SUMMARY:

• Confidential is recognized by colleagues for innovative scientific approach to solving complex problems. His analytical solutions often exceed standard vendor - based security offerings. His core expertise is in finding and proving well-hidden security threats, when standard tools and processes see none. He then applies his extensive Security Architecture background in mitigation efforts.
• 5 years of Threat Assessments and Mitigations, Security Metrics, Security Architecture and Process re-inventions in Confidential Global Information Security Office
• Over 20 years of information security consulting experience for corporate customers in financial and technology industries
• Over 7 years of Disaster Recovery and Forensics experience in financial, energy, and technology industries
• Audited security controls and ensured compliance for the above companies
• Provided significant savings via cost-efficient and reusable solutions
• Was regularly awarded and recognized for excellent performance
• Constant learner:
• 3 Master’s degrees in Science and Technology and 6 Information Security certifications, listed below
• New: GCIA - Intrusion Analyst since 05/2017
• (ISC)2 CCSP (Cloud Security) certification since 02/2016
• GCED (Enterprise Defender) since 11/2014
• CISSP certification (since 03/2005)
• CISA (Auditor) certification (since 02/2006)
• GCIH certification (since 12/2006)
• Other Security, Windows, UNIX and Networking courses
• Architected innovative solutions for: metrics, search, analysis, automation, and security processes.
• Designed, implemented, and supported a spectrum of security processes in Confidential, Confidential, Confidential, Confidential, Confidential, and HP/CIBC. Examples are: security strategy and roadmap, malware incident response, full-disk encryption/decryption process, server certificate management, server hardening processes, key management
• Unconventional people skills paired with large-scale security management skills lead to significant achievements in building balanced security solutions in-line with the overall IT strategy
• Creative ability to develop, document, and educate customers and staff on the new technical solutions
• Conducted multiple security reviews for new network implementations, successfully persuaded management and teams to re-design for better security
• Performed multiple comprehensive Security and Disaster Recovery risk assessments and business impact assessments
• Trained Staff on Security/DR/BC process, change management, and related technologies
• Enjoys writing documentation as a form of creative art.
• Worked in most areas of Information Security: Operations, Risk, Processes, Architecture, Authentication, Authorization, Access Control, Cryptography, and Audit
• Expert knowledge of security concepts, models, and methodologies
• Experienced in Operational, System, and Network Security: processes, assessments, remediations, and monitoring
• Architected, implemented, and collaborated in many large-scale enterprise security projects of firewall infrastructures, corporate VPNs, antivirus management
• Conducted multiple vendor product assessments for security and enterprise use
• Multi-platform Single Sign-On project utilizing PKI-enabling suites
• Security & Risk Assessments for Tivoli Identity Manager implementations
• Enterprise firewalls, integrated firewall/IDS tools, many vulnerability scanners (network- and host-based), protocol analyzers, antivirus, and encryption suites.

WORK EXPERIENCE:

Confidential, Chicago, IL

Associate Managing Director

Responsibilities:

• Security analysis, audit, forensics, threat hunting, and expert support
• Security awareness and employe training
• Research on banking security and future trends

Confidential, Chicago, IL

Security Architect

Responsibilities:

• Special security projects and vendor assessments (Antimalware research, File/System Integrity, DR)
• Research on Complexity for security architectures intrusions detection
• Assistance (contributions and research) in global architectural initiatives of Confidential
• Direct contributions to Confidential Security Awareness Program
• Collaboration with the Confidential Application Security Team on dynamic scans and process development
• Training of Confidential interns on creativity and innovations (3 years of direct recognition)

Confidential, Chicago, IL

Security Engineer

Responsibilities:

• Operational Security responsibility (in a team of 2 managers) for the global multinational customer (Aon Corporation)
• Daily management of antivirus infrastructure (McAfee EPO, HIPS, IDS/IPS)
• First-line responder to security incidents: detection, remediation, updates, processes, and documentation
• Collaborated in a large-scale deployment of the new McAfee infrastructure (EPO, HIPS) and developing processes for it
• Managed a team of IT staff (in Hyderabad, India) for vulnerability scanning and remediation for all the Confidential /Aon server deployments

Confidential, Chicago, IL

Security Analyst

Responsibilities:

• Daily incident handling and remediations
• System and network security assessments (with remediations and follow up)
• Contributions in a large-scale Access Control project
• Designed and implemented a full-disk encryption enterprise project
• Reviewed and tested multiple enterprise security products and provided recommendations
• Collaboration in implementation of SIEM and Password Management solutions

Confidential, Northbrook, IL

Security Consultant

Responsibilities:

• Providing Windows infrastructure consulting and support for Confidential projects and initiatives: Identity Management, Email Validation, Server Hardening, Business Objects, Annual Audits, PKI/Certificates.

Confidential, Chicago, IL

Security & Disaster Recovery Consultant

Responsibilities:

• Main focus: automated network and system security assessments, project security reviews, and vulnerability remediation.
• Process focus: development, documentation, and support of the new processes, procedures, and tools. Improving Information Protection capabilities in the Engineering Computing Services organization.

Confidential

Senior Security Analyst

Responsibilities:

• Various network security projects involving digital certificates, encryption, authentication, Internet banking, e-commerce, firewall technologies, etc.
• Network security management and support of large multi-vendor (HP/IBM/Sun/Tandem) networks. In-depth Confidential testing of network infrastructure.