Jan 2022 – Nov 2024 · 2 yrs 10 mos · St Louis, Missouri, United States

• Principal in the Vulnerability Management organization, leading efforts around integration, adoption, and remediation using Source Code Analysis (SCA) software (Synopsys Black Duck.) Mentoring a DevSecOps team building code, tooling and workflows around Static Application Security Testing (SAST) and Dynamic Application Security System (DAST) tools.

Jan 2015 – Jan 2022 · 7 yrs · St Louis, Missouri, United States

• Commercial Expense Reporting and Analytics (CERA)
• Collaborated with Information Security on selecting an SCA tool, supporting Security Champions, and shaping Mastercard’s Open-Source policy. Assisted with TRT responses and critical support, including Log4Shell remediation across CERA. Contributed to GDPR/RTBF implementations and implemented CSRF protection for SDRAM. Modernized the GDR C/C++ platform, migrating to GIT, Bitbucket, Jenkins, Artifactory, Docker, and set up local development and unit testing. Developed Spring-boot microservices to replace legacy components.

Jan 2013 – Jan 2015 · 2 yrs · St Louis, Missouri, United States

• Masterpass / OpenAPI (Developer Zone / Mastercard API)
• Delivered Active-Active multi-datacenter capability with Open API (now API Gateway) and assisted in rewriting server-side components to RESTful APIs. Developed security solutions for Cross Site Request Forgery (CSRF) protection and secure web component embedding for third-party sites. Led integration of Masterpass 3-legged OAuth into Developer Zone/Open API. Supported third-party service integration, performance improvements, and PCI certification.

Jan 2012 – Jan 2015 · 3 yrs · St Louis, Missouri, United States

• Mastercard Labs
• Managed Mastercard Labs infrastructure setup, maintenance, and application deployments for multiple production pilots. Maintained Labs internal tools, (Jira, Confluence, Bamboo, Subversion, and GIT) and created pilot infrastructure with JBoss and Apache. Developed software for several Labs’ prototypes and pilots using Groovy and Grails.

Jan 2011 – Jan 2012 · 1 yr · St Louis, Missouri, United States

• OpenAPI / Mastercard DevZone
• As the technical lead for the initial release of MasterCard's Open API platform components, I guided architecture decisions, mentored the team, and ensured project milestones were met. I created system design documentation, worked with emerging technologies like OAuth, and set up application environments, including source control and deployment processes. I also led development activities, participated in the beta program, and worked on performance testing and Google Wallet integration. Additionally, I helped introduce Agile methodologies, collaborated with MasterCard's “Ghostbusters” group on support processes, and onboarded new teams to expand the project. I utilized Atlassian tools to streamline development, collaborated with numerous internal MasterCard teams, and supported operational readiness efforts for the platform.

Sep 2000 – Jan 2011 · 10 yrs 4 mos · St Louis, Missouri, United States

• Value Added Services
• Led and contributed to multiple high-profile projects for Smart Data Next Generation (SDNG) and Smart Data Online (SDOL), including customer-specific Single Sign-On (SSO) implementations, PCI compliance initiatives, and federated SSO integrations. Spearheaded the technical architecture of SDOL and the Global Data Repository (GDR), coordinating performance improvements and disaster recovery readiness. Provided leadership in security mitigation efforts, including Cross-Site Request Forgery (CSRF) and other attack mitigations, and actively participated in internal and external security audits. Developed enhancements in Perl, Oracle SQL, and JavaScript, led the rewrite of the myProvider web application, and converted SDOL to use mod_perl for improved performance. Served as the technical lead, collaborating with business partners and training internal staff while also being involved in all phases of the software development lifecycle and leading efforts for architecture roadmaps.

Mar 2000 – Sep 2000 · 6 mos

• Consultant to MasterCard performing web application development with Perl, C++, HTML, Javascript, BEA Tuxedo, Oracle and Apache prior to switching to an employee position.