OBJECTIVE:

To implement the appropriate measurements in order to eliminate or minimize the impact that various security related threats and vulnerabilities might have and ultimately enable the business to perform itsfunction in a manner that is of an acceptable risk level.

SUMMARY:

• Ability to convincingly communicate and architect solutions that align with business objectives and appropriately consider people - process-technology issues.
• Ability to design solution architecture based on patterns and recognized design methods
• Ability to lead delivery teams on complex implementation projects
• Proven understanding of datacentre and security solutions and their relevance to the customer’s business challenges.
• Team player with the ability to work with a multi-national team, and a focus on target achievement.
• Strong analytical and problem solving skills.
• Ability to work in complex business environments.
• Maintains an in-depth knowledge of specific technical specialisms, and provides expert advice regarding their application.
• Can supervise specialist technical consultancy. The specialism can be any aspect of information or communication technology, technique, method, and product or application area.

• Providing strategic security direction to all Business Units & Business-driven projects within the Organization.
• Forming effective relationships with business units and other Shared Services functions (in particular IT) to enable the meaningful progression of Business-driven project attributes and to be able to effectively manage IT Risks and their effective mitigation.
• Building and maintaining effective relationships with key stakeholders and influencers within business units. Through effective relationship management, ensure that Information Risk management is seen as a valuable activity that is enabling business growth.
• Deep knowledge of best practices in the areas of IT Security Governance (ISO 2700X); Security Controls Implementation; Breach Response; Secure Software Development, Risk Management; Security Architecture; Remediation of Security Vulnerabilities; Identity & Access Management; eCrimes Management & Data Loss Prevention.
• Expertise in protecting information technology assets, application security, and the security of users on divergent technology platforms.
• Manage the enterprise's information security organization, consisting of direct reports and indirect reports. This includes hiring, training, staff development, performance reviews, and budgets.
• Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
• Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
• Develop, maintain and publish up-to-date information security policies, standards, guidelines and reference architectures.
• Providing on-going assurance as required that an appropriate Information Security framework is in place and is effective.

PERSONAL ATTRIBUTES

• Assertive
• Confident
• Trustworthy
• Efficient
• Enthusiastic
• Able to prioritize workload in a demanding team environment
• Hard Worker
• Team-player
• Professional
• Creative
• Detail Orientated
• Able to remain calm under pressure
• Self-motivated
• Flexible
• Quick Learner

SKILLS:

Netwitness (Fraud & Forensics)

Websense (Proxy & DLP)

BlueCoat (Proxy)

F5 (Application Delivery Firewall, BYOD, Remote Access, GTM & LTM)

Mobile Iron (MDM)

Total Network Inventory

TrackIT

Symantec Backup Exec 10.0d/11.0d

Fireeye IPS

Netgear VPN/Firewalls

Office 365 EMS

SABSA architect

Checkpoint VSX firewalls

Juniper UTM’s

TippingPoint (IntrusionPrevention/Detection Systems)

Wifi Toolkit

Voltage (Identity Based Encryption)

McAfee (A/V & HIPS)

McAfee Nitro SIEM

IBM QRadar SIEM

Oracle 10,11

MailMarshal and WebMarshal

Firewall Analyzer

CISCO VPN/Firewalls

ARIS architect

Backtrack 5

Checkpoint UTM’s

Metasploit Pro

Coverity Security Advisor

Cisco IronPort

Palo Alto (WAF) Firewalls

DarkTrace

Arbour DDOS

IBM Trusteer PPMD & PPCD

BES/GOOD (MDM)

MS Intune (MDM)

EXPERIENCE:

Confidential

Lead Security Architect & Information Security Consultant

Responsibilities:

• Lead Security Architect for Architecting in AWS - Security Garden setup, Security Zones, Key Management, Cloudfront WAF and DDoS, Security Group Tags etc.
• Complete Security Supplier On-boarding assessments for Bank Third Parties
• Manage, motivate and develop a team of multi discipline subject matter experts.
• Lead the team to develop and deploy IT security infrastructure solutions and related technologies to improve service performance, availability and achieve the IT strategy.
• Security Lead for PCI in bank, achieved PCI certification Q2 2019
• Creation and implementation of Cyber Security strategic objectives
• Maintain effective relationships with key technology partners. Leverage these relationships to drive best practice and compliance.
• Created Cyber Security Reference Model and ensured alignment into ISMS Framework and Enterprise Architecture to further ensure traceability including to the IT Strategy
• Completed Information Security Gap Analysis based on ISMS Framework to measure maturity and included next steps with priorities to improve maturity with relevant Information Security Journey roadmap.
• Evaluates and undertakes impact analysis on major design options and assesses and manages associated risks.
• To help the client establish internal capacity or support and direction with a managed service approach to carry out various activities of information protection and assurance.
• Security Gap Analysis - Assessing, Maintaining and reviewing security controls/ compliance with key regulatory requirements including ISO 27001/2, PCI-DSS, Organization Policies and standards
• Conducting design reviews of new systems proposals throughout the project lifecycle
• Ensuring suitable disaster recovery/business continuity procedures or agreements are in place
• Produces detailed component specifications and translates these into detailed designs for implementation using selected products.
• Selects appropriate design standards, methods and tools, consistent with agreed enterprise and solution architectures and ensures they are applied effectively.
• Set standard enterprise security architecture deployments for Cloud WAF & DDoS, APN Network, SIEM (Splunk), AWS Cloudwatch, AWS CloudFront Cloud Conformity, Cisco Stealthwatch for AWS, NAC, EDR, IDS/IPS’s, DLP, Password Vault and PAM.
• Liaise with International teams to implement Cyber security objectives and solutions

Confidential

Lead Security Architect

Responsibilities:

• Set standard enterprise security architecture deployments for;
• Secure Web services, Identity and Authentication Governance & Enterprise Data Security
• Security Gap Analysis - Assessing, Maintaining and reviewing security controls/ compliance with key regulatory requirements including remediation and raodmaps for improving Cyber posture
• Created Cyber Security Reference Model and ensured alignment into ISMS Framework and GWEA Enterprise Architecture to further ensure traceability including to the IT Strategy
• Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and security risk assessments; studying architecture/platform; identifying integration issues and recommend corrective action for identified security weaknesses or incidents
• Ensures that the system design balances functional, service quality and systems management requirements.
• Create security standards for IT security based on Security gap analysis findings, whilst ensuring alignment with relevant Information Security Policies and Business Strategy.

Confidential

Lead Security Architect

Responsibilities:

• Information Security requirements reviews and input to Business cases and project documentation to ensure alignment and implementation of Confidential security policies and standards.
• Produces detailed component specifications and translates these into detailed designs for implementation using selected products.
• Selects appropriate design standards, methods and tools, consistent with agreed enterprise and solution architectures and ensures they are applied effectively.
• Reviews others' systems designs to ensure selection of appropriate technology, efficient use of resources, and integration of multiple systems and technology.
• Evaluates and undertakes impact analysis on major design options and assesses and manages associated risks.
• Ensures that the system design balances functional, service quality and systems management requirements.
• Obtains and acts on vulnerability information and conducts security risk assessments for business applications and computer installations; provides authoritative advice and guidance on security strategies to manage the identified risk.
• Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and security risk assessments; studying architecture/platform; identifying integration issues and recommend corrective action for identified security weaknesses or incidents
• Produce documented frameworks, or architectures, that describe and are used to manage the implementation of a security Infrastructure. Architect/design security solutions by possessing knowledge and experience in Enterprise Architecture methodologies (SABSA, TOGAF, Bredemeyer, Zachman, SABSA, ISO 17799/27001 , SOX, PCI DSS etc...)
• Input all security architecture components and applications on Architecture governance tool (Alfabet) for tracking and align roadmaps, affected architectures, impacted technologies and impacted business processes.
• Present new security solution architectures at Architecture executive forums for positioning of security solutions and approvals for enterprise wide deployments.
• Develop technology security solutions according to an IS Architecture framework that supports requests for both enterprise-wide or point solutions.
• Interact and work closely with the business and technical staff and often alongside staff from other suppliers
• Analyze emerging technology trends, security strategies & architectures and assess the impact on the business and IT environment and in corporate appropriate mitigation controls into the Group IS Architecture Frameworks
• Coordinate shared service offerings from Information Security Architecture to its customer base
• Provide leadership to the wider architecture and technical community within Confidential and maintain constructive relationships with suppliers to allow effective and productive evaluation of vendor offerings against business requirements, constraints and priorities.
• Investigate, analyze, evaluate and report on new security technologies and risks.
• Develop security technology roadmaps.
• Drive changes to the enterprise architecture to reduce risk, enable flexibility and stability, plus reduce complexity.
• Information Security Architecture Lead Designer and input into Security projects and ICT projects (Trusteer PinPoint Malware & Criminal Detection using F5 iRules for Injection, Database Activity Monitoring, Office 365/Azure AD Security Architecture including F5 external GTM design and Internal F5 LTM design, Network Fabric Interconnect & Data Centre Firewall implementation, Software Defined network security, Cloud Security Certificate Provider & Cloud Security Architecture)

Confidential

Enterprise Architect

Responsibilities:

• Ensuring architecture alignment to the GWEA framework specification
• Enterprise Architecture QA analysis and planning for Consistency of multiple views/ Mapping of components from one view to the other/ Multiple levels of abstraction (master-detail or hierarchical view of components)/ Consistent boxology of Diagrams/ Textual description reviews per work package.
• Architecture review and retrofitting of Enterprise application systems comprised of hardware agents, protocols, knowledge bases and software application programs.
• Architecture review and retrofitting of Business process architecture activities or tasks composing major business processes identified by the business process owners.
• Architecture review and retrofitting of Data or information architecture, including shared data definitions.
• Architecture review and retrofitting of Applications architecture for Individual applications and their interfaces.
• Architecture review and retrofitting of Technology architecture; Architecture services and the technology standards they are built on.
• Sign-off of completed work packages from a quality assurance perspective.

Confidential

Security Architect / Information Security Specialist

Responsibilities:

• Develop and maintain Technical Security Architecture for information and communication technology systems.
• Establish Security Architecture principles, standards, guidelines and roadmap for applications, database and infrastructure.
• Embed security assurance into new ICT initiatives and ensure the implementation of adequate preventive, detective and corrective security controls.
• Implement and enforce security policies and security standards across the organization. Provides security support for internal security projects and cross-organizational projects.
• Proactively test and monitor IT security implementation and make recommendations to reduce security risks.
• Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and security risk assessments; studying architecture/platform; identifying integration issues and recommend corrective action for identified security weaknesses or incidents.
• Principal lead for security implementation; Wireless Networks, Security zones and network segmentation, Global networks.
• Responsible for ensuring the secure design, implementation and operation of Infrastructure components.
• Providing written memos of security control recommendations to the relevant project sponsors and Business Owners.
• Security Technologies: Evaluate vendor and internal products for security capabilities and integration into a service delivery environment. Provide security guidance for implementation.
• Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; applying to industry relevant standards and regulations.
• Information Security requirements reviews and input to Business cases and project documentation to ensure alignment and implementation of Confidential security policies and standards.
• Strategic Security Risk Analysis & Planning: Understand big picture enterprise risks from patterns observed in consulting, contribute to strategic planning, and address as initiatives. Additionally, measure efficacy with appropriate security metrics.
• Assists projects in developing security risk profiles, assessment of security requirements, security design, implementation and security testing.
• To establish a new policy or amend an existing policy with regard to the protection of information systems and networks, according to industry standards and regulations.
• Create and administer standards for the Group’s overall IT security/network architecture, in-line with relevant Information Security Policies.
• Track Security trends and innovations and assess their applicability for the Group.
• Review infrastructure design standards in order to assist System Architects and Services in implementing secure systems.
• Work with the Global Head of Security Governance and Compliance and Information Security team to identify and implement appropriate information security governance controls.
• Information Security Architecture input into Security projects (Network Segmentation, Full Disk Encryption, SIEM, DLP, Secure Remote Access, Digital Signatures, Database Security, Intrusion Prevention etc.)

Confidential

Principal Security Consultant

Responsibilities:

• Coordinates all aspects of executing the security contract at the assigned location(s)
• Is the first point of contact for security professionals regarding performance, operations, emergency response activities, and department needs.
• Information Security requirements reviews and input to Business cases and project documentation to ensure alignment and implementation of security policies and standards.
• Produces detailed component specifications and translates these into detailed designs for implementation using selected products.
• Selects appropriate design standards, methods and tools, consistent with agreed enterprise and solution architectures and ensures they are applied effectively.
• Uses appropriate tools, including logical models of components and interfaces, to contribute to the development of systems architectures in specific business or functional areas.
• Reviewing the design of all Company infrastructure and application architectures in order to eliminate intellectual property loss and systems availability risks.
• To help the client establish internal capacity to carry out various activities of information protection and assurance. Establishing an Information Security Management Service within the organization, which includes; Fraud, Forensics, Incident and Event Monitoring, Data Loss Prevention, Network Access Control, Content Filtering, Mobile Device Management and Cryptography etc.
• To promote a culture of security through education and awareness activities. (e.g. Security in the SDLC or DevOps)
• To establish a new policy or amend an existing policy with regard to the protection of information systems and networks, according to international best practices and standards.
• To bestow great importance to the security of the clients information assets and set the scene as the trusted advisor.
• To help the client establish internal capacity or support and direction with a managed service approach to carry out various activities of information protection and assurance.
• Conducting risk assessments and identifying appropriate controls to reduce risk
• Security Gap Analysis - Assessing, Maintaining and reviewing security controls/ compliance with key regulatory requirements including ISO 27001/2, PCI-DSS, Organization Policies and standards
• Conducting design reviews of new systems proposals throughout the project lifecycle
• Ensuring suitable disaster recovery/business continuity procedures or agreements are in place
• Fully investigating and recording reported security weaknesses and incidents in line with Incident Management procedures
• Managing and maintaining Security Awareness training to include all new starters, and on-going staff awareness
• Managing external audits for ISO/IEC 27001/2, PCI-DSS, SOX, HIPAA
• Acting as a member of the Change Advisory Board/ Governance, Risk & Compliance Committee to identify security risk and provide professional advice and guidance.
• Service offerings from Information Security Architecture to its customer base ( SOA, SABSA - Application, Infrastructure, Data Protection, Middleware, Technology, End Points, Mobile)
• Managing & Maintaining security risk assessments and Business Impact Assessments.

Confidential

Security Architect

Responsibilities:

• Consults with senior IT and business leaders regarding the information security posture and responsible for designing and developing strategic architectures.
• Produce documented frameworks, or architectures, that describe and are used to manage the implementation of a security Infrastructure. Architect/design security solutions by possessing knowledge and experience in Enterprise Architecture methodologies (SABSA, TOGAF, Bredemeyer, Zachman, SABSA, ISO 17799/27001 , SOX, PCI DSS etc...)
• Set and administer standards for the Group’s overall IT security/network architecture.
• Develop technology security solutions according to an IS Architecture framework that supports requests for both enterprise-wide or point solutions.
• Provide security solutions in alignment to the IS Strategy and execute according to the vision and roadmap for the enterprise security architecture service.
• Interact and work closely with the business and technical staff and often alongside staff from other suppliers
• Analyze emerging technology trends, security strategies & architectures and assess the impact on the business and IT environment and in corporate appropriate mitigation controls into the Group IS Architecture Frameworks.
• Coordinate shared service offerings from Information Security Architecture to its customer base
• Provide leadership to the wider architecture and technical community within Confidential and maintain constructive relationships with suppliers to allow effective and productive evaluation of vendor offerings against business requirements, constraints and priorities.
• Advise on and participate in the governance arrangements and forums set up to ensure that the EISA delivers the desired benefits to the Group
• To establish a new policy or amend an existing policy with regard to the protection of information systems and networks, according to international best practices and standards.
• Work with the IS Research function to support applicability of candidate technologies
• Broad knowledge of security-related topics such as authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, public & private key cryptology, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage etc.
• Advise management on technology purchases, on future projects, and environment upgrades/modifications.
• Data Centre design: new DMZ segregation designs including F5 Load balancers. Set standard enterprise security architecture deployments for Firewalls, IDS/IPS’s, DLP & Switches.
• Develop Threat Models on projects.
• Develop Architecture Risk Analysis on projects.
• Drive changes to the enterprise architecture to reduce risk, enable flexibility and stability, plus reduce complexity.
• Create Policy & Standards related to Security Components.
• Investigate, analyze, evaluate and report on new security technologies and risks.
• Develop security technology roadmaps.
• Application security architecture - SOAP, WS-Security, EPAL, XrML, XACML, SAML
• Analyze and add security controls/mechanisms to relevant business projects in accordance with Forums.
• Group wide - Network Perimeter Defence Guidance, DLP deployment, SIEM deployment, Vulnerability Management deployment, Secure Remote Access deployment and Enterprise FW deployments.
• Managed and delivered Security requirements for outsourced providers.

Confidential

IT Consultant

Responsibilities:

• Implement Corporate Network Infrastructure(Setting up PDC Server’s, Exchange Server’s, Routers)
• Perform IT Audits (Audit Plans, Obtain Company Information Risk Analysis & Identification)
• Assume overall responsibility for IT Security at client site with regards to Physical, Logical & Network Aspects
• Create & complete relevant IT Security & Server/Domain related check lists
• Full Support of Microsoft Office 2003/2007
• Full Support on Client Operating systems - Win XP, Win Vista, Windows 7, MAC’s
• Full Support of Server Operating Systems - Win Server 2003, 2008, Win Exchange Server 2003,2007
• Provide security Risk assessments, advice & support to management & business operations & including but not limited to overall network security
• Provide clients with status of outstanding issues.
• Domain routing and configuration for Exchange MX records
• CISCO - Setting up of Firewall’s & VPN’s
• NetGear Routers
• GFI Languard - Security Auditing tool
• Total Network Inventory - Inventory / Auditing tool
• Symantec Backup Exec 11.0d & 12, setting up and configuring of Domain backup solution
• Mail Marshal configuring and support
• User monitoring for suspicious activities on Domain Network, supplying management of user info of what has been removed from the network and what has been copied to external devices.

Confidential

SAM & Security Specialist / Middleware Manager (RSA)

Responsibilities:

• Implement Corporate Network Infrastructure
• Perform IT Audits (Audit Plans, Obtain Company Information, Risk Analysis & Identification)
• Assume overall responsibility for IT Security at client site with regards to Physical, Logical & Network Aspects
• Create & complete relevant IT Security related check lists
• Provide security Risk assessments, advice & support to management & business operations & including but not limited to overall network security

Confidential

Senior Network Administrator

Responsibilities:

• Full Support on Microsoft Office 2003
• Managing day to day operations (500+ users) of group policies e.g. IT Compliance
• Repairing & maintenance of computer hardware & software
• Setting up of VPN users & ensuring Connectivity & security
• Ensuring network connectivity
• Network Architecture management
• Setting up users on computers & installing all necessary programs for user access
• Network/Computer Security incident response & incident management
• Promote security awareness & instil a culture of collective & individual responsibilities for practicing good security at all times.
• Ensuring connection to specific web pages e.g.: white/black listing
• Maintaining & verifying user access, server updates/hotfixes, user creation/termination
• Providing Navision Accounting package support.
• Symantec Backup Exec 10.0d - Backing-up of all user data, storing onsite as well as offsite back-ups
• Providing security advice to management & staff on protection of assets & information
• Purchasing of new hardware & software
• Provide security Risk assessments, advice & support to management & business operations & including but not limited to overall network security.
• SyncBackSE - Back-up & Synchronization of User local machine data
• Protecting and securing access to Media content - Ford, Mazda, VW, Audi.
• Trend Micro Officescan Client V8 - Anti-Virus Protection as well as up-dating, removing viruses.
• TrackIT - Audit Software to conduct Network Audits for company IT compliance policy