Since 2011 in charge of ScienceSoft's strategic direction - Information Security and SIEM services.
Responsibilities and experience
SIEM, Compliance and Risk Management, Information Security consulting
SIEM software development, deployment, configuration, and customization
Augmenting Information Security and Compliance Management competence and team
Promoting ScienceSoft's Information Security and Compliance Management services
Cooperating with Marketing department to arrange effective promotional campaign
November 2004 - January 2011 ScienceSoft Inc. Project Manager || Component Leader
Since 2004 member of IBM Tivoli Security Information and Event Manager
development team.
IBM TSIEM is a security compliance product that collects, analyzes, archives log data and produces detailed security reports on information security policy compliance. TSIEM provides continuous, non-intrusive assurance and documentary evidence that data and systems are being managed in accordance with and comply with company policies and external regulations (GLBA, Basel II, PCI DSS, HIPAA, ISO 27001 etc.). TSIEM is the successor of IBM Tivoli Compliance Insight Manager
and Consul InSight Security Manager.
Since 2008 picked up IBM Tivoli Security Operations Manager device rules development.
IBM TSOM is a solution that enables organizations to centrally manage security threats and incidents, and monitor IT infrastructure controls to ensure system security and meet compliance objectives. This solution correlates security events from across the network, security, hosts, and applications, to provide security threats, respond with adaptive security measures, and manage the entire incident process to resolution and remediation.
Development team is distributed between the Netherlands (IBM), USA (IBM), Poland (IBM), Romania (IBM), and Belarus (ScienceSoft Inc. as an IBM Vendor and Core Supplier).
Key Points
Information Security and Compliance Management domain
Huge international team of developers: overall team size is around 120, belarussian team is over 50
Deep integration and co-operation with IBM development team
Strict IBM processes and regulations (RUP, ISO)
IBM environment and tools: Rational ClearCase, ClearQuest, Portfolio Manager, Lotus Notes
Responsibilities and experience
Supervising development team, introducing and teaching new people, solving personal issues
Managing TSIEM Event Sources, TSOM Device Rules, and TSIEM Compliance Management Modules projects (up to 10-12 projects in parallel): estimation, planning, resource management, risk management, day-to-day status tracking, planning corrective actions, etc.
Supervising TSIEM Event Sources and Compliance Management Modules Components: communication with and reporting to higher management, communication with teams within the IBM and out of it, coordination of team involvement to major TSIEM releases, supervising what other teams are doing in relation to Event Source functionality, etc.
Achievements
Over 150 completed project for CISM, TCIM, TSIEM, and TSOM
Built team of unique expertise committed to deliver auditing modules for CISM, TCIM, TSOM, and TSIEM
Proved team maturity: team successfully got responsibility for TSIEM Event Source, Compliance Management Modules, and TSOM Device Rules Development, Architecture, Configuration Management, and overall Management
Took responsibility in difficult moments of time: acquisition by IBM, fast growth of development team, retirement of partner development teams
Established number of project and development processes
Company expertise is IT consulting and services outsourcing to small and meduim enterprises.
Featured projects
Design and implementation of Google Apps based collaborative system for Atex-Computers UE, including custom Google Docs Spreadsheet based task management system development (Google Docs API, Google Apps Script), 2009 - 2010.
Design and implementation of Samba-based PDC (FreeBSD 7.0 operating system), DNS, DHCP, proxy, etc. for medium-sized network. A part of larger project to integrate and automate work of different departments of the enterprise, 2008.
Analysis, design, and recommendations on implementation of (migration to) Microsoft Active Directory domain (huge state company with a complex network structure and intensive use of IT-infrastructure), 2007.
LAN analysis and redesigning of server group. Network equipment configuration (huge state company with a complex network structure and intensive use of IT-infrastructure), 2004.
Minsk Useful Calls - an Android application, Minsk (The Republic of Belarus) emergency, inquiry, and personal services phone numbers catalog, (2010 - present)
Brightness Control - an Android application, yet another one application for Android screen brightness control, (2010 - present)
http://rosa.by/ - Minsk (The Republic of Belarus) restaurants and cafe reviews blog, (2008 - 2010)
PROFESSIONAL SKILLS and KNOWLEDGE
Working for Atex-Computers UE, ScienceSoft Inc., and IBM Corporation I've got and improved my experience in the following areas:
Team leadership and project management
Team work, collaborative work with independent teams situated all over the world. Team development and solving team issues. Coordination of teams.
Managerial competence. Managing parallel projects sharing tasks and resources between different teams.
Software development, testing, and quality assurance (QA) processes. The establishment and implementation of processes.
Information Security and Compliance Management
Main regulatory and industrial security standards (PCI DSS, FISMA, SOX, Basel II, HIPAA, etc.).
Deep knowledge of LM, SIM, SEM, and SIEM software design and implementation.
Information security systems development and audit.
Deep understanding of auditing and logging subsystems of various software products, operating systems, and devices.
Sufficient experience in configuring and maintaining operating systems, software, and devices.
Operating systems and software
System administration experience in UNIX, UNIX-like, Linux, and MS Windows operating systems.
Generally familiar with realtime systems, mobile and embedded systems, mainframe operating systems, etc.
Enterprise systems based on IBM, Sun, Microsoft, Oracle, Cisco, and Novell products. Various experience in installation and configuring of IBM TIM, TDS, TSCM, TFIM, WAS, TIP, DB2, Sun SIM, Novell eDirectory, etc.
Various experience in relational and hierarchial database systems.
Development technologies and tools
Various experience in UNIX shell and programming environment, MS Batch, VB, Perl scripting, C, C++, and Java.
Version control and bugtracking systems: VC, CVS, SubVersion, Git, MS Source Safe, Rational ClearCase, Rational ClearQuest, etc.
Android mobile applications development experience (Java, Android SDK, NDK).
+375 (29) 771 5844
keyhell@keyhell.org
itcon
keyhell-is.blogspot.com
itcon (mostly in Russian)