Mark Johnson
Details
Management Information Systems
Metropolitan State University
1990 : 1995
Associate of Science (A.S.)
Business Administration--concentration in Information Systems
Brown Institute--Minneapolis
1984 : 1986
Computer Science
University of Minnesota-Twin Cities
1980 : 1983
Ameriprise Financial Services, Inc.
Sr. Information Security Engineer
2014 : 2018
Ameriprise Financial Services, Inc.
Software Engineer
Analysis, design, development, testing, delivery and support of multiple projects including :
• • Health care bank account web portal application. Contributed as a member of an “agile” team. Completed over 20 “sprints” to deliver new functionality per customer requirements. Wrote code to enhance recurring and scheduled bill payments, add external bank accounts and reimburse HSA funds as well as other system enhancements. 1 year
• Auto-adjudication system to resolve complex claim adjudication issues. Contributed to 19 quarterly releases. Modified web pages, maintained middle tier code, supported build and deploy processes, created stored procedures and shell scripts to support operations, etc. Completed complex redesign of over 100 batch operations to use the corporate sanctioned scheduling tool. 5 years
• Large-scale batch billing application with hundreds of interrelated components. Production support lead. Monitored daily production operations to rapidly resolve issues. Wrote monitoring application to alert team of potential problems. 2 years
• Benefit configuration system. Supported Java batch component to extract data from CICS for use in consumer facing web application. Used connection pool software to “screen scrape” data from mainframe. Redesigned system to use multi-threaded Java application with stored procedures increasing performance by 125%. 4 years
• Letter generation system sending millions of letters per year. Assigned to hand-picked team for redesign from PowerBuilder to J2EE. Wrote MDB interface to get consumer data from mainframe using JNI to connect “C” code with EJB. 4 years
1998 : 2014
UnitedHealth Group
Sr. Software Engineer
Analysis, design, development, testing, delivery and support of heavy aircraft maintenance labor tracking system. Completed re-architecture from Clipper to PowerBuilder/Sybase. Sole developer for all aspects of this critical project until the last year when 2 programmers and a business analyst were added. Carried out all aspects of the software development lifecycle including project manager, business analyst, systems analyst, programmer, quality analyst and operations support. 7 years
1991 : 1998
Northwest Airlines
Software Engineer
Independent contractor on a lien tracking system for the construction industry for a small finance company. Created complex serial port communication software to transfer information from customers to central database. 7 years
1987 : 1993
Construction Network Services, LLC
Programmer (part time)
Skills
Agile & Waterfall Methodologies, Agile Methodologies, Amazon EC2, Amazon Web Services (AWS), C, Code Review, Communication, Data Analysis, Databases, DB2, Enterprise Architecture, Enterprise Software, Extract, Transform, Load (ETL), Java, JBoss Application Server, JSP, Leadership, Linux, Microsoft Office, Microsoft SQL Server, Object-Oriented Programming (OOP), Oracle, Oracle PL/SQL Development, Perl, PostgreSQL, Programming, Programming Languages, Python (Programming Language), RDBMS, Relational Data Modeling, Service Oriented Architecture Design, Shell Scripting, Software Development, Software Development Life Cycle (SDLC), Sybase, Technical Leadership, Unix, Unix Operating Systems, Unix Shell Scripting, Web Applications, Web Development, Web Services, Websphere, WebSphere Application Server, Written & Verbal Communication Abilities, XML
About
I am a Sr. Information Security Engineer--formerly a Sr. Software Engineer--with over three decades experience delivering large scale software projects individually and as part of a cohesive team. I have experience in all phases of the software engineering life cycle and in agile development environments. I've worked individually, on teams of over 50 and everything in between. Haven't seen it all--but I have seen a lot. Over the years I have developed strong communication skills that enable me to deliver software that meets requirements. Learning from excellent leaders has helped me develop low maintenance, enterprise ready systems.
Six years ago I moved over to the dark side--Information Security--with a fantastic team that has taught me a lot! With my development background, using the AWS Python Boto3 API, I developed a compliance scanner based on the AWS Config service that identified all AWS resources that were non-compliant with the existing rules. I worked with colleagues from our Cloud Engineering team to develop additional security rules and to automate tickets for application teams to remediate findings. Thousands of potential attack surfaces have been remediated since deployment of the compliance scanner.
Pairing knowledge of the compliance scanner and my increasing knowledge of InfoSec with my software development skills led to the creation of NetStalker--a custom, multi-threaded, vulnerability scanner that scans the ports of over 1 million internal IP addresses (servers, network devices, printers, phones, etc.) to determine what software and version is running. The design allows quick addition of new stalkers as analysis of the data identifies new needs.
My strong relational database background enabled creation of the NetStalker data model--tables, columns, indexes, foreign keys, etc. Good working knowledge of Sybase, Oracle, Sql Server, DB2 helped me create a third normal form data model for NetStalker allowing SQL queries to run efficiently.
Combining my 30+ years in Software Engineering with 6+ years in Information Security has been very rewarding. I hope to continue building on that and delivering valuable solutions in my future endeavors.
Profile Photo
