Leo Golas

pro’·gram·mer (n): An organism that converts caffeine into code.

Hello! My name is Leo Golas and I am a cyber security architect, a cloud architect, a project manager, a lead software engineer / developer, a recent father and a loving husband.

I have been working in the Cyber Security space for over 14 years and absolutely love how much it has evolved since then. I have done software and security projects for many Fortune 500 companies throughout the course of my career.

What I Do

Identity and Access Management

Experience in architecting, implementing & supporting Identity Management, LDAP Directories, Provisioning/Identity Workflows, Access Management, Single Sign on (SSO), Role Based Access Control (RBAC) Auditing, Database design, Database Auditing, SPML, Java/JSP Programming, Web Services, Attestation, and Report Generation.

DevOps & Secure DevOps

Developed and implemented several DevOps initiatives for clients leveraging the Atlassian stack (Confluence, Jira, Bitbucket and Crucible), as well as Jenkins for the CI/CD pipeline. Integration with Veracode for DAST (Dynamic Analysis Security Testing) and SAST (Static Analysis) security assessments.

Networking

Expertise with architecting and deploying enterprise security solutions comprising of Firewalls, VPNs, Load Balancers (ex: F5), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Proxy Filtering, Reverse Proxies, Security Gateways, Web Application Firewalls (WAF) and Data Loss Prevention (DLP) systems. Monitoring of network resources (systems, services and network activity) utilizing tools such as SolarWinds, PRTG, Nagios and Icinga.

Web Design / Web Development

Full Stack (soup to nuts) web developer. HTML, CSS, JavaScript, AJAX, PHP, Ruby (Ruby on Rails), Python (Django) website development background. Designed and developed countless WordPress, Joomla, Drupal and Shopify websites as well.

E-commerce

Developed several WordPress websites for clients utilizing WooCommerce (for E-Commerce), securing the overall website, tracking user behavior and demographics using GoogleAnalytics and setting up various Affiliate based marketing (Google AdSense and Amazon Associates). Also have experience in building e-commerce stores on Shopify and Magento platforms.

Cloud Architecture Design and Implementation

Designed and developed security architectures for cloud and cloud/hybrid based systems. Possesses a firm understanding of the offerings within Amazon Web Services (AWS) and the Microsoft Azure platforms. Experience architecting solutions within Amazon Web Services (AWS) and Microsoft Azure (including Office 365). Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments. Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (SAML, OAuth, OpenID, etc). Experience with deployment orchestration, automation, and security configuration management (Jenkins, Puppet, Chef, etc). Experience with service-oriented architecture for cloud-based services. Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.

SysOps Administration

Performed administration of UNIX, Linux and Windows based operating systems: including installation, configuration, tuning, upgrading, deployment, configuration management, backups and maintenance. Deployed, managed and operated scalable, highly available and fault tolerant systems. Migrated on-premise workloads to equivalent cloud based services. Adhered to various best practices, standards and control frameworks (NIST, CIS, etc.). Designed and implemented enterprise PKI solutions (ex: Microsoft PKI/Certificate Services).

Information Security Analysis and Incident Management

Handled numerous incidents and unexpected disruptions to production based services. Worked on identifying, protecting, detecting, responding and recovering from various threat actors and events. Troubleshooting of incidents involving printer related issues, wifi or lan connectivity issues, application lock issues, email service issues, laptop/desktop issues, AD and LDAP authentication issues, file sharing issues, single sign on (SSO) issues, federated single sign on (FSSO) issues, provisioning/deprovisioning issues, etc...

Project Management

Successfully lead large mission-critical projects, data center migrations, upgrade and consolidations, while maintaining business process continuity. Adept organizational and time management skills.

Testimonials

Resume

12 Years of Experience

Education

2004 - 2007
Briarcliffe College

Bachelor of Technology (B. Tech) - Applied Computer Programming

Alumni Scholarship Award, 2004

Licenses & Certifications

2016 - Current
(ISC)2

Certified Information Systems Security Professional (CISSP)

Credential ID 420821

Experience

2017 - Current
Ernst & Young (EY)

Manager (Cybersecurity / Advisory Services)

Ernst & Young LLP (http://www.ey.com) is a multinational professional services firm headquartered in London, United Kingdom. It is one of the "Big Four" audit firms and is the third largest professional services firm in the world by aggregated revenue in 2014. The organization operates as a network of member firms which are separate legal entities in individual countries. It has 212,000 employees in over 700 offices around 150 countries in the world. It provides assurance (including financial audit), tax, consulting and advisory services to companies.

Address: 5 Times Square, New York, NY 10036

2015 - 2017
Ernst & Young (EY)

Senior Associate (Cybersecurity / Advisory Services)

Ernst & Young LLP (http://www.ey.com) is a multinational professional services firm headquartered in London, United Kingdom. It is one of the "Big Four" audit firms and is the third largest professional services firm in the world by aggregated revenue in 2014. The organization operates as a network of member firms which are separate legal entities in individual countries. It has 212,000 employees in over 700 offices around 150 countries in the world. It provides assurance (including financial audit), tax, consulting and advisory services to companies.

Address: 5 Times Square, New York, NY 10036

2010 - 2015
Mycroft Inc.

Lead Software Engineer / Developer

Mycroft, Inc. (https://www.mycroftinc.com/) is a premier provider of IT infrastructure services, focused on identity management and application security, and including managed services and IT process improvement. In June 2007, Mycroft merged operations with Talisen Group, LLC expanding into the hosting, managed services and support services components of the delivery lifecycle.

Mycroft Inc has since been acquired by Ernst & Young. (http://www.prnewswire.com/news-releases/mycroft-team-joins-ey-to-expand-cybersecurity-capabilities-through-identity-and-access-management-300115602.html)

Address: 369 Lexington Avenue, New York, NY 10017

2008 - 2009
Mycroft Inc.

Software Engineer / Developer

Mycroft, Inc. (https://www.mycroftinc.com/) is a premier provider of IT infrastructure services, focused on identity management and application security, and including managed services and IT process improvement. In June 2007, Mycroft merged operations with Talisen Group, LLC expanding into the hosting, managed services and support services components of the delivery lifecycle.

Mycroft Inc has since been acquired by Ernst & Young. (http://www.prnewswire.com/news-releases/mycroft-team-joins-ey-to-expand-cybersecurity-capabilities-through-identity-and-access-management-300115602.html)

Address: 369 Lexington Avenue, New York, NY 10017

Coding Skills

Java

85%

C#

85%

PHP

80%

Unix Shell Scripting

80%

HTML / CSS

80%

JavaScript

75%

Python

70%

.NET

70%

Ruby

65%

Perl

65%

C++

65%

C

60%

Identity and Access Management Skills

CA Single Sign-On (AKA CA SiteMinder)

95%

Microsoft Active Directory

95%

Directory Services

90%

PingAccess

90%

Microsoft Identity Manager (MIM)

90%

CA Directory

90%

CA Federation (AKA CA SiteMinder Federation)

90%

Oracle Access Manager (OAM)

90%

ForgeRock OpenAM

90%

CA Identity Manager (AKA CA IdentityMinder)

85%

Oracle Identity Manager (OIM)

85%

Oracle Virtual Directory (OVD)

85%

PingFederate

85%

CA Single Sign-On SaaS (AKA CA CloudMinder Single Sign-On)

80%

Oracle Internet Directory (OID)

80%

Microsoft PKI / Certificate Services

80%

Duo (Cisco)

80%

SailPoint IdentityIQ

75%

CA Identity Governance (AKA CA GovernanceMinder)

75%

CA Strong Authentication (AKA CA AuthMinder)

75%

CA Risk Authentication (AKA CA RiskMinder)

75%

RadiantLogic VDS

75%

IBM Tivoli Directory Integrator (TDI)

75%

Oracle Identity Federation (OIF)

75%

Oracle Role Manager (ORM)

70%

ForgeRock OpenIDM

70%

CA Privileged Identity Manager (AKA CA ControlMinder)

65%

CA Data Protection (AKA CA DataMinder)

65%

IBM Tivoli Access Manager (TAM)

65%

IBM Tivoli Identity Manager (TIM)

65%

Cloud Skills

Microsoft Azure

90%

Microsoft Office 365

85%

Amazon Web Services (AWS)

85%

Google Cloud Platform (GCP)

65%

Other Skills

Microsoft Windows Server

90%

Red Hat Enterprise Linux / CentOS

90%

SQL

85%

Networking

85%

Web Design

80%

Wireshark

80%

XML

80%

Videos

Check out the latest cybersecurity videos here:
See All Posts

Contact

Get in Touch

How Can I Help You?