Toronto, Ontario, Canada
Qualifications: • 15+ years of focused experience in cybersecurity. • Deep knowledge and hands-on experience with cybersecurity concepts, including defense-in-dept, network security, risk management, encryption, authentication, threats, vulnerability, cloud security, auditing, security operations. • Excellent technical and business writing capabilities • Outstanding communication skills with ability to interface and communicate at all levels of management, including leadership. • Exceptional abilities to articulate complex technical details to all levels of an organization that have varying degrees of technical aptitude. • Handles presentations with ease. Excellent reporting, documentation and presentation skills. • Extensive hands-on experience with providing architecture, engineering and operational roles. • Learn quickly and apply newly acquired knowledge to existing workflows. • Establish network security programs, introduce new policy/process/procedures and improve the existing ones tailored to an organization’s specific needs. • Collaborate with cross-functional teams, partners and the larger IT organizations. Highlighted Expertise: • Security Architecture, microsegmentation, Zero Trust Architecture, Zero Trust Network Access (ZTNA), firewall management, network segmentation, information security risk assessment, maturity assessment, compliance assessment and maintenance, network security. • Extensive knowledge on current cybersecurity frameworks and best practices (NIST CSF, NIST 800-53, NIST 800-207, ISO 27001, Zero Trust, CIS, COBIT, etc.). • Security modernization with strategy and roadmap development, along with associated solution deployments. • Security assurance and validation services. • Influence, provide awareness, and guide others to ensure that cybersecurity and contingency measures are incorporated in the development of systems and solutions. • Comprehensive risk assessment, network vulnerability assessments and penetration tests. Advanced problem management techniques. • Developing mitigating controls for identified risks to enhance security posture. • Information security policy, standard and technical specifications development that aligns with the industry best practices and standards. • Workflow and process creation/improvement, operationalization. • Certified in various technologies with different vendors: o Illumio Adaptive Security Platform Specialist, Netskope Cloud Security Specialist, Appgate SDN Commander and others. • Wide range of hands-on experience with infrastructure design, monitoring and operating.
• Engage with clients to create governance strategies to protect sensitive data and uncover security issues, build security programs, write policies, assess risk, and identify compliance gaps. • Provide executive-level guidance on relevant industry-specific control frameworks such as NERC CIP, NIST, ISO, and others • Provide subject matter expertise in the realm of OT/IT security. • Develop and execute security governance, project methodologies, procedures, and processes. • Provide executive and C-suite level guidance on managing risk within an organization. • Provide thought leadership and perspectives to existing and prospective clients within the security and compliance space. • Participate in a team environment to create guidance documents on industry topics. • Stay up to date with industry trends. • Identify, architect, and present new service opportunities within the context of existing client relationships. • Develop and complete risk assessments based on various standards such as NERC IP, NIST, and ISO to ensure the security controls adequately mitigate identified risks. • Capable of communicating complex issues efficiently and effectively to internal teams and clients. • Support and provide an in-depth understanding of customer processes to implement action items, manage reports, and provide overall systems support. • Assist with optimizing technical solutions and processes to monitor the security of the client’s infrastructure • Develop remediation plans and coordinate activities with other organizational departments. • Lead the team in conducting security risk assessments • Identify, document, and report security issues and concerns to executives and follow up on action items to resolve security issues • Act as a consultative partner for system and application security designs and reviews
• Led major transformation projects at large global and national organizations with services such as strategy and architecture development, current state security control assessment with gap identification and multi-year roadmap planning towards achieving target state, process and procedure establishments, costing projections, tactical and strategic security control/solution deployments and other services. • Managed multiple projects with multiple clients simultaneously and providing status updates to management. • Developed and matured cybersecurity programs. • Worked with internal audit teams to perform security assessment and control validations. • Managed a team of security professionals for delivering cutting-edge projects like zero trust, microsegmentation, software-defined perimeter and others across hybrid, multi-cloud environments. • Coached members of the team for their career development. • Prepared and delivered training sessions to create awareness and develop team members’ skillset. • Created new security services and delivering them to clients • Developed automation solutions to network security products (e.g. firewall change request management with automated workflows) • Built and operated a lab to compare and test various leading technologies from various vendors, such as ZScaler, Illumio, Guardicore, Zero Networks, Appgate, Netskope, Tufin and others.
• Led and contributed to discussions with technology and business decision makers for selecting appropriate technologies, products and solution for their environments • Developed transformative strategies and roadmaps to help clients adapt to changes in business, technology and cybersecurity. • Led the delivery of transformation programs, using agile design, development and implementation methodologies. • Engaged in projects with different capacities, from architecture to engineering to operational roles for delivering the contracted services. • Prepared and delivered training sessions for cybersecurity concepts, solutions and products • Developed latest products comparisons to identify their differences and strengths for recommending the right products to differing needs of various clients. • Collaborated with organizational stakeholder teams to deploy security tools and solutions. • Provided consulting services to internal teams for cybersecurity • Established relationships with leading technology vendors to stay abreast with new products, threats and trends. • Participated in creating new cybersecurity services with technology providers.
• Acted as a central point of reference and core competency for Information Security. Assisting in the classification and protection of data resources by providing guidance on secure and cost effective implementation of Bank's security policies and standards. • Represented Information Security in projects, initiatives, mergers and acquisitions. Working with business lines to develop sound security strategic and tactical plans towards the reliable implementation of consistent and secure control processes to protect the Bank. Drive initiatives and support business functions to assess security risks and to make informed decisions to protect information assets. • Participated in initiatives and projects driven by various business lines. Guide project and delivery managers to design and establish sound information security practices, facilitating key artifacts such as security design documents, threat/risk assessments (TRA) and data classifications with the owner to ensure that risk is identified and effectively managed. • Led security due diligence reviews over third party services providers to determine if implemented security and control practices align with the Bank and industry best practices. Working with the relationship owner and the 3rd party to create and track an action plan for remediation of identified issues. • Provided guidance to design, develop and implement sound risk management controls in accordance with Bank's standards that assure the Bank's compliance with industry regulations. Keeping informed and well versed on financial industry regulations demands in different regions based on practical experience. • Pursued security and control process improvements to advance security compliance and improve internal processes
• Delivered security blueprints, specifications, models and guidelines to be used in the development of technical solutions • Developed and maintained Information Security patterns, frameworks and standards that align with the Enterprise Architecture directives and industry best practices • Interfaced routinely with technology peers in other business services and shared best practices and gain insight from their areas of expertise • Worked on various aspects of wireless mobile network (4G/5G) security • Tracked the deployment of mitigating controls with various internal teams.
• Created DDOS protection workflows and processes for the organization and worked with various stakeholders to operationalize the process. • Led many security improvement programs on very large networks and platforms. • Provided risk assessment for enterprise scale projects, using various risk assessment methods, including ISF IRAM2. • Recommended risk reduction measures for being/staying compliant. • Created and prioritized security controls for identified vulnerabilities. • Presented the risk assessment findings to senior leadership. • Collaborated with various engineering, operational, technology teams within the organization for driving enterprise level initiatives forward. • Defined and created network device security specifications, which include industry standards and best practices (e.g. NIST, CIS, ISO, PCI, SANS) • Performed security audits on multi-vendor, multi-platform network devices at national production networks (routers, firewalls, load balancers etc.) • Provided guidance on how to implement the technical security specifications. • Provided leadership on how service delivery can be achieved without security exceptions, or at a reduced risk level. • Monitored vendor security patch releases and evaluated their impact and criticality on the production networks. • Provided leadership for creating relational inventory for the organization.
• Took charge of security monitoring for national Rogers mobile 3G/LTE network. • Created/updated network security policies and standards for the organization. • Performed risk analysis, network auditing, vulnerability assessments and penetration testing on a regular basis. • Designed, implemented and maintained a lab for Network Security Operation Center (SOC). • Generated periodic reports to upper management for critical incidents at production networks. • Chaired and held a seat at Rogers Network Security Committee and Server Security Committee. • Created security awareness programs with needed documentation and videos. Showcased ethical hacking techniques for security awareness. • Carried blackberry 24/7 as an on-call person for nation-wide NOC operational incident management. • Took a lead on a $5M project that implemented rogue AP detection capability for PCI DSS compliance at all Rogers locations across Canada. Created WiFi security procedures for the organization. • Analyzed and evaluated risk factors for all company wide firewall change requests and recommended compensating technical controls. • Evaluated new security appliances and tools that are available in the market. • Trained engineering groups for network security. • Evaluated and modified existing organizational processes to comply with ITIL. Used ISO 27000 series standards and COBIT frameworks.
• Architectured, purchased, implemented, and maintained a full-scale data center and several branch networks across Canada and USA. • Designed, configured and maintained wireless networks in which thousands of wireless clients were in use. Implemented multi vendor wireless LAN controllers (Cisco, Aruba and Motorola). • Constant evaluation of new network technologies, management, monitoring and analytical tools. • Supervised a team of network engineers. • Saved company money on contract dealings with very strong negotiation skills, evaluating alternatives and using virtualization technology on servers. • Configured, maintained and interconnected multiple network infrastructures with various routers, firewalls, switches and wireless LAN controllers across USA and Canada. • Interacted with multi-national clients to set the expectations and delivered the required networks, always on time, for multiple projects across Canada and USA. Provided project management for these projects. • Setup a central network monitoring system across several networks across North America. • Designed and implemented office and branch office wired/wireless networks with a Windows DC, Exchange server and many Windows and Linux clients. • Implemented and maintained a VPN system that allowed remote users, home office users and 3rd party companies to access to the core network resources in a very secure manner. • Designed, implemented and maintained a company wide VoIP phone system. • Created, operated and maintained company wide backup policies. • Documented company network infrastructure and provided presentations with marketing team for high-revenue clients.