamic activation
• Desktop Sun Java Developers Kit JDK
• SAS .. for Windows XPP security analysis toolkit for RACF & CA-Top Secret
• WiFi . and DSL network configuration and implementation
• Z/OS Web Architecture security configured within Unix System Services and TCP/IP
CONSULTING EXPERTISE
Service engagements provided written impact studies including Enterprise assessment, "zero defect" implementation and re-engineering business IT model. Configuration planning tools include experience deploying Enterprise-wide systems integration solutions. Delivered solutions driven consulting to executive sponsor at client locations which enhance and improve security environment.
Mary’s technology solutions always utilize a project workflow study, process decomposition, creating a viable "prototype" as a "proof of concept" for re-engineering needs, and a recovery impact assessment for backup-restore requirements.
Provide solid communication to project Executive Sponsors; adheres to client organizational quality assurance conformance, including verification of key development activities, maintain customer budgets and issue resolutions. Reports to Executive sponsor on deliverable status, commitment results, and changes in development milestones.
PROFESSIONAL AND CONSULTING EXPERIENCE
Technology Consultant Role
MVS Systems Engineer & Client Engagement Manager to
Founder of Platinum Precision Software Inc., Wilmington Delaware
• Partner development: manages the identification, qualification and signing of prospective partners for the marketing of the firm's products/services including network security solutions, network performance monitoring solutions, and other similar services targeting OEMs, VARs and strategic partners. Partnership established with IBM Corporation, EMC and Vanguard Integrity Professionals.
• Experience selling computer security solutions and services in a channel sales environment.
• Sales cycle support and management of technical and business client engagement issues including: Statement of Work execution, formalized purchase order and procurement contract, billable change order (if required), recruit and hire personnel, prepare and maintain client project on an internet accessible database using MS Project, Excel and Access reporting with annual budget range of K to M.
• Sarbanes-Oxley compliance and security assessment for enterprise computing organizations using z/OS IBM Mainframe technology, distributed systems and desktop computing.
• Z/OS Security Server installation and configuration using IBM SMP/E and ServerPac software tools.
• Provide direction and leadership to Data Security officers, Security Administrators and IT Auditor organizations for government and private industry IBM MVS installations using RACF.
* Policy and Procedure design for RACF and CA-Top Secret security organizations which reflect industry standard audit practices and access control constraints.
* RFP writing with all technical specifications for proposed integration deliverable, and RFP proposal bid writing for commercial and government contracts.
* Project planning and management using MS Project for RACF assessments, installation and upgrade efforts, and corporate administrative security function.
* OS MVS ServerPac operating system upgrade using SMP/E, Assembler, IBM Standard Utilities, IPCS, Macros, Third Party OEM Program Product installation/customization, activate IBM Parallel Sysplex shared resources and common files, RACF RRSF, diagnostic and debugging of software PMR incidents, approached technical HOLDDATA PTF members as a team member for correct APPLY process, tested and deployed software upgrades in a Sandbox LPAR before Change control updating into Production status, maintain SMP/E zone configuration according to client convention and standards.
* CA-ACF to RACF migration support | with IBM Software Migration Team Leased Conversion Tool & client computing resources, re-engineering of MVS exit code and software product interfaces, rebuild corporate security model and infrastructure.
* Top Secret to RACF migration support | independent entity relationship model from current security infrastructure to RACF managed environment
* RACF security Data Mining using IBM IRRDBU and IRRADU ETL database extract and report generation using SAS, SyncSort, ICETOOL and DB SQL query. Scheduled to speak at August SHARE on this project activity
* Automated FTP SURROGAT Class User configuration for protected, privileged file transfer production activity.
*Install, configure and manage Linksys Router and Firewall for Windows server environment including Windows XP- and Red Hat Linux desktops, removed Spyware and set up defensive software on desktops preventing future Spyware attacks. Used Norton Professional System-Works (Norton Anti-virus, Norton Firewall, and Norton Ghost), Ad-aware, Aluria Spyware Tool and MacAfee.
* Configured all PROCLIB member contents into valid MVS Started Task defined activity using STARTED Class and ICHRIN, eliminating need for " * " asterisk STC events other than "emergency".
* RACF Group Tree content and structure assured client data centers that all potential HLQ (High Level Qualifiers) had a corresponding RACF Group Name resulting in conformance to naming standards and chargeback
* RACF security management includes OS MVS TSO, Batch, CICS, DB, CA-Datacom, CA-, CA-IDMS, CA-IDEAL, SMS managed DASD and Tape media, DB Secondary Auth Ids, OMVS Segments, MQ Series, Unix System Services Hierarchical File System (HFS), policy managed UID types, Distributed computing platform including APPC Class Descriptor Table resource protection, CICS transaction protection in MRO managed online environment (including CICS Transaction Server),
BMC Control-D & Control-M products, Vanguard Integrity Professional Software Suite, CKS-Pass-Go Software Single Sign On password management solutions, Oracle Application Server and MVS Web enabled applications (including PKI protection using new IBM CDT features).
Systems Engineer Support Projects: Developed and configured software test cases for developer and test analyst execution for IBM and Third party vendor software modules designed for OS, VM, OS/ and Windows NT builds of IBM’s Netview, RACF, IMS, CICS, Open Edition MVS, ACF, SMF, SMP/E, VTAM, Parallel Sysplex Data Sharing & Automation Facility, TSO, DB and Data Facility Services VSAM.
Maintained LAN Windows NT server environment with software, systems management and network configuration. Adjunct duties included the preparation and maintenance of Quality Assurance automated testing environment, source code library management, operating system testing LPAR for IBM release dependent integration environment, VTAM, SNA Server and Open Systems network configuration (Local channel attached and Cross Domain Resource Managers), TPNS scripts, and SMP/E zones. Customized & maintained OS for web enabled applications. Planned Software QA standards with management and team; proactively involved IBM & Vendor Product Administrators and Beta/Early Ship users into QA business model to enhance scope of pre-release vendor evaluation.
OS MVS Server-Pac updates to bring data center mainframe operating system and third part program products into deployed new release, use SMP/E to Receive all install objects, APPLY Check and APPLY Write, Research all HOLDDATA PTFs and customize as required, manage testing objectives and schedule with corporate technical and business users, facilitate training and documentation with Operations staff, document all RACF and SAF Security interface modules and test according to corporate policy, communicate all problem determination with vendor as required. Research all “toleration PTFs” as identified by IBM for maintaining existing old release and new release across LPARs.
OS MVS to z/OS Migration Path Planning: research IBM Recommendations published Fall for upgrade to z/OS operating system build using Server-Pac, research new hardware and software features.
DB Version Beta testing of Linux and Windows -XP versions using RACF IRRDBU Extracted records as database instance.
Research DFDSS and FDR/ABR Storage management software tools for RACF protected operation and deploy PTF maintenance as required to avoid RACF Discrete dataset profiles
Configure Parallel Sysplex RACF Resource Sharing Facility between OS MVS LPAR systems using unique security database contents, configured all IBM system resource components including LU., PARMLIB settings and software definitions.
Netview testing project for Netview Automation and Message Forwarding between MVS and VSE at IBM RTP Communications Computing Lab modified VTAM and NCP definitions, x. telecommunication resources, Tandem hardware connectivity for shared system channel attachments.
Maintain WiFi and Bluetooth Communication configuration for Laptop computing platform running Windows XP Professional, Windows Professional and Red Hat Linux Version . WiFi . WEP security protection and , WiFi Wireless Linksys Cable/DSL Router with Mbps “G” bandwidth, Wireless architecture scheme research for future policy enforcement in a corporate IT organization for internal and remote computing. Research . device drivers for Pentium Intel CPU hardware.
RACF IRRDBU ETL Utility processing of security database content into physical sequential file for program access by SyncSort, DB and SAS for ad hoc query without accessing subsystem data. Prototype daily ETL procedure into OS GDG sequential file for historical retention and flexibility in accessing ownership and access control information for security RACF objects and files.
Client Summary: Frontier Technology Solutions, Rochester Telephone, Aetna US Healthcare, MCI WorldCom Telecommunications, Amdahl - Fujitsu, Guardian Life Insurance, Greenwich Technology Partners
Corporation, JP Morgan, IBM Corporation Professional Global Services, Indianapolis Power, J-Crew, Marist College, Arthur Andersen, Pitney Bowes Business Systems, Platinum Precision Software Inc., IBM Corporation Network Systems Division, IBM Corporation Professional-Global Services, IBM Japan, VM Software, Amdahl Fujitsu Corporation, Michelin Corporation-France & North America Headquarters, General Electric Capital and Mortgage, Avis Rental Cars, Otis Elevator, Sikorsky Aircraft, Ames Department Stores, IBM ITSO Poughkeepsie New York Lab, Global Digital Forensics, Symantec Professional Services, State of North Carolina Department of Revenue and State Controllers Office, Rochester Institute of Technology
Assignments
Philip Morris International
IBM Corporation Netview Testing Project -
IBM Professional Services – Ames Retail
IBM Professional Services – Sikorsky
IBM Corporation
MCI WorldCom
Otis Elevator
Crew Retail
IBM Corporation
Indianapolis Power & Light
MCI WorldCom
JP Morgan/Chase
General Electric Capital
MCI WorldCom
Rochester Telephone
Amdahl Corporation
Aetna US Healthcare
IBM Corporation
Newark Housing Authority
Guardian Life Insurance -
HIP of New York
PWGSC of Canada -
Network & Security Technologies, Inc.
IBM Global Services -
Global Digital Forensics and Symantec -
PROFESSIONAL STAFF POSITIONS
Senior Systems Programmer to
Martin Marietta Data Systems Orlando Data Center Orlando Florida
Configured Outsourcing Service Provider data center DASD inventory for both SMS and Pre-SMS volumes ( - special attention to private and spare drives); IBM MVS storage management using DFHSM, DFDSS and FDR; corporate RACF administration function supporting technical issues and IT risk management; RACF FMID exits and related software systems programming, ICF and VSAM catalog shared system environment, SMF archival, SUNGUARD Disaster Recovery compliance, Master Catalogs, TSO and ISPF products, CA Tape Management and MVS DFP component related software. Mentoring of outsourcing technical customers, corporate contact for Computer Associates Panvalet and ASM software products (annual user group conference speaker), and RACF IBMUSER data center contact (RACF data set indexing and reorganization, System environment and Audit). Migrated over , discrete RACF profiles into standardized generic profiles, Group Tree restructuring and RACF Data Set expansion (using Range Table). Review and install all IBM and Third Party software RACF Security exits.
Provided supervisory support to a staff of twelve senior and intermediate technical specialists.
Systems Programmer to
Aetna Life and Casualty - Hartford Connecticut
Performed MVS DASD Management for corporate IBM Data Center. Maintain DASD software environment, device service level agreements, production and test availability for corporate programming and operations staff, configured FDR backup for inventory and coordinated scheduling with data center operations, researched EROPT with vendors, supported migration of VSAM and Non-VSAM objects from to drives, maintained inventory of VSAM user-catalog volume ownership and chargeback accounting information in a pre-SMS DASD configuration. Work with Quality Assurance group to ensure disk name convention adherence to DASD naming standards. Reviewed extracted SMF and MICS data for DASD usage and response time to assess differences between and storage devices.
CERTIFICATIONS
Pursuing CISSP Security Certification with ISC
Pursuing Oracle i DBA OCP Certification
Pursuing Six Sigma Green Belt Certification with Association for Quality
Visual Basic Application Development – USDA Graduate School Winter
COURSEWARE TAUGHT
RACF Command and Application Security for Users
RACF Systems Programming Installation and Configuration
RACF Security Server for Console Operations Staff
SOFTWARE
MVS JCL, SMP/E, NetMaster, REXX, NDM, VSAM, IDCAMS & Access Method Services, ASSEMBLER, LINKAGE EDITOR-BINDER, TSO/E, ISPF, CLIST, CICS, IMS, VTAM, NCP, Netview, FTP, SNA Gateway, APPC, TCP/IP, FDR, DFDSS, DFDSF, DFHSM, AbendAid, LU., CA-&, CA-Endevor, Omegamon, JES, SMF, MXG, MICS, DB, Universal DB NT edition, Oracle, Windows NT & , OpenEdition MVS, MQ Series, DSL, Netscape, Internet Explorer, Microsoft BackOffice, MS Project, Project Workbench RACF, ACF, Sync Sort, Visual Basic, Image Plus, OS HPFS, RACF Vanguard Report Suite, SDSF, IOF, OS nsf Directory Services, LINUX Directory Services, OS Trusted Node and Console Security, VM/ ESA , Red Hat Linux, Windows , Windows XP Professional, Windows Server (Microsoft Beta Testing), MS SQL Server DTS Data Transformation Tool ETL, WiFi . Wireless WEP Security & protection, Linksys Router & Firewall LAN Connectivity, Pocket PC, Bluetooth Wireless Piconet Network Management, Microsoft ActiveSync, Windows Server Beta
HARDWARE
IBM OS CMOS PROCESSOR SERIES & Plug-Compatible Vendor Processors
IBM ES
IBM and Series
IBM and AS/ Midrange PROCESSOR
HP
DEC VAS
Windows NT SNA Server
IBM NCP
Bluetooth Wireless & Piconet Configuration
WIFI . Wireless Device
Linksys Router & Firewall including Wireless Mbs “G” Level
PROFESSIONAL ASSOCIATIONS:
Oracle Technology Network sponsored by Oracle Corporation,
ISSA Security Association National and New York Chapter, -
RACF Users Group
SHARE IBM Mainframe Users Association – Pending RACF IRRDBU ETL Abstract
NASPA National Systems Programmers Association
REFERENCES FURNISHED UPON REQUEST
