TECHNOLOGIES EXPERIENCE
SUMMARY
* Security technologies:
Defense-in-depth concept , Firewalling
, Network Access Control (NAC) and user
provisioning, System hardening, Intrusion
Detection and Prevention, SEIM, Automated
security management , vulnerability and
penetration testing, content filtering
and forensic analysis
* Platforms:
MS: DOS, NT3.51/4.0/2000/2003, XP; Unix:
HP-UX 11, Solaris 8/9, SCO, BSD; Linux:
RH, CentOS
* Network
Protocols: TCP/IP,
UDP, ICMP, SNMP, FTP, TFTP, SFTP, FTPS,
HTTP, HTTPS, SSL, TELNET, SSH, LDAP IPX/SPX,
NetBEUI, SMTP, POP3, IMAP, DNS, DHCP,
WINS, RIP, IGRP, EIGRP, OSPF, ISIS, BGP
* Network
technologies:
Routing, Firewalling, LAN, WAN,VNS, VPN,
VLAN, NAT, PAT, QoS, Wireless
* Encryption
and authentication:
IPSec, L2TP, PAP, CHAP, WEP, WPA2, EAP,
TKIP, DES/3DES, AES, SHA, MD-5, PKI, RSA,
PGP, 802.11i, 802.1x, EAP, PEAP
* Databases
and Servers:
SQL, Oracle, Cisco ACS, MS IAS, RADIUS,
TACACS+ , RSA, VMware ESX, WSUS, SMS,
MOM, WEB, Exchange, Veritas, Websense,
Citrix, FTP, TFTP
* TOOLS: Nessus,
Qualys, MBSA, GFI LANguard, CA SPECTRUM,
NETWORK INSTRUMENTS -OBSERVER, MangeEngine,
MRTG, PRTG, Nagios, Snoopy, Nsauditor,
Solarwinds , Encase, Hyena, DameWare,
Knoppix, Kismet, Iperf, Cybercop, Metasploit,
IISXploit, WebInspect, SuperScan, N-Stalker
Web Application Security, L0pht, Brutus,
Nmap, Netcat, Ethereal, Retina, Iris,
Cain, Ciscoworks, Snort, Triwire HIDS,
McAffee, Norton, Kaspersky, Acronis, Communications
software, Access, Microsoft Office
* Appliances:
CISCO: Pix 401/515/525, ASA 5505/5520/5540,
IDS/IPS 42035/ Netranger, MARS V6, Routers
7200/2800/2600 Switches 6500/3400/2950,
VPN 3000, Enterasys: C3/B3/N7Matrix, IDS
Dragon 7 DSCC, Netsight Console, 4110
Wireless Gateways, HiPath APs, HiGuard
Wireless IDS/IPS, NAC Gateways, SIEM,
Iron Port, F5 BiG IP, CITRIX NetScaler,
Gigastore, SUN,DELL Blades
PROFESSIONAL MEMBERSHIP
* (ISC)2
- International Information Systems Security
Certification Consortium
*
ISACA
- Information Systems Audit and Control
Association
*
BCI
- The Business Continuity Institute
*
Sarbanes
Oxley Compliance Professionals Association
" PCI DSS FORUM
EDUCATION
*
1999-2001 St.
Petersburg State University,
B.Sc. System Engineer for the specialty
"Computing Machinery and Computer-Aided
System Software Development"
*1999-
2001 Saint-Petersburg
State University
Diploma in "Personal computer and
local networks"
*
1984-1989 Yeisk
Air Force Military School
B.Sc. Diploma in Electronics, Pilot-Engineer
CERTIFICATIONS
* CISM
(Certified Information Security Manager)
* CISSP
(Certified Information Systems Security
Professional)
* ISSAP
(Information Systems Security Architecture
Professional)
* CISA
(Certified Information Systems Auditor)
* CCSP
(Cisco Certified Security Professional)
* CCNP
(Cisco Certified Networking Professional)
* CCNA
(Cisco Certified Network Associate)
* CCSE
(CheckPoint Security Expert NGX)
* MCSE:Security
(Microsoft Certified System Engineer)
* CompTIA
Security +
*
AMBCI
(Associate Member of the Business Continuity
Institute)
* CNSS 4011
INFOSEC Certification
by NSA (National Security Agency) / CNSS
(Committee on National Security Systems)
" CISSP-ISSAP (in process)
CAREER HISTORY
November 2008 -
present
Sr., IT
Infrastructure Security Architect / Toronto
Star & Metroland Media Group
Lead all aspects of Security Architecture
design and implementation for the computer
systems, servers, networks and data as
an integral part of the service delivery
mandate of the IT Group. Play a key role
in this mandate by developing and implementing
Information Security Program framework,
Threat Risk Assessments, Vulnerability
scans, Penetration tests and IT audits.
*
Conducted sophisticated security reviews
and TRAs of core infrastructure and analyzed
current state of information security
including high-level assessments and to
very tightly focused examinations of specific
security concerns
*
Identified and recommended improvements
to enterprise security infrastructure
*
Lead network security activities related
to regulatory compliance remediation (PCI-DSS,
SOX, etc.)
*
Lead network security standards, policies
and procedures development and review
including Firewall/Router/IDS, Web Filtering,
Data Loss Prevention (DLP) and Network
Audit and Validation
*
Defined system level architecture and
detailed design for defense-in-depth solutions
for the corporate wide network and telecommunication
systems
*
Provided research, evaluation, and recommendation
for security solutions
*
Act as a technical and knowledge interface
for information security for new project
initiatives including working with project
managers, peers and business unit management
to ensure that information security is
not compromised throughout the change
management process
*
Lead Infrastructure integration activities
related to security department consolidation
between The Torstar, Metroland Media and
more than 100 business partners and stakeholders
*
Conducted audit adherence to security
processes and requirements
*
Responsible for monitoring all security
systems and processes for efficiency
*
Proactively managed client expectations
across all business functions
*
Monitored intrusion detection and prevention
systems, scans and attacks, analysed and
resolved security breaches and vulnerability
issues
*
Collaborated with other IT members to
identify opportunities for delivering
effective business solutions
*
Proactively worked to improve methods,
tools and techniques to establish best
practices, process efficiencies and to
surpass service level agreement measurements
*
Active member of the CERT (Computer Security
Incident Response Team), assist in special
investigations related to computer security
incidents
* Trained
and mentored team members
Projects:
* Information Security Program
(architecture) development and implementation
(policies, standards, procedures )
* IT Security
risk management for the Torstar IT Infrastructure
(TRA, BIA, PIA, security reviews)
* Network
Edge Security design and implementation
2 datacenters (ASA firewalls)
* Enterprise
wireless networks security requirements
definition, conceptual, detailed design
and implementation
* Enterprise
Network Access Control, SIEM, Automated
Security Management
* PCI compliance
project (gap analysis and remediation
action plan)
Environment:
, Windows 2000-2003, XP HP-UX 11, Solaris,
Linux RH, VPN300, VLANs, WAN, Cisco Works,
Cisco ACS, RADIUS, Cisco PIX 515/ASA5520/5540,
MARS, IDS4235, Enterasys C3/B3/N7/ Dragon,
RSA tokens, Active Directory, Exchange
2000, Web Mail, Blackberry Server, Sun
Gigastore, Arcserve, Veritas, QualysGuard
, McAfee Anti Virus EPO, Citrix, Bright
Mail Anti Spam, Mail Relay, IronPort,
SNADS Gateway, F5 Big IP, CITRIX NetScalers
April,
2008 - November 2008 (contract)
IT Security Consultant /Toronto Transit
Commission (TTC)
Provided assistance to Project Management
Group with security issues directly related
to requirements and deliverables of TTC
projects and recommend remedial actions
for risk reduction to acceptable level.
* Provided
consulting on strategic and technical
information technology issues
* Involved
in development, implementation, operations
and maintenance of a Security Program
and Security Architectures. Conducted
security policy gap analysis, revised
existed and created new IT security policies
and standards within defined framework
in accordance with ISO17799 and NIST 800
series documents.
* Research
security threat trends and present recommendations
to senior management
* Performed
Threat Risk Assessments TRA (adopted RCMP
and ISO/ IEC 27001), Privacy Impact Analysis,
Penetration Tests and Security Audit for
numbers of projects.
* Provided
Technical Assistance and Security Solutions
consulting including assessment of Project
Orders, RFP's, Business Case's and Service
Level Agreements.
* Maintained
management reporting system environment.
Projects:
* (CSDN) Customer Service Disruption
Notification service: Performed security
testing to ensure systems will contain
necessary security controls required to
protect information assets and resources
from unauthorized access.
* (NTAS)
Next Train Arrival System: Involved in
Threat/Risk Assessment, recommend remedial
actions for risk reduction.
* (NBAS)
Next Bus Arrival System (NBAS): Performed
security assessments of detailed design
requirements, RFP, Implementation and
Test Plans on the infrastructure and system
components during pre-production and production
stages.
February,
2004 to April 2008
IT Security Expert / Bendix Foreign Exchange
Responsible for the corporate IT
Security design and implementation, operations,
including networking, security, server
platforms, desktops, laptops, remote access,
storage, disaster recovery, and business
continuity
* Responsible
for the development and implementation
of corporate wide IT Governance and implementing
operational strategies, policies, standards
to meet business strategic goals using
ISO 17799 and CobiT frameworks
* Defined
architecture and design security controls
and solutions based on defense-in-depth
methodology to satisfy system requirements
and support business needs and objectives
(incl. technology, people, operational
procedures, and data; software and hardware
components)
* Conducted
threat risk assessments and defined security
controls to support business needs and
objectives
* Conducted
Business Impact Analysis on a regular
basis, evaluated risks to operational
facilities
* Defined
overall tactics and strategy for corporate
information security program for short,
mid, and long term
* Implemented
Role Based Access Control (RBAC) through
authentication, authorization and accounting
process to preserve and protect the confidentiality,
integrity, and availability of information,
systems, and resources.
* Acted
as a subject matter expert for solution
delivery in the areas of Firewalls, IDS,
VPN, and Authentication.
* Implemented
Disaster Recovery plans to protect IT
Assets against future and operational
interruptions.
* Supervised
the process of new application development
and implementation from the security perspective.
* Conducted
regular vulnerability assessment to ensure
appropriate protection has been utilized
for the systems.
* Participated
in the incident response team in a hands-on,
technical role.
* Network
traffic monitoring and analysis for suspicious
activities.
* Corporate
Antivirus and antispam protection, backup
control.
* Provided
guidance and administration for the Patch
Management program.
* Worked
with the different Business groups to
ensure technical requirements are met.
* Provided
training for the company's Management
and Users.
* Established
working relationships with vendor partners.
Projects:
* Analysis
of system, subsystem and elements requirements
* Secure
design and locked-down implementation
for servers, desktops and laptops
Enhanced corporate network security by
performing various security audits
* Introduced
and implemented new security architecture
model
September,
2001 to December 2003
Manager / EUROVENT
Ascertained business requirements of the
entire organization and creating a strategy
to implement a technology infrastructure
to meet these needs. Responsibilities
include the overall management of all
information services, data processing,
client support and security functions.
* Lead newly
formed information security division within
this business unit, assisted in development
and implementation of the information
security management system, with particular
emphasis on developing, implementing and
effectively managing the information security
risk management function.
* Performed
requirements analysis and architecture
design.
* Vulnerability
assessment and security evaluations within
the network and server infrastructure
as well as working to build up new security
products and improving flaws in current
systems.
* Implemented
Access Control Matrix based on principle
need-to-know.
* Delivered
IT strategic plans, systems development
and network infrastructure solutions.
* Reviewed
general support system and major application
controls to determine gaps and identify
technical, operational, and procedural
refinements.
* Regular
security checks, risk and vulnerability
assessment.
* Implemented
SSH, VPN solution to ensure data confidentiality
and integrity. Implemented Cisco Firewall
and router package filtering technology.
* Direct
supervision, technical coaching and monitoring
of two System Administrators and Data
Manager. Built and maintained professional
relationships with clients and vendors.
September
1999 to August, 2001
System Engineer / North-West Timber Company
Design implementation and maintenance
of IT infrastructure (over 5000 employees)
Provided leadership for various security-related
projects and training to end users
1996
- 1999
System Engineer / LENIMS
Responsible for design, implementation,
and management of complex network infrastructure
and servers in the production, development
and hosted application environments.
1985 - 1993 Air Force
/ Pilot - Engineer
COURSES AND TRAINING
ATTENDANCE
* Skybox Security:"
Protect the Critical Infrastructure using
Firewall Compliance & Network Analysis"
Dec 08, '2009
*
Enterasys:"Network
Access Control Architecture and Design"
Nov 23-25,
2009
* (ISC)2:
"Proving Ground - The Many Flavors
of Authentication" Novr 19, '09
*
ISACA:
"Harmonizing Security and Compliance
", June 23, '09
* VISA:"PCI-DSS
Training Seminar" June
15-17, '09
* PGP:"
Closing the BarnDoor - Keeping Your Data
From Hopping Fences" 2009
* Qualys:
"Web Application Security: Intelligent
Choices", May 22, '09
*
Symantec:"Working
Intelligently and Protecting Your Windows
Infrastructure"
* Tripwire:
"IT Audit: Challenges and Opportunities",
April 28, '09
* Symantec:"Working
Intelligently and Protecting Your Windows
Infrastructurel
* Open Group:IT
Risk Management, Open Group Risk Taxonomy
Standard"
* ORACLE-ISACA:Optimizing
Your Enterprise Governance Risk and Compliance
* CA- IBM-(ISC)2:
"Automation and Compliance - A Partnership
for Success"
* HP-(ISC)2:
" Application Security. PCI DSS requirements"
- Dec 09, '08
* IBM:
"Building a successful security strategy"
Sept 17, '08
* VeriSign:
Bad Guys and
what you can do to protect yourself from
them
* (ISC)2:
"Logging and Reporting: A Foundation
for Your Security Infrastructure"
*
IDC:
"Configuration and Change Management
for IT Compliance"
* Tripwire:
"Practical Steps to Improving Your
Compliance Process", June 03, '08
* CISCO:
"Cisco
Takes the Mobility Network to the Next
Level", May 28 '08
* Websense:
"Protect Against Data Loss from Web
or Email", May 22 '08
* PGP: "Data
Breaches and their Impact". May 20
'08 May
* CISCO:
"Five Crucial Steps to Deploying
a Secure Guest Network" May 13 '08
* Websense:
"The Webification of the Desktop"
Apr 29, '08
* (ISC)2:
"Vulnerability Management / Patches"
Apr 22 '08
* McAfee:
"McAfee 2008 Security Road Show"
Apr 16 '08
* Prism
Microsystems:
Using Behavior-based Correlation to Detect
Threats
* InfoSecurity:
"IP business communications security
under the microscope"
* CISCO:
- "Designing Wireless Networks and
Mobility Services in Branch Locations"
* ISSA:
- "PCI
DSS -Your Stepping Stone to a Trusted
Security Model " Mar 28, 08
*
(ISC)2
- "Web Access Management" 18
Mar '08
* CISCO
- "Network
Admission Control Design." Mar 6
'08
* University
of Bern: Open
Source Security Testing Methodology Manual
(OSSTMM)
* (ISC)2:
"Securing
from the Start: Examining Application
Security" Feb 19 '08
* IDC:
'How to Stay Out of the Headlines with
PCI Compliance' Jan 31 '08
* (ISC)2:
- "You're E-mail Inbox Gateway to
Danger?" Jan 22 '08
* CISCO:
- "Essentials of Successful VoIP
Migration". Dec 6 '07.
* ISA and
McAfee:"Security
Risk Management Series - Data Loss Prevention
(DLP)"
* CISCO:"Security
Threat Landscape Session with Patrick
Gray". Oct 18 '07
* Websense:
The new standard
in Internet security" - July 2 '07
* Microsoft:
Energize IT June 16 '07
* Double-"Take:
Protecting Microsoft Exchange and Centralized
Backup "- 2006
* Network
General: "
Canadian User Forum" - Oct 18 '06
" "Live Web Application Hacking"
Workshop -Sept 21 '06
" "Active Directory Design and
Implementation" - April 10 '05
" "Effective Patch Management",
Feb 17 '04
" "Microsoft Security Week",
December 1-5, '03
" "Network Analysis, Monitoring
and Troubleshooting", January 17
'02
I
view the corporation itself as the information
system. It is within this overall system
that information subsystems reside, one
of which of course is the computer network.
This network, coupled with the myriad
of information subsystems. Effective protection
of this system begins at the front gate
and never ends. With this concept of the
information system, I am able to provide
clients with a greater understanding of
information security, and thus help distinguish
their actual security needs from their
perceived technology and security needs.