Ivan Gotti

MBA, CISSP, PMP, ITIL, COBIT

acxvqc@r.postjobfree.com Rua Adele 119, Jardim Dom Bosco, São Paulo/SP, Brazil

+55-11-957******

Page 1

Professional Profile

Security, Identity and Access Management, Access Governance expert using Novell/NetIQ/SUSE/Micro Focus solutions with over 10 years of experience. Bilingual (English and Portuguese) with excellent technical, written and spoken communication skills and wide cross-industry exposure: banking, insurance and financial institutions, manufacturing, aerospace, mining, telecommunications and government.

Solution Architect

and Consulting

• Identity Management: User provisioning, life-cycle, application integration, workflows

• Web Access Management: SSO, SAML, OAuth, WS-Trust and WS-Federation standards

• Advanced Authentication Framework: multi-factor methods and devices (OTP, Smart-cards, a biometrics)

• Security Information and Event Management: Correlation rules, threat discovery, reports

• Access Governance: Access Reviews, Role Mining, Risk Analysis

• Gap analysis and benchmarking based on common security frameworks (ISO, COBIT)

• Elaboration of roadmaps, strategies, procedures and guidelines related to information security

• Managed SUSE Linux Enterprise Servers, SLES on Mainframes, SUSE manager, SUSE studio and SUSE Cloud Manager

Pre-Sales

• Product and technology demonstrations for clients and industry events

• Pre-sales analysis and proof of concept definitions

• Responding to requests for proposals, preparing quotes and business proposals

• Preparing technical documentation for contracts (project plans, scope of work definitions, service level agreements)

• White papers, blogging, social media management

Project

Management

• Managed teams of up to 10 people

• Delivered projects of up to $10M

• Budgeting, planning, quality assurance

IT Systems Expertise

Specialist on Identity Governance and Administration product portfolio (i.e. Identity Manager, Access Review, Access Manager, Advanced Authentication, Sentinel)

Knowledge of RBAC modeling, Entitlements, Groups, and Role Configuration within IAM products. Experience developing and supporting integration between IAM and enterprise applications that manage access to resources using native connectors like SAP, Office365, Databases, Linux/Unix, LDAP Directories. Creating custom connectors using XSLT, shell script, SQL, Java/JavaScript, SOAP, batch txt files.

Experience with implementing SIEM solutions, creating reports, correlation rules, trend and anomaly automated analysis. Experience with Databases (Oracle, MSSQL)

Experience with Network Directory Services such as Active Directory and other LDAP solutions Experience with Tomcat administration. Able to fix issues identified in logs and other error messages In-depth knowledge of SUSE Linux/UNIX like operating systems. Ability to troubleshoot any system failures, identify root cause and fix issues, ensuring the availability and integrity of the system Network security and operations processing (i.e., executing back-ups, System Reboots/Re-Starts, problem escalation, reporting and production monitoring)

Ivan Gotti

Page 2

Representative Projects

IAM Consultant for VALE S.A. January 2016

http://www.vale.com/Canada/EN/Pages/Default.aspx

Vale S.A. is a Brazilian multinational corporation engaged in metals and mining and one of the largest logistics operators in Brazil. Vale is also the largest producer of iron ore and nickel in the world. I am the main Sales Engineer and Solution Architect responsible for business development helping Vale expand and evolve their Global IAM program. IAM Solution Architect for EMBRAER May 2015

http://www.embraer.com.br/en-US/Pages/home.aspx

Embraer S.A. is a Brazilian aerospace conglomerate that produces commercial, military, executive and agricultural aircrafts worldwide. I was the Sales Engineer responsible for the IAM and SIEM deal and for architecting the worldwide solution for 100k external users including contractors, suppliers, customers and 32k corporate internal users. Identity and Access Management implementation at INFRAERO January 2011 http://www.infraero.gov.br/portal/index.php/us.html Identity and Access Management implementation at INFRAERO - Brazilian Airports. INFRAERO is a governmental company that manages and operates airports, Air Navigation Stations and International Terminals all over Brazil. I was the Consultant and Support responsible for the IAM and NAM solution for all Brazilian airports staff. Identity and Access Management Solution Architect for Oi Telecom January 2009 http://ri.oi.com.br/oi2012/web/default_en.asp?conta=44&idioma=1 Oi Telecom, is the largest telecommunications company in Brazil and South America, both in terms of subscribers and revenues. I was one of the consultants responsible for the IAS implementation for 8.5million external users, the largest IAM implementation in Brazil and one of the largest worldwide. Currently, working for NetIQ I am the main Sales Engineer and Solution Architect responsible for business development with Oi.

Education

MBA, Information Systems Strategic Management - University “Fundação Getulio Vargas”, 2009 Bachelor Degree, Computer Engineering - University of Estado de Minas Gerais, 2004 Certifications

Certified Information Systems Security Professional (CISSP), ISC2 Project Management Professional (PMP), Project Management Institute PMI Security and Identity Management Technical Specialist (CNIMA), Novell Sentinel Security Information & Event Management 6 (SIEM), NetIQ Information Technology Infrastructure Library v3.0 (ITIL), Exin Control Objectives for Information and related Technology (CObIT), ISACA Professional Experience

NetIQ / Novell / Micro Focus (Sao Paulo, Brazil) January 2015 – Present Sales Engineer / Solution Architect

Role: providing strategic support to the sales team consisting of client needs assessment, solution architecture definition and commercial documentation preparation.

Detailed Tasks:

w Performing pre-sales activities, such as product demonstration, technical writing (request for proposals and tender responses) w Solution architecture design and development, implementation and lifecycle management w Post-sales activities, such as customer support, user training, performance review, continuous improvement w Implementation of security frameworks to accompany technical solution implementation, such as process re-engineering and optimization in the area of security event monitoring, identity management, threat and vulnerability management w Industry event participation, blogging, promoting security awareness and best practices Ivan Gotti

Page 3

+2X TECNOLOGIA EM DOBRO (Brasilia, Brazil) October 2012 – December 2014 Identity and Access Management Consultant

Role: performing consulting mandates in the area of identity and security management. Detailed Tasks:

w Implementation of projects in the area of identity governance and management (user lifecycle management, RBAC implementation, compliance requirements and reporting, multi-factor and risk based authentication, single and simplified sign- on)

w Implementation of security management processes such as governance risk and compliance (GRC) solutions, security incident and event management (SIEM), Sarbanes Oxley and PCI-DSS compliance frameworks, disaster recovery /business continuity planning methodologies

w Roll out of infrastructure services, such as firewall, IPS, network security, Unix/Linux administration, monitoring, performance tuning, capacity planning and storage management (NAS, SAN, etc). TRUE ACCESS CONSULTING (Brasilia, Brazil) March 2009 – October 2012 Information Systems Security Consultant and Project Manager Role: acting as security consultant on mandates for governmental organizations. Detailed Tasks:

w Consulting and project implementation including user directory architecture (including meta, virtual services), user access provisioning, role model implementations (mining, modeling, management), single sign-on, user management workflow, auditing and reporting

w Working with network and security protocols and information security technologies such as encryption, VPN, Smart Cards, remote access control, authentication, threat management / logging technologies such as Sentinel and Arcsight. w Development of drivers/connectors programming in XSLT, policy builder, java script and shell scripts Oi/ B2Br (Brasilia, Brazil) June 2006 – February 2009 Information Systems Security Consultant

Role: acting as security specialist for one of the largest Brazilian telecommunication companies (OI, formerly BrasilTelecom). Detailed Tasks:

w Implemented a comprehensive Identity Management Solution based on Novell technologies (Identity Management, eDirectory, Access Manager, iManager, iMonitor, nSure Audit, Suse Linux Server) w Administration and Support of Corporative Directory and the network infrastructure related to the Directory Service covering more than 40.000 corporate users

w Preparing projects documentation, such as project plans, statements of work, budgets, architecture design w Participating in the development of the Enterprise Application Integration (EAI) creating and customizing connectors for IDM including Directories, Databases, Web services, SAP, Mainframes and Linux/Unix systems. CTIS (Brasilia, Brazil) January 2005 – May 2006

Application Developer / Software Engineer

Role: grew from entry-level developer to the role of software engineer responsible for large software product delivery for governmental clients.

Detailed Tasks:

w Designing, modeling and development of software and database solutions in the area of distance learning w Development of a Rich Internet Applications (RIA) with an architecture based on Java design patterns and object oriented programming

w Development of interfaces for fluid user experience, based on Flash and ActionScript w Led the software development team’s effort to implement the Capability Maturity Model (CMM) operational excellence standard

Contact this candidate