Marc P. Dioso

 (925) 698-9135 * mpdenterprises@yahoo.com

 

Environments & Tools

 

Languages and Interfaces:

ASP.Net/C#, VB.Net, C++, ASP, SQL, Visual Basic, Java, ‘c’, Cold Fusion, Javascript, Clipper/Dbase, PHP, COBOL | XML, XSL, ADO.Net, ADO, HTML, AJAX, XMLDom, XPath, xmlHttp, SOAP, LDAP, COM+

Tools, OS Platforms, and Source Management:

Visual Studio, Eclipse, Xcode, Fortify, Burp Suite | Windows, UNIX (Solaris, AIX, HP), Apple iOS, OS/2 | Subversion, Perforce, VSS, CVS, PVCS

Database Platforms:

Sql Server, Oracle, Sybase, Access, Paradox, Clipper, Dbase, MySQL, SQLAnywhere, Raima, Btrieve, IBM Database Mgr

Design Methodologies and Process:

Object Modeling Technique(Rumbaugh), OOD/OOA(Booch), SOA | UML, RUP, SCRUM, SA/SD(SDLC)

 

Professional Experience

 

Senior Application Security Engineer:  AsTech Consulting, 2-2009 to Present

Solution Platform: Fortify SCA, ASP.Net/C#,VB,J#, Java, JSP, Classic ASP, Visual Basic, ActionScript, iOS/XCode, Javascript, Cold Fusion, VS 2010, Eclipse

Performing manual code review and static code analysis using SAST tools for web-based, desktop, and mobile enterprise solutions to identify critical internet security vulnerabilities, assess risk exposure, and provide source code remediation guidance and/or implementation

Collaborate with colleagues to analyze source code, assess risk, prioritize vulnerabilities, and provide remediation guidance used to generate and present comprehensive security assessment and recommendations report to development and management team

In-depth understanding of web application security threats, vulnerabilities and risk of external/internal exploit

Solutions and recommendations for source code remediation are based on OWASP guidelines, Secure Coding Practices, PCI, PKI, and HIPAA standards

 

Developed Advanced Fraud Analytics modeling application using R-based statistical analysis, user profiling, and rule-based customer risk scoring – integrated data points for potential money laundering, credit card fraud, suspicious transactions/activity, political exposure, terrorist financing, etc.

 

Developed numerous utility programs to parse and mine information from multiple databases, proprietary and commercial file formats to build analytics data model

 

Developed internal web-based Security Assessment statistics and Vulnerability Metrics database and front-end application for Ad Hoc security trend and mitigation analysis (ASP.Net, SQL Server 2008)

 

Authored blog articles on Application Security topics for publication on company website; also acted as moderator for company website blog article user comments

 

Senior Software Engineer, Project Leader:  Audatex/Solera formerly ADP, 3-2004 to 12-2008

Solution Platform: .Net/C#, ASP, Ajax, XML, XSL, VB, Javascript, Oracle, ODP.Net, ADO, SCRUM

ASP.Net/C# development on end-to-end web-based SOA Claims Processing solution for the Insurance and Auto Collision Industry, which integrates multiple Enterprise applications. 

 

Team Lead for project which included migration of central Dispatch engine from ASP/VB/ActiveX to ASP.Net/C# and N-Tier SOA implementation.  Managed overall development and worked on new .Net assemblies and .Net Web Services which replaced the legacy ASP/VB xmlHttp web services and components.  Support installation and deployment of .Net components/services on internal test and Production servers.

 

Team Lead for major .Net rewrite of central Claims Viewer application middle tier business logic to use authentication-based access to LDAP and DB based insurance claim information.

Developed ASP.Net assemblies and web services to process security and authentication information based on centralized LDAP configuration settings for organization, user, and role-based profiles.  Developed .Net assemblies, which encapsulate configurable business and search logic previously embedded in PL/SQL and stored procedures.  Worked with DBAs to tune embedded SQL, stored procedures, and configured connection pooling parameters for search queries.

 

Project Lead and hands-on developer for Quarterly and Monthly releases which include customer and internal enhancements as well as critical hotfix/patch deployments.  Interface with Product Mgmt for requirements, provide development sizings, perform design and code reviews. Manage external team dependencies, integration testing and deployment support for all development and production environments.  Development contact for Production-related escalation issues.  Conducting training sessions and mentoring new developers on team.

 

Software Engineer (part-time contract):  New America Software, 10-2009 to 12-2009

Solution Platform: .Net/C#, DevExpress, SQL Server
Maintained / enhanced C# utility programs to generate code and scripts to build and synchronize SQL Server database tables which support a Multiple Year Tax Filing application for businesses and individuals

 

Senior Software Engineer:  ADP, 2-2003 to 3-2004

Solution Platform: ASP, XML, XSL, Javascript, VBScript, VB/ActiveX, ADO, Oracle, COM+

Lead engineer on front line Production Support for end-to-end web-based Claims Management system.  Developed and managed deployment of critical hotfix patches for Prod issues.

Technical Liaison for remote developers for migration to new DB schema and N-Tier SOA platform

 

Senior Software Engineer, Project Leader:  ADP, 9-2001 to 2-2003

Solution platform: ASP, DHtml, VB6, ADO, Oracle, XML

Developed and maintained centralized Claims Viewer application to help transition clients from mainframe to web-based solution. 

Managed contractors, worked directly with Product Mgmt and Client Services to obtain requirements.

Scheduled/developed/deployed multiple releases for client enhancements and resolution of critical Production issues.

 

Senior Software Engineer:  ADP, 12-2000 to 9-2001

Solution platform: C++, XML, DCOM/MTS, Oracle, VB6

Maintained and enhanced client/server message routing and communications management infrastructure.  

Supported MAPI, MSMQ, and internal protocols over RAS and Wireless transports. 

Developed tools to troubleshoot performance, connection, and threading issues

 

Senior Software Engineer:  Premenos/Harbinger/Peregrine, 1-96 to 12-2000

Solution platform: C++, NT, Unix(Solaris/AIX/HP), VB, CORBA, Oracle, Sybase, SQLServer

C++ NT/Unix cross-platform development for Electronic Commerce-enabling software which provides secure EDI transport over the internet by integrating PKCS encryption, authentication, non-repudiation of origin and receipt, key management, message tracking, archiving and multiple point-to-point internet protocols Implemented SMTP, POP3, MAPI, FTP Client, and SSL TCP/IP transport classes for NT and Unix

Integrated SOCKS5 proxy server support for product on Solaris, AIX, HP-UX, Win 95 & Win NT

NT middle tier and UI built on C++/MFC and VB utilizing OLE, CORBA and ODBC to SQL Server

Developed client, server, and database installations for Win NT/95 using InstallShield

Supported Unix platform script installations including bundled Oracle and Sybase versions

Created project and design process templates, which were adapted for company-wide use

Automated windows build process to ensure consistent binary configuration for distribution

Provided mainline contact for Technical Support group for all Windows and Unix platforms

 

Technical Consultant (Project Lead/Team Leader):  ADP, 8-93 to 1-96

Solution platform: C++, NT, Windows SDK, Paradox, PVCS, OMT

Developed O-O C++/Windows GUI Framework which was used as base architecture for Pen-based laptop estimating system. 

Framework was reused across corporate estimating product line.

Led UI design and development effort with migration to Client/Server (TCP/IP) and Component Architecture.

Developed Vehicle Damages Page of pen-based claims workstation, which integrated point and click part selection and compressed vehicle graphics and data.

Project/Technical Lead for customizable Forms Manager project utilizing scripting language, customized in-house class library and dynamic data dictionary for UI flexibility.

Maintained architectural UI framework/controller allowing parallel development of UI DLLs.

Presented Object and Dynamic Modeling class for management and programming staff.

User Interface Team Leader functioning as lead developer while reviewing internal designs, providing architectural guidance, scheduling & assigning tasks, and resolving product issues.

 

Software Engineer/Project Manager:  Onsite Systems, 8-90 to 7-93

Solution platform: C++, NT, Windows SDK, Oracle, zApp, Vitamin C

Developed O-O C++ system-level reuseable Windows GUI class library for screen generation and pharmaceutical data entry software using Borland c++, Zapp class library, and Oracle database. Beta prototype was developed using MSC 6.0, CommonView class library and dbVista 3.1(RAIMA).

Led multiple releases of Clinical Data Cube software, which managed the electronic capture of Clinical Trials data for pharmaceutical companies. Developed C++ object-oriented access method and data decryption classes for proprietary clinical data database.

Developed Windows Spreadsheet App for Management Reporting using MS EXCEL SDK, DLLs, and DDE.

Conducted O-O Design and C++ training classes for internal Engineering Group.

 

Systems Engineer:  Fireman's Fund Insurance Co.,  1-89 to 8-90

Solution platform: ‘c’, OS/2, Presentation Manager SDK, IBM Database Mgr, ERWin data modeling

One of lead developers for insurance system automating Rate, Quote, Issue, and MIS using IBM C2, OS/2 PM SDK, and IBM Database Mgr (Crystal and GUPTA DB were used for prototype).  Created MDI-like Notes processor with insert, fonts, wrap and resize (emulated MLE control). 

Developed Insured Rating module involving extensive data field capture and validation and complex risk rating and underwriting algorithms

Workstation to Host communication via APPC, Remote Data Services, and Communications Gateway.

Responsible for multiple DLL creation and integration, DB2 Table Design, and embedded SQL coding (static and dynamic).

 

Programmer/Analyst:  Micro Force Innovations, 7-88 to 7-89

Solution platform: Dos, Clipper, Dbase IV

Developed Dental Office Automation system and user documentation (Dbase and Clipper S'87)

Integrated dental office management reports using Dbase table data and MS Excel macros

 

Owner/Founder:  MPD Enterprises (Consulting),  1-90 to present

Software/Web development using C#, C++ programming, ODD, Website Design, HTML, Javascript

Developed Holistic Pet Care website, which integrated Online store and credit card processing

Developed informational and product websites for various merchants and vendors

Custom small business applications development using Visual Basic and Clipper SDK

Real Estate Investment and Property Management

 

 

Education and Training

 

California State University, Hayward (4.0 GPA)

  · Master of Science, Business Administration: Computer Information Systems

 

San Francisco State University (Cum Laude)

  · Bachelor of Science: Computer Information Systems

  · Bachelor of Science: Finance

  · Minor: Asian American Studies

 

California State Real Estate License, College of Marin

California Notary Public

 

Awards & Affiliations

Beta Gamma Sigma, World Class Service Award (ADP), President’s Award (ADP), Apartment Owners Assoc, Aikido Schools of Ueshiba, Delta Sigma Pi, Nat’l Honor Society, Licensed Childcare Provider