Israel Perlson

Professional Summary:

Highly capable hands-on technology manager with extensive experience with Tudor Investments, Goldman Sachs and other top-tier organizations.

Led information-security and infrastructure operations and projects highly critical to running the business, delivering them on time and budget.

Handled information security, disaster recovery, eDiscovery, network, co-location, budgeting and business management relations.

Led upgrade of IPSec-VPN based remote access to Citrix/CAG/SSL technology to improve security, availability and DRP as well as eliminate having to maintain company laptops for home/remote users.

Researched and selected Sourcefire IDPS (Intrusion Detection and Prevention System).

Reviewed, selected and deployed Fidelis DLP (data leak prevention) gateway as well as DLP desktop/server agent from RSA. Used to create IP and other confidential data extrusion/intrusion alerts, PII (Mass 201) violation reports, etc.

Administered all Checkpoint firewalls company-wide.

Great analytical and organization skills, excellent verbal and written communication.

Solid theoretical background, Thorough, problem solver, detail-oriented and have strong user service focus.

Education:

M.A., Computer Sciences, Queens College

B.A., Physics, Tel-Aviv University

Certification: CISSP

Core Competencies:

Information Security Management

Disaster Recovery planning and deployment

Network administration

Project Management

Vendor Management

Budget Planning

Professional Experience:

Information Security Consultant (Bank of NY-Mellon, AllianceBernstein, BNP Paribas) 2013 - Present

Performed analysis of escalated security incidents for the SOC using HP ArcSight and Splunk SIEM, Remedy, ServiceNow, Forescout, Damballa, StealthWatch, Varonis, BlueCoat and Fortinet proxies, IDS and several other tools.

Managed vulnerability remediation using Qualys internal and external scanning and penetration and working with the administration groups on resolution.

Configured and deployed Air-Watch MDM/MAM to protect critical applications and enforce compliance

Installed Juniper SSL VPN to support remote login.

Deployed RSA Authentication Manager 8.1 to support Two-Factor Authentication for remote VPN login.

Setup vulnerability scanning using QualysGuard

Researched and configured RSA Soft Token technology on various Smartphones, PC’s and MAC’s

Evaluated security systems to mitigate security gaps, e.g. Skybox, Tripwire, Policy managers, GRC systems, etc.

Deployed and supported Varonis and EnCase/GuidanceSoftware for the organization.

Information Security Lead, TUDOR INVESTMENT CORP., Greenwich, CT 1997 – 2012

Created a comprehensive Information Security policy for firm-wide usage/approval. For example in the areas of passwords, wireless, “kiosk access”, vendors, USB/DVD, access to resources, web/ftp sites (e.g. webmail), confidential data, personal laptops, chat/IM from company vs. personal devices, mail forwarding, etc.

Architected, deployed and tested the Disaster Recovery system for all sites.

Developed new project/system onboarding process to formalize security and compliance approval.

Scheduled, approved and supervised weekly patching (using Lumension/Patchlink)

Provided specs, selected a vendor and worked with them on developing a Security CBT module for new user orientation (e.g. training them how to avoid phishing, choose strong passwords, avoid malware sites, check web certificate, beware of social engineering, etc.)

Led a large eDiscovery effort to support compliance/regulation requirements. This included providing specific data (from file servers/Netapp, Exchange, Bloomberg, Symantec Vault, data bases, tapes, etc.) and exporting it into an external indexing and search system (Ringtail).

Reviewed leading SWG (secure web gateway) products for monitoring and controlling Social Media and web access as well as blocking malware and unauthorized sites. Selected Cisco Ironport, designed, configured and deployed it at all sites.

Researched and selected Sourcefire IDPS (Intrusion Detection and Prevention System). The main needs are for blocking zero day exploits and detecting behavior-based malware and attacks.

Selected, deployed and configured Splunk SIEM system to enable creating sophisticated reporting of log data. E.g. Social Media access reports sent to Compliance and HR daily, firewall and IDPS log reports sent to the security admin team, hardware, system and app reports sent to their admins, etc.

Evaluated, selected and configured Sendio anti-spam appliance used to block spam and reduce malware. The product uses an interesting and very effective “challenge-response” (SAV) authentication technology as well as a few other anti-spam/anti-malware technologies.

Developed security standards and implemented Air-Watch MDM (Mobile Device Management) platform to securely support BYOD policy for Iphone/IPads/Android mobile access.

Reviewed, selected and supervised deployment of Nexpose (from Rapid7) vulnerability scanner (internal and external) to detect misconfiguration, missing patches and to help harden the network.

Reviewed, selected and deployed Fidelis DLP (data leak prevention) gateway as well as DLP desktop/server agent from RSA. Used to create IP and other confidential data extrusion/intrusion alerts, PII (Mass 201) violation reports, etc.

Administered all Checkpoint firewalls company-wide.

Evaluated, selected and configured iDefense system (from Verisign) to receive periodic and real time vulnerability and exploit reports customized to our specific software/hardware platform.

Conducted annual penetration testing of Internet hosted applications, network perimeter and war-dialing utilizing outside service providers.

Worked with the outside auditors on the annual SAS70/SSAE16 security report and followed up on mitigation.

Led upgrade of IPSec-VPN based remote access to Citrix/CAG/SSL technology to improve security, availability and DRP as well as eliminate having to maintain company laptops for home/remote users.

Let selection and deployment of Counteract NAC to protect the network from unauthorized or malware-infected devices.

Reviewed and selected Varonis for monitoring user access to resources.

Vice President, Infrastructure

Led the daily management and coordination of the IT Infrastructure teams including UNIX and Windows Server Engineering and support, Network Engineering and support.

Oversaw deployment and support of a few hundred servers, 2 DR sites, and 500 business users worldwide.

Managed business relationship focusing on service level requirements as well as upcoming project needs.

Selected a Co-location facility and led the migration of our data center to it with minimal business impact and downtime, significantly improving robustness and scalability and lowering risk of outage due to power, cooling, physical security issues, etc.

Deployed and supported Unix servers and desktops

Deployed and supported Windows desktops, servers, Domain Controllers and Exchange servers

VP, System Administration, GOLDMAN, SACHS New York, NY 1989 - 1997

Led a team of administrators supporting the Controllers and other back office departments.

Interacted with business and Info-technology management, users, Engineering, etc. to deliver application and services and support the business.

Senior Unix System Administrator

Deployed and supported Unix servers, desktops and all user business needs.

ADDITIONAL EXPERIENCE

COMPUTER ASSOCIATES, Islandia, New York

Product Developer

Optimized their “C” programming language compiler to generate much faster machine code. Worked on their Sort product to add features and improve its speed.

ISRAELI MILITARY COMPUTER CENTER, Israel

Programmer and team leader

Major at the military computer unit. Developed the military “411” phone directory as well as led a team of programmers delivering various software projects.

Contact this candidate