Management Security
Resume:
Deddy S. Nadeak,
Palm Residence No ***
Jln. Kemang Raya, Bekasi 17411, Indonesia
Phone: +628**-****-****
*******@*****.***
GENERAL SUMMARY
More than 10 years experiences in financial industry with roles in Information Security
Risk
Management, IT GRC and Service Management, System Development, Business
Continuity
Management and Disaster Recovery Plan
TECHNOLOGY SUMMARY
• Security Technologies: IDS/IPS; SSL; Digital Certificates; Anti-Virus Tools, SSO
• Operating Systems: Unix-Based Systems (iSeries, AIX); Windows
• Networking: LANs, WANs, VPNs, Routers, Firewalls, TCP/IP
• Software: MS Office (Word, Excel, Outlook, Access, PowerPoint)
KEY SKILLS
• •
Network & System Security System Monitoring
• •
IT GRC Network Architectures
• •
Vulnerability Assessments SDLC
• •
Authentication & Access Control IT Project Management
WORKING EXPERIENCES
• PT Bank Ekonomi Rahardja, a member of HSBC Group, Jakarta, Feb 2012 – Present
AVP Information Security Risk
Oversees the confidentiality, integrity and availability of information assets
covering both technology and operation; the design, development, testing and
implementation of security controls; security administration; exception monitoring;
information security incident management; security risk and management and
compliance checking.
• Standard Chartered Bank, Jakarta, Oct 2010 – Feb 2012
Disaster Recovery & Technology Service Manager
Reporting to the Country Head of Technology Management, the role was to ensure the IT
infrastructures are functioning thus supporting the critical applications/services within the
pre-defined recovery time/data objectives (RTO/RPO) should any disaster occur.
Established, updated and monitored SLA toward IT service improvement. Coordinated
cross functional teams on the problem management activity in identifying root cause and
lesson learned.
Standard Chartered Bank, Jakarta, Apr 2006 – Oct 2010
•
Local Security Administration Manager
Managed the logical and physical identity/access management across the Bank in
ensuring that the access is authorized and on a least privilege basis. Coordinated
information security activities to promote secure working behaviour;
• Standard Chartered Bank, Jakarta, Jan 2003 – Apr 2006
System Development Officer
Managed system parameter to ensure that a correct Collection strategy is in place.
Developed and implemented Collection-supported application by using Visual Basic
programming language, distributed across the main and branches offices. Prepared MIS
data upon Collectors performance on regular basis.
• Dot System, Bandung, May 2002 – Dec 2002
System Analyst
Designed and developed modules of several softwares which aimed at managing
process flow in manufacturing. Implemented and tested new application systems at
client side
PROJECT/BAU HIGHLIGHTS
Internet Banking Onshore Project: Perform vulnerability assessment on both network
•
and application sides. Ensure the network infrastructure operational/management is in
line with Group information security policy, standard and procedure.
Incident Management: Protect information assets by implementing robust procedure for
•
information security incident handling arises from Data Leakage, Malware Threat,
Lost/Stolen Devices, DoS, hactivism etc.
Assurance: Maintain the level of security compliance in term of ensuring information
•
security operation is aligned with policy, standard and procedure
• Business Information Risk Officer: Led business people in implementing information
security activities (e.g. EUC, information classification, encryption etc.)
• Risk Management: Led comprehensive infrastructure risk assessment (e.g.,
firewall/VPN upgrades, intrusion detection, token-based authentication and remote
management) through change management process. Perfom security risk assessment on
third party that provides service to the Bank. Identify, establish and monitor controls for
mitigating risk on regular basis
• NINA/RPT project: Marked as an identity management project, coordinated substansial
efforts in establishing thus ensuring that all access are identifiable and authorized
EDUCATION
Bandung Institute of Technology, Bandung, Indonesia
Bachelor Degree in Mathematics, 2002
CREDENTIALS/AWARDS
Passed CISM exam on September 2013, certification in progress
•
LSPP Level 3 in 2012, a banking risk management certification
•
EDRP, 2011
•
ITIL v3 Foundation, 2011
•
SCB’s Leading Champion of Information Security, 2009
•
SCB’s Order of Information Security Champion, 2010
•
References available upon request.
Contact this candidate