DAVE WELLS
Senior IAM / SSO Systems Integrator | CISSP | 30+ Years IT, 20+ Years Federal Application Security
Fenton, MO 63026 | 314-230-6492 | dave@davewells.me | linkedin.com/in/thedavewells
PROFESSIONAL SUMMARY
Senior Identity & Access Management (IAM) and Single Sign-On (SSO) Systems Integrator with 30+ years of IT experience, including 20 years supporting federal application security programs for USDA and the U.S. Department of Education. Deep hands-on expertise integrating Oracle Access Manager (OAM) 12c, CA SiteMinder/CA SSO, SAML federation, web agents, and reverse proxy architectures across Windows Server, Red Hat Linux, IIS, and Apache environments. CISSP certified, with a track record of migrating hundreds of applications with documented 99% success rates and zero critical outages. Currently expanding into cloud IAM, process automation (Power Automate Desktop), and modern security tooling.
CORE COMPETENCIES
- IAM & SSO: Oracle Access Manager (OAM) 11g/12c, CA SiteMinder, CA SSO, IdentityMinder 6.x/12.x, IBM Tivoli Access Manager (TAM), SailPoint, SAML 1.0/2.0, OAuth 2.0, OIDC, Federation, Zero Trust
- Infrastructure: Windows Server (2008-2022), Red Hat Enterprise Linux (6.x-9.x), IIS 7-10, Apache 2.2-2.4, Active Directory, LDAP, DNS, Reverse Proxy Architecture, Web Agents
- Security Operations: Incident Response, Root Cause Analysis, Log Forensics, Critical Outage Resolution, Vulnerability Assessment, NIST 800-53 Compliance
- Automation & Modern Tools: Microsoft Power Automate Desktop (PAD), REST API Security, AWS/Azure IAM Fundamentals, JIRA/Atlassian, Tableau, Remedy, Salesforce
- Compliance & Documentation: Federal Security Standards, FedRAMP/NIST, Audit Preparation, Install Guides, Topology Diagrams, Training Materials
SELECTED CAREER IMPACT
- Zero-Downtime Migration: Led migration of ~200 applications to a new environment over two weekends, achieving a 99% success rate with no critical outages.
- Portfolio Ownership: Secured the identity lifecycle for 300+ applications across two of USDA’s largest divisions within a 500-application federal portfolio.
- Process Automation: Self-taught Microsoft Power Automate Desktop to build custom bots automating monthly reporting, cutting manual data entry and reducing status reporting time by ~25%.
- Standardized Onboarding: Built the integration questionnaires, topology diagrams, and install/config guides that became standard operating procedure for application onboarding across federal teams.
- Long-Term Delivery: Personally integrated 240+ applications over a 20-year span (POWTEC, FMI, Ace Info, LS3Tech) while maintaining continuous production support with no mission impact.
PROFESSIONAL EXPERIENCE
Identity and Access Management (SME) | LS3Tech Sept 2016 – June 2026
Fort Collins, CO (2016–2019) → Remote / St. Louis, MO (2019–2026) | 9 years, 9 months
Client Engagement: U.S. Department of Agriculture (USDA) | Sept 2016 – Sept 2021
- Supported application security integration for two of USDA’s three largest agencies, covering approximately 300 of 500 applications in a large federal portfolio.
- Integrated enterprise applications with CA SiteMinder/CA SSO using SAML federation, meeting strict federal compliance requirements.
- Implemented and supported web agents, reverse proxy patterns, and SAML federation for federal application access control across hybrid infrastructure.
- Diagnosed and resolved integration failures using log analysis and command-line tools, restoring service with minimal disruption to federal operations.
- Evaluated CA Secure Reverse Proxy Server as a service option; authored install guides, configuration guides, and training materials adopted by customers and peers.
Client Engagement: U.S. Department of Education & Internal Projects | Sept 2021 – June 2026
- Integrated enterprise applications with Oracle Access Manager (OAM) 12c using SAML authentication and federation for the U.S. Department of Education.
- Gathered requirements and led configuration walkthroughs directly with application teams and technical staff to complete integrations for mission-critical federal systems.
- Built integration questionnaires, tracking documents, and topology diagrams enabling application onboarding without reliance on tribal knowledge.
- Identified inefficiencies in manual monthly reporting workflows; independently learned Microsoft Power Automate Desktop (PAD) to build automation bots that eliminated manual data entry.
- Configured and administered Atlassian/JIRA for cross-team project tracking, establishing standardized workflows that reduced status reporting time by ~25%.
Identity and Access Management (SME) | Ace Info Services Aug 2011 – Aug 2016
Fort Collins, CO | Client: U.S. Department of Agriculture (USDA)
- Handled application security integrations supporting approximately 220 of 450 applications within the USDA technology portfolio.
- Led a critical weekend migration of ~200 applications to a new environment, achieving a 99% success rate with zero critical outages.
- Supported mixed environments including Windows Server 2008/2010, Red Hat 6.x, IIS 7/8, Apache 2.2.x, SAML 1.0, web agents, and proxy servers.
- Integrated 99 applications over five years; received year-end recognition for reliability and technical follow-through during high-volume migration windows.
Identity and Access Management (SME) | FMI Corporation Jul 2006 – Aug 2011
Fort Collins, CO | Client: U.S. Department of Agriculture (USDA)
- Designed and implemented application security across Windows, Apache, CA SiteMinder 6.x, IdentityMinder 6.0, and Active Directory environments.
- Planned the upgrade path to SiteMinder and IdentityMinder 12.x, including compatibility testing and deployment planning for legacy access management services.
- Redesigned security for 100+ applications to accommodate agency changes without disrupting service or causing outages.
- Integrated 145 applications over five years while supporting day-to-day federal application operations.
Identity and Access Management (SME) | POWTEC Jun 2005 – Jul 2006
Remote | Multi-Agency Support
- Managed IAM solutions focused on CA SiteMinder Web Agents, implementing Single Sign-On (SSO) across multiple domains.
- Developed automation for administrative tasks and supported integration of new applications into the SSO environment.
- Collaborated with 29 agencies to support customer projects and policy management across a portfolio of 400+ applications.
CERTIFICATIONS & TRAINING
- CISSP – Certified Information Systems Security Professional | ISC² | Issued Dec 2025, Expires Jan 2029
- ITIL v3 – Information Technology Infrastructure Library
- Certified CMMI Associate | CMMI Institute
- In Progress: Certified Ethical Hacker (CEH), AI Security Certification, AWS Cloud IAM Fundamentals
- Vendor Training: IBM Tivoli Access Manager (TAM), Netegrity SiteMinder, CA SSO, SailPoint, Oracle Access Manager 12c
ADDITIONAL TECHNICAL PROFICIENCIES
- Protocols & Standards: SAML, OAuth, OIDC, LDAP, Kerberos, SSL/TLS, X.509/PKI, DNS, TCP/IP
- Diagnostics: Command-line diagnostics, log analysis, packet capture (Wireshark/tcpdump)
- Independent Study: Adversary simulation and defensive security labs (TryHackMe); SIEM/EDR concepts (Splunk, ELK)