Hemi G. Email & Phone Number

• Enable end users of our platform(s) and scaffolding to beable to operate more efficiently, consistently, reliably,securely and easily
• Implement infrastructure and application patterns fordevelopment and Continuous Delivery (CI/CD)
• Shift quality and security left in the Software DevelopmentLifecycle (SDLC)
• Improve on existing legacy infrastructure and applications
• Enhance and increase platform capabilities(securityscanning tools, SAST tools, etc) that may or may not existon a customer account
• Assist with architectural guidance and subject matterexpertise in various areas like Development, DevSecOpsand Operations

Sydney, New South Wales, Australia

The Advisory Board Centre was founded to support and improve the effectiveness of the global Advisory Board sector, including the professionals who fulfil an Advisory function and organisations for whom they serve.I take part in the community and provide pro bono advisory.

Sydney, New South Wales, Australia

• I joined Origin Energy as an API security Expert to lead the technical aspects of the 2023 API security project. The project focuses on strengthening API security in response to changes in the threat landscape and.
• Evaluated and selected a pure-play API security tool to implement and integrate with existing systems.
• Defined organisational API Security controls; this list of controls will be used to measure API security.
• Defined project scope goals and deliverables in collaboration with the project sponsor and stakeholders.
• Worked within a multi-disciplinary project team to drive API security enhancements.

Sydney, New South Wales, Australia

• Resolution Life is a global life insurance group that acquires and manages portfolios of in-force policies. I led Resolution Life’s DevSecOps, CI/CD framework, and toolset across the APAC region's entities. With the.
• 25% reduction of time spent on change management of applications aligned to the DevSecOps framework.
• 67% reduction in the number of incidents for a specific critical app that adopted our golden pipeline approach.
• Developed the DevSecOps strategy and framework to guide the organisation and developers on the expected outcomes of DevSecOps adoption efforts.
• Over the course of a year, we migrated a legacy DevOps environment with 200 engineers developing 40 different applications to a modern platform based on cloud-native tools.
• Designed and Implemented an App DevSecOps dashboard that showed different metrics per each of the 40 applications and 10~ different application owners.

Sydney, New South Wales, Australia

• Our team of Digital Security Architects at Woolworths, WooliesX, and CountdownX provided cyber security architecture and advisory guidance for cutting-edge technologies and solutions. The work was fast-paced, and we.
• Removed 33% of the steps needed per engagement, reducing architecture and application security engagement overhead and streamlined the engagement process by removing blocking steps.
• Customer Identity and Access Management planning for various B2C apps.
• I was engaged in a Kubernetes security design project where I was responsible for designing the security requirements and controls for two types of deployments: a shared one and a managed one.

Sydney, Australia

Tel Aviv Area, Israel

• Lightico is a customer-experience SaaS platform for enterprises. Companies use Lightico to streamline their call centre business by adding another collaboration layer between the customer and the agent. In a secure.
• I developed an encryption solution that replaced the first solution Lightico developed for multi-tenancy. My new solution reduced complexity, reduced development and testing efforts, and reduced reliance on third-party.
• Implemented ISO 27001 compliance and achieved certification within six months when the company had already developed a product and had 20 employees.
• Implemented compliance with GDPR, HIPAA, SOC 2 and NIST CSF.

Israel

• Organizing conferences and meetups.
• Managing application security awareness projects.

PicUP is an AI-based visualisation, optimisation and personalisation platform for outbound calls. PicUP’s technology enables call centres to improve customer service and increase sales by adding a personalised digital layer. As CISO, I was responsible for running the security program at the company.

Tel Aviv Area, Israel

• Vata provides specialised managed services, DevSecOps, and application security. The company works with financial, high-tech, and start-up sectors in Israel, the USA, and Europe. I was responsible for designing unique.
• Increasing year-over-year security budget spent with Vata by 50% in all accounts managed by me
• Dramatically increasing developers’ collaboration with security by building trust at a major credit card issuer in Israel.
• Decreased high-risk vulnerabilities in new projects by 60% by proactively engaging with developers in a major banking group in Israel

• Amdocs is a global high-tech company that sells solutions and services to telecommunication companies. I led Amdocs’ global cloud security program, defining the framework to secure all cloud use and determine a.
• Cut services onboarding time by 50% by optimising the security process.
• Lowered cloud security costs by 20% by aggregating duplicate expenditures.
• Public Key Infrastructure (PKI) project architecture review and security policy design.
• Cloud Access Security Broker(CASB) project architecture review and security policy design.
• Define cloud security strategy, policy and procedures.

• I was promoted from an individual contributor role to a manager of two teams at the largest banking group in Israel. As the leader of ten professionals, I was responsible for providing security guidance to most of the.
• Design cyber security solutions based on ISO 27001, ISO 27032, NIST, OWASP and national financial and privacy standards of Israel, Florida, New York State, the United Kingdom and Switzerland.
• Built Security as a Service solution for subsidiary banks and companies.
• Manage 3 Virtual CISOs for subsidiaries.
• Managed the Secure Application Security Program (SSDLC).

Tel Aviv-Yafo, Tel Aviv District, Israel

• For the first two years of my work at the bank as an individual contributor, I was the contact for all the services in the cyber security portfolio. My clients were various software development departments within the.
• Awarded for department excellence in 2011 by the bank CEO.
• Created a revolutionary security knowledge management system to streamline the work of security architects.
• Initiated and led the biggest SSDLC implementation project in Israel for the time (300 developers).
• Succeeded in promoting a significant change in how Peilim (a subsidiary) was receiving ICT services from the bank I was working for the betterment of both parties while reducing yearly costs by 25%.
• I was Appointed Chief Information Security Officer (CISO) for Peilim, a bank subsidiary company managing $1.5 billion in securities and having 75 employees.

• Consulted and managed projects in different organizations in the following areas of expertise: Information Security, Risk Assessment and Business Analysis.
• Defined methodologies and tools for risk management.
• Wrote policies and procedures.
• Lead complex SIEM/SOC projects in different organizations such as: First International Bank of Israel, Clalit Health Services and Ayalon Insurance.
• Wrote technical requirements for SIEM/SOC systems.
• Developed log collection schemes for mainframe systems and assets in demilitarized network zones.

Fraud And Embezzlement Analyst

• Was an active partner in the deployment of the bank’s fraud and embezzlement center (Business SIEM/SOC). In day to day operations I used predefined procedures to handle a variety of events. As the sole member of the.
• Analyzed business risks.
• Defined automated controls in processes such as Internet Banking, Call Center, ATM etc.
• Defined work plans and procedures.
• Working in collaboration with formal authorities and other organizations, investigating fraud and recommending proper means for remediation.