Managed Detection and Response Service managerSecurity Operations Center managerCloud Security and posture management programVulnerability Management program50+ dedicated security FTE under supervision

Leadership and Team Development:Provided strategic direction by overseeing a dedicated team, cultivating their professional growth through structured personnel formation, targeted training, and ongoing team development.Allocated resources thoughtfully to empower the team, facilitating their ability to meet organizational goals efficiently.Crafted individualized development plans for team members, aligning their aspirations with the company's broader objectives.Innovation and Motivation:Infused fresh ideas and innovative approaches into our security practices, inspiring the team to work collaboratively toward achieving business objectives.Demonstrated strong leadership, motivating both direct subordinates and project participants to deliver high-quality results consistently.Fostered effective cross-departmental communication channels, ensuring seamless collaboration between IT, ITSec, and production teams in the pursuit of security excellence.Security Assurance and Compliance:Orchestrated rigorous external and internal penetration tests and security assessments.Guided compliance work imposed by regulatory bodies, with meticulous preparation for audits.Oversaw a comprehensive training program for ~3k employees, enhancing the overall security posture of the organization.Notable Projects:Spearheaded the establishment of the SOC, including defining roles and responsibilities, developing technical solutions, and optimizing operational processes to enhance threat detection and response capabilities.Development of a secure "Green Field" solution for financial applications with a focus on data protection.Implementing 802.11x network authentication control to fortify network security.Deploying the Tennable.SC VM platform.Implementing solutions, such as IBM QRadar SIEM, TheHive SIRP, MISP, Cuckoo, and Cortex, resulted in more effective incident response.Leading the implementation of Zeek and CheckPoint IPS for comprehensive threat detection and prevention.

Threat Modeling:Conducted comprehensive threat modeling to identify potential vulnerabilities and security risks within the organization's IT infrastructure.Utilized threat modeling to proactively develop mitigation strategies and ensure a robust defense against emerging threats.IT Project Risk Analysis:Played a crucial role in assessing the security implications of IT projects, providing insightful risk analysis to inform project decisions.Collaborated closely with project teams to implement security best practices and minimize potential risks.ISMS Enhancement:Actively participated in enhancing the ISMS, ensuring it evolved to address evolving threats and compliance requirements.Contributed ideas and recommendations for process improvements, aligning security practices with industry standards.Security Incident Management:Managed security incidents promptly and efficiently, orchestrating response efforts to mitigate potential damage.Conducted post-incident analysis to identify root causes and implement preventive measures.Compliance Management:Assisted in maintaining regulatory compliance. Collaborated with stakeholders to implement controls and practices that ensured ongoing compliance.Request Approval:Evaluated and approved requests related to information security, ensuring that they adhered to established policies and procedures.Provided guidance to requestors on compliance and security requirements.

Infrastructure Development Strategy:Spearheaded the development of a comprehensive infrastructure strategy for access control and video surveillance systems.Formulated strategic plans to ensure the seamless integration of security solutions within the organization's operations.Budget Planning and Cost Control:Took charge of budget planning, diligently controlling costs associated with system implementation and maintenance.Balanced budgetary constraints with the need for cutting-edge security solutions, optimizing resource allocation.Installation Work Oversight:Assessed and reviewed estimates for installation work, scrutinizing proposals for accuracy and alignment with project goals.Ensured that installation work met high standards of quality and complied with project requirements.Systems Implementation in New Projects:Played a critical role in the proper implementation of security systems within new projects.Collaborated closely with project teams to seamlessly integrate security measures, safeguarding project integrity.Contractor Supervision:Provided rigorous oversight of third-party contractors engaged in security system installation and maintenance.Monitored contractor performance to ensure adherence to timelines, quality standards, and project specifications.Contractual Relationship Management:Cultivated and maintained essential contractual relationships with service providers, ensuring the ongoing maintenance and reliability of security systems across facilities.Negotiated contracts and service agreements to optimize system performance while containing costs.