Marc P. Dioso
(925) 698-9135 * firstname.lastname@example.org
Environments & Tools
Languages and Interfaces:
Tools, OS Platforms, and Source Management:
Visual Studio, Eclipse, Xcode, Fortify, Burp Suite | Windows, UNIX (Solaris, AIX, HP), Apple iOS, OS/2 | Subversion, Perforce, VSS, CVS, PVCS
Sql Server, Oracle, Sybase, Access, Paradox, Clipper, Dbase, MySQL, SQLAnywhere, Raima, Btrieve, IBM Database Mgr
Design Methodologies and Process:
Object Modeling Technique(Rumbaugh), OOD/OOA(Booch), SOA | UML, RUP, SCRUM, SA/SD(SDLC)
Senior Application Security Engineer: AsTech Consulting, 2-2009 to Present
Performing manual code review and static code analysis using SAST tools for web-based, desktop, and mobile enterprise solutions to identify critical internet security vulnerabilities, assess risk exposure, and provide source code remediation guidance and/or implementation
Collaborate with colleagues to analyze source code, assess risk, prioritize vulnerabilities, and provide remediation guidance used to generate and present comprehensive security assessment and recommendations report to development and management team
In-depth understanding of web application security threats, vulnerabilities and risk of external/internal exploit
Solutions and recommendations for source code remediation are based on OWASP guidelines, Secure Coding Practices, PCI, PKI, and HIPAA standards
Developed Advanced Fraud Analytics modeling application using R-based statistical analysis, user profiling, and rule-based customer risk scoring – integrated data points for potential money laundering, credit card fraud, suspicious transactions/activity, political exposure, terrorist financing, etc.
Developed numerous utility programs to parse and mine information from multiple databases, proprietary and commercial file formats to build analytics data model
Developed internal web-based Security Assessment statistics and Vulnerability Metrics database and front-end application for Ad Hoc security trend and mitigation analysis (ASP.Net, SQL Server 2008)
Authored blog articles on Application Security topics for publication on company website; also acted as moderator for company website blog article user comments
Senior Software Engineer, Project Leader: Audatex/Solera formerly ADP, 3-2004 to 12-2008
ASP.Net/C# development on end-to-end web-based SOA Claims Processing solution for the Insurance and Auto Collision Industry, which integrates multiple Enterprise applications.
Team Lead for project which included migration of central Dispatch engine from ASP/VB/ActiveX to ASP.Net/C# and N-Tier SOA implementation. Managed overall development and worked on new .Net assemblies and .Net Web Services which replaced the legacy ASP/VB xmlHttp web services and components. Support installation and deployment of .Net components/services on internal test and Production servers.
Team Lead for major .Net rewrite of central Claims Viewer application middle tier business logic to use authentication-based access to LDAP and DB based insurance claim information.
Developed ASP.Net assemblies and web services to process security and authentication information based on centralized LDAP configuration settings for organization, user, and role-based profiles. Developed .Net assemblies, which encapsulate configurable business and search logic previously embedded in PL/SQL and stored procedures. Worked with DBAs to tune embedded SQL, stored procedures, and configured connection pooling parameters for search queries.
Project Lead and hands-on developer for Quarterly and Monthly releases which include customer and internal enhancements as well as critical hotfix/patch deployments. Interface with Product Mgmt for requirements, provide development sizings, perform design and code reviews. Manage external team dependencies, integration testing and deployment support for all development and production environments. Development contact for Production-related escalation issues. Conducting training sessions and mentoring new developers on team.
Software Engineer (part-time contract): New America Software, 10-2009 to 12-2009
Solution Platform: .Net/C#, DevExpress, SQL Server
Maintained / enhanced C# utility programs to generate code and scripts to build and synchronize SQL Server database tables which support a Multiple Year Tax Filing application for businesses and individuals
Senior Software Engineer: ADP, 2-2003 to 3-2004
Lead engineer on front line Production Support for end-to-end web-based Claims Management system. Developed and managed deployment of critical hotfix patches for Prod issues.
Technical Liaison for remote developers for migration to new DB schema and N-Tier SOA platform
Senior Software Engineer, Project Leader: ADP, 9-2001 to 2-2003
Solution platform: ASP, DHtml, VB6, ADO, Oracle, XML
Developed and maintained centralized Claims Viewer application to help transition clients from mainframe to web-based solution.
Managed contractors, worked directly with Product Mgmt and Client Services to obtain requirements.
Scheduled/developed/deployed multiple releases for client enhancements and resolution of critical Production issues.
Senior Software Engineer: ADP, 12-2000 to 9-2001
Solution platform: C++, XML, DCOM/MTS, Oracle, VB6
Maintained and enhanced client/server message routing and communications management infrastructure.
Supported MAPI, MSMQ, and internal protocols over RAS and Wireless transports.
Developed tools to troubleshoot performance, connection, and threading issues
Senior Software Engineer: Premenos/Harbinger/Peregrine, 1-96 to 12-2000
Solution platform: C++, NT, Unix(Solaris/AIX/HP), VB, CORBA, Oracle, Sybase, SQLServer
C++ NT/Unix cross-platform development for Electronic Commerce-enabling software which provides secure EDI transport over the internet by integrating PKCS encryption, authentication, non-repudiation of origin and receipt, key management, message tracking, archiving and multiple point-to-point internet protocols Implemented SMTP, POP3, MAPI, FTP Client, and SSL TCP/IP transport classes for NT and Unix
Integrated SOCKS5 proxy server support for product on Solaris, AIX, HP-UX, Win 95 & Win NT
NT middle tier and UI built on C++/MFC and VB utilizing OLE, CORBA and ODBC to SQL Server
Developed client, server, and database installations for Win NT/95 using InstallShield
Supported Unix platform script installations including bundled Oracle and Sybase versions
Created project and design process templates, which were adapted for company-wide use
Automated windows build process to ensure consistent binary configuration for distribution
Provided mainline contact for Technical Support group for all Windows and Unix platforms
Technical Consultant (Project Lead/Team Leader): ADP, 8-93 to 1-96
Solution platform: C++, NT, Windows SDK, Paradox, PVCS, OMT
Developed O-O C++/Windows GUI Framework which was used as base architecture for Pen-based laptop estimating system.
Framework was reused across corporate estimating product line.
Led UI design and development effort with migration to Client/Server (TCP/IP) and Component Architecture.
Developed Vehicle Damages Page of pen-based claims workstation, which integrated point and click part selection and compressed vehicle graphics and data.
Project/Technical Lead for customizable Forms Manager project utilizing scripting language, customized in-house class library and dynamic data dictionary for UI flexibility.
Maintained architectural UI framework/controller allowing parallel development of UI DLLs.
Presented Object and Dynamic Modeling class for management and programming staff.
User Interface Team Leader functioning as lead developer while reviewing internal designs, providing architectural guidance, scheduling & assigning tasks, and resolving product issues.
Software Engineer/Project Manager: Onsite Systems, 8-90 to 7-93
Solution platform: C++, NT, Windows SDK, Oracle, zApp, Vitamin C
Developed O-O C++ system-level reuseable Windows GUI class library for screen generation and pharmaceutical data entry software using Borland c++, Zapp class library, and Oracle database. Beta prototype was developed using MSC 6.0, CommonView class library and dbVista 3.1(RAIMA).
Led multiple releases of Clinical Data Cube software, which managed the electronic capture of Clinical Trials data for pharmaceutical companies. Developed C++ object-oriented access method and data decryption classes for proprietary clinical data database.
Developed Windows Spreadsheet App for Management Reporting using MS EXCEL SDK, DLLs, and DDE.
Conducted O-O Design and C++ training classes for internal Engineering Group.
Systems Engineer: Fireman's Fund Insurance Co., 1-89 to 8-90
Solution platform: ‘c’, OS/2, Presentation Manager SDK, IBM Database Mgr, ERWin data modeling
One of lead developers for insurance system automating Rate, Quote, Issue, and MIS using IBM C2, OS/2 PM SDK, and IBM Database Mgr (Crystal and GUPTA DB were used for prototype). Created MDI-like Notes processor with insert, fonts, wrap and resize (emulated MLE control).
Developed Insured Rating module involving extensive data field capture and validation and complex risk rating and underwriting algorithms
Workstation to Host communication via APPC, Remote Data Services, and Communications Gateway.
Responsible for multiple DLL creation and integration, DB2 Table Design, and embedded SQL coding (static and dynamic).
Programmer/Analyst: Micro Force Innovations, 7-88 to 7-89
Solution platform: Dos, Clipper, Dbase IV
Developed Dental Office Automation system and user documentation (Dbase and Clipper S'87)
Integrated dental office management reports using Dbase table data and MS Excel macros
Owner/Founder: MPD Enterprises (Consulting), 1-90 to present
Developed Holistic Pet Care website, which integrated Online store and credit card processing
Developed informational and product websites for various merchants and vendors
Custom small business applications development using Visual Basic and Clipper SDK
Real Estate Investment and Property Management
California State University, Hayward (4.0 GPA)
· Master of Science, Business Administration: Computer Information Systems
San Francisco State University (Cum Laude)
· Bachelor of Science: Computer Information Systems
· Bachelor of Science: Finance
· Minor: Asian American Studies
California State Real Estate License, College of Marin
California Notary Public
Awards & Affiliations
Beta Gamma Sigma, World Class Service Award (ADP), President’s Award (ADP), Apartment Owners Assoc, Aikido Schools of Ueshiba, Delta Sigma Pi, Nat’l Honor Society, Licensed Childcare Provider