Advisory Board

Преподаватель на курсах : DevSecOps IT Risk Management

 Led 15 direct and 30 indirect IT and cybersecurity professionals in the bank's technology and cybersecurity function.  Defined, implemented, and maintained the Cybersecurity Risk Management Framework, Cybersecurity policies, and standards through understanding control requirements and industry standards.  Overseed the Cybersecurity program governance processes, including Cybersecurity risk reporting and Governance Council and board updates.  Liaised with Internal Audit and Corporate Compliance to remediate new and outstanding issues; tracked security-related issues.  Developed SDLC process to ensure all development projects met functional and business requirements, had proper security controls, and were implemented by best practices.  Established budgets, strategic road maps, internal standards, design principles, models, plans, and processes based on industry best practices, such as governing principles for infrastructure services design and deployment by COBIT, ITIL, and TOGAF methodologies.  Defined strategic action plans to guarantee that service level agreements (SLA) and helpdesk support-related key performance indicators (KPIs) are achieved.  Defined and drove all technology vendor-partner evaluation, engagement, management processes, and technology vendor-partner outreach, communication, and governance.  Standardized infrastructure services and systems to decrease numerous variances and improve security and operational activities.  Promoted automated strategy to improve process efficiency, speed, accuracy, errors, and reduction.  Established a threat-intelligence-driven internal vulnerability management program, which increased compliance with regulatory requirements, improved IT assets, and decreased cybersecurity and operational incidents. Most Recent Accomplishments:  Developed a comprehensive Information Security Program to address multiple regulatory issues on previously existing programs. (All issues were closed)  Developed a comprehensive Business Continuity Plan in alignment with FFIEC Guidelines and Coordinated all Disaster Recovery and BCP exercises.  Designed the security architecture aligned with the security program and with zero trust and defended in-depth concepts by leveraging different systems/services to mitigate cyber risks.  Established enterprise Information Security Awareness Training Program.  Successfully developed and executed a roadmap for transforming traditional IT services to hybrid and public cloud with IaaS (Azure) and SaaS (Office 365). The complete transformation was completed in two years, achieving 40 percent of the IT operational cost reduction.  Transitioned from traditional IT services/systems to Azure IAAS services, such as Azure Active Directory, Microsoft/Linux Virtual Servers; MS VDI, VNET, Blob/File Storage, Monitoring, Insights, Backup, Site Replication, automation, etc.  Redesigned the Security Program Document, Policies, and Procedures documents to align the new target architecture– MS Azure IAAS and Office 365 SAAS and compliance with FFIEC, NY DFS PART 500 guidelines and aligned with ISO, COBIT, and the zero.

Served as part of a senior team providing tactical and strategic leadership to technical teams delivering service to more than 3,000 users across diverse geographical locations Developed and maintained strategic plans, formulated and implemented recommendations that aligned IT objectives with business objectives, created business cases to support IT driven initiatives, established and negotiated strategic partner relationships, and managed direct and indirect reports located around the world Interfaced with the Internal Compliance Team in ensuring security framework supported the ISO 27000 framework and aligned with COBIT and corporate counsel in describing data governance requirements and risks. Drafted request for proposals for migration services, while completing architecture for subscription design, operational support models, administration using roles-based access controls, chargeback approach, and resource tagging and reporting Selected Accomplishments: Directed complex initiatives to support the successful global delivery of technology services, which involved creating and executing strategic plans and recommendations that aligned IT goals with business objectives Supervised various projects to establish a Cloud adoption approach, with focus on multitenancy across various Cloud models and platform Implemented an enterprise architecture and information security practice based on TOGAF and SANS 20 critical security controls, which resulted in significant decrease in operational and cybersecurity incidents Expertly handled negotiations for a contract that consolidated seven service providers into a single provider to deliver network services, which brought forth significant savings in costs and streamlined procurement and vendor management processes Optimized infrastructure cost by 48% upon transitioning servers from three Data Centers to cloud infrastructure (AWS and Azure). Develop strategies for secure cloud-based services.

Performed a wide range of senior management functions, including department budget planning, enterprise security architecture design, and enterprise security policy implementation Managed staffing requirements, which included recruiting, hiring, guiding, motivating, and leading top-performing teams Led the design and deployment of critical business infrastructure, including oversight of local outsourced datacenter operations encompassing over 150 servers and 200 TB of storage Conducted feasibility studies with technical personnel on new or upgraded systems, and managed prioritizations, submissions, and implementation of requests for service to the department Served as key liaison on network engineering, system security, and datacenter operations tasks Provided leadership to the entire life cycle of projects to guarantee within-budget and on-time completion based on contract requirements Authored security documents to be used as standards, guidelines, policies, and procedures for the deployment of access control in applications, databases, and operating systems Selected Accomplishments: Led the implementation of converged VoIP solutions, which involved migrating from analog phone systems to a converged solution that utilized Cisco VoIP integrated with Microsoft Lync, Exchange, and SharePoint; achieved 30% decrease in recurring cost and 50% increase in interdepartmental interaction following the implementation of the redundant system Directed all aspects of a planned transition of all datacenter systems and networks to a data pipe facility while achieving zero downtime Deployed a strategic plan that brought forth 25% increase in customer satisfaction Rendered problem analysis and support to technical areas, which drove productivity and technology integration into operations Worked with all application and business partners on upgrades and deployments, and redesigned approach to achieve smooth delivery and minimal disruption to business operations Collaborated with application owners and project managers to create scalable, maintainable, and highly available storage architectures aligned with business goals and relevant SLAs Created customized security solutions within Active Directory for the implementation of separation of duties, delegation of roles, and concept of least privilege based on Microsoft Security best practice

 Directed a multinational team of system engineers in handling the maintenance and architecture of business-critical infrastructures, which entailed analyzing, designing, implementing, and supporting core infrastructures encompassing more than 250 servers and 300 TB of storage  Established long-term vision, strategy, and roadmaps for hosted storage services across the organization  Provided leadership to internal teams in developing a global security policy and incident management process, which included engaging with business stakeholders to support the adoption of the policy  Led annual vulnerability assessment and penetration tests, and offered strategic insights on new technology threats and strategies for mitigation  Managed and monitored security vulnerabilities and network and host system intrusion threats, as well as performance and system health for all IT services Selected Accomplishments:  Spearheaded the creation of a SunGard based fully functional host backup site, which served as a failover data center to support business continuity process  Developed server build procedures and system build standards to align with server functions  Deployed an automated solution for compliance policy management, Tripwire, to identify unauthorized changes on critical business systems  Built and supervised the Security and Virus Response teams to efficiently address potential enterprise-wide threats  Oversaw the migration of 152 servers to a virtualized platform, which decreased datacenter footprint by 75%; heating, ventilation, and air conditioning (HVAC) cost by 45%; and total cost of ownership (TCO) by $10K annually

• System administration duties in supported environment – Windows NT and 2000 domain structure, Windows 2000 Advanced Server cluster, Active Directory, Linux, Novell 4.11, Sun Solaris 6, 7, 8, 9, EMC Clariion, PostOffice, Trend Viruswall, Norton NAVC, RSA, Checkpoint, Linux Squid and MS ISA Proxy servers, Nortel VPN, Cisco 2600s and OpenRoute routers, Netbay switches, Cisco PIX, Alteon • Special projects – implementation of Windows 2000 domain infrastructure; SAN implementation – EMC Clariion; implementation of Active Directory with Windows 2000 Advanced Server cluster; VPN setup utilizing Cisco PIX, implementation of Veritas BackupExec 9.0 disaster recovery strategy • Accomplishments – 30 minutes downtime over the course of 2 years for all servers; zero virus penetration of corporate network and servers during corporate tenure; SAN implementation project completed 10 days ahead of schedule; overall, 99.9999% server and network availability

• Trading floor support duties in supported environment – Sun Solaris workstations, Windows NT servers and workstations, MS Exchange and MS Mail • Accomplishments – promoted from level 1 to level 2 trading floor support within 6 months