- As an experienced Information Security Manager, my strong knowledge and practical experience help tie risks to business activity and align information security processes with goals and objectives of the company’s strategy.
- Sales activity and consulting service have contributed to the development of communicational skills at all management levels.
- Position as a Consulting Director has improved my management skills and awareness of key processes that shape any business.
- Strong technical background allows me to understand threat models and successfully manage them.
- An energetic visionary strategist qualified by a 10 - year record of ground-up success in information security.
- A continuous learner with a passion for innovation in security management to drive bottom-line business contributions (optimize security investments, avoid losses from security incidents, improve customer retention, enhance business decision-making and reduce corporate liability).
- Information Risk Management
- IS Audit & Compliance Management
- ISO 270xx, SOX, CobIT, PCI DSS, HIPAA, NIST, PCI DSS
- Security Tools, Processes & Policies
- Security Incident Response Programs
- IS Governance & Best Practices
- Global Project Lifecycle Management
- Information Privacy & Online Safety
- Contingency Plans & Business Resumption
- Business Continuity Planning
- I have relocated to support business growth and building partnership among new services and suppliers.
- As Project Manager my key role is to drive and support delivery of projects aligning it with the overall business objectives and corporate strategy, working across all business areas and in cooperation with all operations and functions.
- This role requires me a relentless and innovative pursuit in implementing best in class service solutions for information security.
- Managing all offered service and projects;
- Managing pre-sale activity;
- Managing Information Security Department - audit and consulting projects.
Head of Audit and Consulting Services
- As the Head of Audit and Consulting Services, my primary responsibility was to manage the team of consultants and auditors while performing projects.
- These duties consisted in distribution of resources within the project, team advising on the implementation of project objectives, quality control tasks and interaction with clients on key issues.
- I conducted training for the team implementing ISMS processes, audits, techniques and methodologies.
- The projects I took part in are ISO 27001, PCI DSS, ITIL/Cobit, BS 25999, Personal Data, National payment system
- As a Project Manager, I led a group of consultants and planned the work to develop practical solutions for clients with a strong focus on further implementation of the results.
- On this position, I performed all activities regarding coordination of project workflow from the beginning to the end stage.
- As a Business Development Leader, my responsibility was to implement strategies to achieve goals, acting as advisor to and maintaining ongoing relationships with client’s executives, participate in contracting a period of preparation and in pre-sales meetings.
- Development of regulatory documentation for Russian regulators;
- Successfully completed 30+ projects on audit and consulting;
- Involvement of key strategic customers;
- Building of a competent and responsible team;
- Development of interaction between departments.
Chief Information Security Officer
- My duty was to report to the Deputy Chairman of the Board with responsibility for developing and implementing ISMS according to ISO 27001 from early stages.
- All processes related to ISO 270xx were developed (IRP\BCP\CM).
- Under my leadership Information Security Department was set up and put under control of top management. PCI DSS requirements were implemented until compliance.
- Developed Information security processes from scratch;
- Established information security governance (Management’s commitment and support, due diligence).
- Developed and successfully implemented Information Security Management System according to ISO 27001.
- Implemented Risk-based approach to project implementation;
- Ensuring ISO 27001 and regulatory compliance.
- Implementing PCI DSS from beginning to compliance.
Senior Specialist (Security administration)
- Implemented information security systems from start to end (IDS\IPS\AV\Content filtering\DLP).
- Introduction of risk assessment into business processes of the bank.
- Management’s awareness of information security.
Senior Specialist (e-banking)
- Implemented the first in Belarus e-banking system.
- Multi-domain administration\configuration (throughout Belarus).
- Implemented Lotus Notes (Electronic document, Sametime, SecuredMail).