Lorenc C. Email & Phone Number

Ottawa, ON, CA

Ottawa, Ontario

• Review and update policies and procedures to maintain with regulatory and industry standards
• Ensure compliance of (Microsoft Azure) cloud services and products with client requirements and company security policies
• Conducts periodical and ad-hoc assessments/audits on Information systems to ensure compliance to internal regulatory framework and industry standards (SOC, SOX, ISO27001)
• Provides valuable compliance advice to the business unit management regarding strategies, programs, policies, controls, and procedures.
• Maintain, update and administer BCP/DR documentation and testing
• Performs infrastructure and application vulnerability scans across public and private networks

Tirana, Albania

• Led and participated in requirement gathering and analysis. Ensured information, information security and information technology control programs and work practices complied with company's business strategy, policies.
• Monitored industry trends, IT best practices and industry standards to ensure continuous optimization of IT service delivery. Continuously monitored OWASP for latest security vulnerabilities
• Investigated information risk and vulnerabilities and recommended real action plans
• Ran periodic IT compliance and IT governance assessments
• Supported audit team by performing data manipulation by extracting data running SQL queries on the core banking system database and transforming them into a more user-friendly format; MS Access, MS Excel
• Conducted reviews to assess quality assurance practices, software products and information systems and made recommendations for changes to the core systems

Tirana, Albania

• Technology Advisor/SME to the CEO. Provided Information Technology analysis and research to ALSE management into identifying information systems
• Evaluated business needs vs. vendor offering as well as infrastructure requirements
• Provided guidance and feedback on technology requirements, international standards and best practices on two stock exchange systems from EU and Dubai vendors
• Contributed in development of regulatory framework for Information Security and Technology

Tirana, Albania

• Designed and implemented a secure, robust and capable security environment for the Bank by managing firewalls, antivirus servers, normal and power users access monitoring, log collection and analyzing, proxy servers –.
• Supervised and monitored Identity and Access Management systems of the bank – Microsoft Active Directory and IMB iSeries (AS400)
• Increased user awareness by preparing information security training materials and running training classes
• Worked closely with Infrastructure Team on a daily basis to manage and improve network security, operating system security, Internet/web security, DLP, anti-malware, IDS/IPS, penetration & vulnerability testing, cyber.
• Addressed IT risks and administered the IT risk assessment process of the bank
• Developed architecture documents (like data flow charts, information systems relation diagrams, CMDB). Contributed to the design and implementation of the Disaster Recovery Solution

Tirana, Albania

• Managed operations of Telephony department for the residential, business and interconnection clients
• Established policies concerned with the development, operation and maintenance of telecommunications services and products (existing and proposed new ones)
• Designed and implemented custom made solution based on linux open source software
• Directed a small and dedicated technical staff in order to control telecommunications traffic volume and flow
• Recruited personnel and trained new staffKey Accomplishments:
• Led the team as well as designed, trained and implemented a solution to integrate all information systems of the company (being CRM, ERP, billing platform, service provisioning, etc.), saving the company 150'000 CAD..

• Analyzed user's requirements, and designed and developed system architecture and specifications
• Designed and implemented communication system network architecture
• Implemented Active Directory, Terminal Services, Anti-virus, Servers and Mainframes (Blade servers)
• Implemented country-wide IP telephony system that included billing system, and connection with several public providers (POTS and GSM)
• Provided 3rd level support to end users
• Prepared training materials and trained both police officers and technical staffKey Accomplishments: