Apr 2025 – Present · 11 mos

Oct 2024 – Present · 1 yr 5 mos

Sep 2024 – Present · 1 yr 6 mos

• The expert network you need to build an exceptional career in AI.
• Join us at ai-circle.org

Jul 2024 – Present · 1 yr 8 mos

Nov 2023 – Present · 2 yrs 4 mos

Oct 2023 – Present · 2 yrs 5 mos

Jan 2018 – Present · 8 yrs 2 mos

• Blockchain Security Working Group at Cloud Security Alliance Great China Region

Jan 2023 – Present · 3 yrs 2 mos

Aug 2022 – Present · 3 yrs 7 mos

Jan 2022 – Present · 4 yrs 2 mos · Fairfax County, Virginia, United States

Jan 2022 – Jan 2024 · 2 yrs

Oct 2021 – Present · 4 yrs 5 mos

• I am the Chief Editor for the following Springer books:
• 1) Generative AI Security
• 2) Beyond AI Book
• 3) A Comprehensive Guide for Web3 Security

Jan 2021 – Dec 2021 · 11 mos

Jan 2016 – Dec 2018 · 2 yrs 11 mos

• Blockchain Security Technical Guide

Jan 2016 – Dec 2017 · 1 yr 11 mos

Apr 2014 – Dec 2015 · 1 yr 8 mos

• Responsible for technical components of DHS CDM bid.
• Work with Tool Partners: Rapid 7, IBM AppScan, VeraCode, CyberArk, IBM BigFix, ServiceNow, BDNA and Splunk to refine solution. Helped to win the Award of $530 million.

Oct 2012 – May 2014 · 1 yr 7 mos

• Responsible for defining overall security approach for MA HIX project.
• Work with MA HIX clients to review and refine security architecture
• Work with cross functional teams to gather security requirements

Oct 2011 – Oct 2012 · 1 yr

• Chief Security Architect from CGI Federal side for Obama Care Project.
• Led CGI Federal security architect team to work with CMS and IRS to obtain initial ATO for Essential Health Benefit benchmark go live, activities includes oversight roles on the following
• hardening
• application security testing
• secure code review
• web service security approach
• REST security
• SSP, BCP/DR, IS-RA, E-Authentication, etc.

Feb 2010 – Dec 2015 · 5 yrs 10 mos

• Leading the effort of Application Security, Identity and Access Management, Security Testing ,Encryption, PKI, and other area of Security engineering efforts.
• Some of cool products I have worked in the past: Oracle Access Manager, Oracle Identity Manager, Sun Access Manager, Sun Identity Manager, Websphere Process Server, WebSphere Application Server, Microsoft Active Directory, Microsoft Studio, etc.
• Experience in FedRAMP compliance for CGIFederal Private cloud
• I have spoken at some of IT security conferences such as CPM West and CPM East, New York State Cyber Security Conference, and CGI Internal conferences.
• The following is a selected list of Speaking Engagements and Publications
• 1: "The future of Cloud Identity and Access Management", webcast speaker at Up 2011 Global Cloud Computing Conference.
• 2: Mobile Security Trends, Invited Speaker at HDI Executive Forum, June, 2011
• 3: 2011 DoD Cyber Crime Conference in Atlanta George on Web 2.0 Security
• 4: Securing Web 2.0: Are Your Web Applications Vulnerable? 13th Annual 2010 NYS Cyber Security Conference, 2010.
• 5: “PCI and ST&E”, Financial Cryptography and Data Security 2008, Twelfth International Conference, January, 2008.
• 6: “SOA and BCP”, Co-authored with Mark Spreitzer and presented at CPM 2008 West
• 7: “Identity and Access Management”, CGI 2nd Emerging Technology Summit, 2009.
• 8: “Web Application Security Testing Methodology” Co-authored with James Hewitt, 11th Annual NYS CyberSecurity conference 2008
• 9 “ST&E as Best Prevention and Cure for IT Crisis” Co-authored with Jim Hewitt, and presented at CPM 2007 East

Jan 2007 – Dec 2015 · 8 yrs 11 mos

• In charge to build AppSec Practice Team
• PKI, Data Encryption at Rest and in Transit. Identity and Access Managment

Jan 1997 – Jan 2004 · 7 yrs

• Worked in various level of capacity from system analyst to principal architect or team leader. Successful implemented full life cycle projects in Finance and Banking industry. The various banking applications including loan origination systems (ACAPS), collection systems (CACS), and loan decisioning system (Strata).