Boris Levit

Toronto, ON, M*R *N*, Canada h: 416-***-****, c: 416-***-****, skype: bllevit, ad4fau@r.postjobfree.com, ad4fau@r.postjobfree.com, https://www.linkedin.com/in/boris-levit-025a88

Information Systems Security Manager / Architect. CISSP (CN 96686).

20+ years of Architecture, Security, Unix, Windows, Network, Cloud, Applications Exp., DevSecOps.

EMPLOYMENT HISTORY

InTunnel Monitor, Canada. Enterprise / Security Architect, DevSecOps Lead. The end clients were GC DND, SunPower Corp. (now TotalEnergies), OSC, Metsuke. 09/2017 – current

Work with Vertex AI, EU AI Act.

Work with Qualiware, ArchiMate.

Developed Security Orchestration Automation and Response (SOAR) Tools for APT (Advanced Persistent Threat so-known as Cyber Kill Chain), insider and fraud activities, made TRA, Risk Management.

Use bash, R-language, python, golang, groovy, json, yaml, java, G Suite, Kubernetes, Docker, Windows 11, WSL, Virtualbox, Kali, Ubuntu, OpenSuSe, Tails, OS365, Azure.

Worked on SSL covert channel’s revealing project, developed eDiscovery tool, transmit security.

Wrote DevSecOps roadmap document.

Participated in Agile practice improvement.

DevSecOps Security Testing, CIS Controls, KPI and KRI - SAST, DAST (Penetration Testing and Vulnerability Assessment - VA and PT). I used redeveloped opensource gotestwaf tool to get WAF score. The detailed report was checked with WAF logs (used AWS CloudTrail / CloudWatch / Antena log facilities) to strengthen the WAF. GCP and AWS WAF scores were increased from an initial 40% (of 100 well known attacks, 60 were missed) to more than 90% using different WAF technics. Containerized tools were inserted into AWS Fargate serverless scripted task to generate Security KPI. Same work was made with GCP Cloud Run serverless env. The task was part of groovy based CI / CD pipeline (Terraform pipeline in Jenkins). Participated in the log analysis and SIEM project.

Facilitated log4j mitigation project.

Worked on static code analyzer for Infrastructure As a Code / Security As a Code (SaC) / Policy As a Code (PaC) project, used terrascan.

Facilitated Vulnerability Management for Cloud Workloads.

Redesigned Security Event Management, Security Incident Investigation Process and other Security Operations Center (SOC) procedures.

Worked with regulations and best practice: DND Reference Architecture, SSE (Strong, Secure, Engaged) defense policy, Government of Canada Cyber Security Event Management Plan (GC CSEMP) 2019, SOX, FIPPA, CCPA, ISO 27001, GDPR, PIPEDA, HITRUST, ISO /SAE 21434.

Developed, supported, and sustained solutions for Operation Team.

Worked on SaaS, IaaS, PaaS, User Behavior Analysis (AI) - including Threat Metrics, OpenText, ArcSight, LogRhythm, Elasticsearch, Splunk, Palo Alto, AWS WAF, CloudTrail, Kinesis, CloudWatch, CloudFormation, AWS ECR, AWS IAM, AWS Fargate, AWS Secrets Manager, AWS CloudShell, task definition, OCI WAF, Terraform, Github, Github Copilot (AI), Bitbucket, Visual Studio, GitLens, git, Jenkins, Google Cloud Armor, Container Registry, Artifact Registry, GCP IAM, VPC, Cloud Run, Chronicle, aws and gcloud cli, ECR Scan, ecr-scan-image, gotestwaf, waf-testing-framework, CloudGoat, Pivotal Tracker, Confluence, Jira, Slack, Datadog, Akamai, Web Application Testing toolkits, Qualys, Netsparker, Postman, Burp Suite, Sonarqube, CIAM Okta, SAML 2, Duo, Pulse Secure, Oracle, DB2, SQL Server, CyberArk, IBM Security Guardium (including OCI deployment), Checkpoint, TOGAF, Reference Architecture, Zachman, Symantec Endpoint Detection and Response (EDR) projects, Kanban, Scrum, SAFe, Atlassian, ServiceNow, REST API, NIST CSF, HTRA, COBIT, OSA, McAfee.

HP – HPE - DXC, Toronto, Canada. SOC (MSSP) Security Incident Analyst. Clients were financial org. and provincial government. 06/2015 – 08/2017

Used GrUD (Inventory Management System), Vigilance (Monitoring and Alerting System), ViTAL (Incident and Change Management), MSS Portal, ArcSight (SmartConnector, Logger, ESM), AD, TippingPoint (IPS/WAF), Akamai (WAF/ WWW proxy/ CDN), Cisco Sourcefire (IDS), Juniper Pulse Secure, Damballa, F5, Securonix (ArcSight UBA), kiwi, docker, VMware, Cygwin, OS365, openSUSE, Kali, VB, PowerShell, python, R-language, RStudio, Checkpoint, Fortinet, Palo Alto, Oracle Internet Directory, Oracle Unified Method (OUM), Microsoft AD, PAM, bash (including on Windows 10).

Worked with ArcSight Console, Activate Framework. Utilized event inspector. Wrote reports, trends, queries, bundle, etc. Configured active channels, filters, tools, etc. Made Use Cases Analysis and Logger search queries, log sanity, SIGMA, other content development, PaaS, SaaS.

Made security incident analysis and remediation. Created and maintained tickets and incident response playbooks. Presented recommendations to client's executives. Participated in Client Risk Management. Made presales support.

Acted as a lead and mentor for our Tier 1 Event Analysts Team and client's professionals.

Made packet analysis (pcap) using Wireshark as a part of network forensic process.

Facilitated eDiscovery. Performed Indicators of Compromise search on client's environment.

Processed JSON output from security sources using jq, as a part of Cyber Threat Intelligence (CTI) / MITRE framework, created IoC uploaded to SIEM filters. Worked with STIX. Used several CTI sources including HP Threat Portal, FireEye, Shodan, Vulners (used REST API, jq), etc.

Participated in HPE / Redhat Openshift project.

Developed Automated Sandbox Procedure.

Facilitated Data Behavior Analysis, including User Behavior Analysis (AI), Threat Metrics and Big Data Analytic. Used Rattle (R Analytic Tool To Learn Easily) for data mining and classification.

Worked on DNS queries monitoring to detect DNS covert channel (dns tunneling) and Tor Pluggable Transports.

Developed security incident investigation and other operational procedures. Made Root Case Analysis (RCA) for several alerts in parallel. Participated in DevSecOps Automation efforts. Participated in Threat Risk Assessment, penetration testing and Vulnerability Assessment in our clients' environment. Investigated client's env., market / technology trends, hacker techniques, etc. Was responsible for some KPI, CIS Controls. Made threat hunting. Worked with red team Mandiant.

Worked with regulations: SOX, ISO 27001, GDPR, PIPEDA, NIST -CSF, 800-53, 800-61, COBIT.

Constantly learned hacker techniques tools and incident handling. Made educational presentations for team members. Worked with Network / Web Application Testing toolkits.

Supported banking software (T24), AML, KYC. Resolved Akamai configuration problems. Supported Tanium end point protection solution.

Metsuke, Toronto, Canada. Security Consultant / Architect. Main clients were Deloitte, IBM, TD Bank, Seneca College, CM Inc. 02/2012-05/2015

Performed Vulnerability Assessment.

Designed next generation of SIEM, IAM projects.

Participated in IAM remediation after SOX audit. Audited LOB access systems, provisioning and de-provisioning. Interviewed LOB personnel to find out access management problems. Audit and forensic analysis of DB and applications. Worked with CyberArk, CIAM Centrify, Oracle, sqlplus, PL/SQL, MS SQL Studio, SQL Server 2012, WebSphere, SharePoint, AML.

Facilitated hacking incident investigation. Made forensic analysis & remediation, security gap analysis, IT Audit of huge university environment. Interviewed wide range of college personnel (technical workers, professors, college's executives, etc.).

Made monitoring for hardware keyloggers. Built PoC for sufficient defense against USB hardware keylogger threat.

Solved TRA, likelihood, impact, risk evaluation by using Harmonized – HTRA / OWASP risk rating methodology, used ITSG-33, 04.

Operated Vulnerability Assessments, WiFi Wardriving.

Made remediation recommendations (technical and policy including security incident investigation, change management and BYOD) as a part of Risk Management.

Designed Qradar and Splunk deployment.

Performed OWASP code analysis.

Investigated mobile and Oracle security.

Analyzed Modbus malicious traffic (SCADA project). Made Malware Reverse engineering.

Used Redmine, R, Esper, python, scapy, FIDO, Apache, OpenSUSE, CentOS, Windows, Android, iOS, Novell ZENworks Endpoint Security Management, Xen, KVM, Vmware, Virtualbox, vagrant, packer, Ansible, AWS, Google Compute Engine, G Suite, Azure, TITUS Data Classification, lua, botbrew, adb, sqlmap, ruby, perl, sh, eclipse, jenkins, logstash, lapse+, WebInspect, Fortify, java, node.js, .NET, IDA Pro, VoIP, Confluence, JIRA, NIST CSF.

Worked with Network / Web Application Testing toolkits, USB hardware keyloggers, USBDeview, udev, wireshark, tcpreplay, kbackup, zenmap, nessus, burpsuite, Wigle, Fortinet, rkhunter, Metasploit, Armitage, YaST, Tripwire, Oracle Application Access Controls, NERC, PCI 2 and 3, OSSTMM, OpenID, OAuth, TOGAF, Zachman, SABSA, Websphere, RSA Archer eGRC, COBIT.

TD Bank, Toronto, Canada. Sr. Security Specialist, 08/2010 – 09/2011.

Participated in audit and legacy access system remediation after SOX / PCI audit. Resolved integrity and access control problems with server farm configuration. ETL tasks. Programmed on Perl, ksh, awk. Worked with CSV, XML, XSLT, COBIT, COSO.

Supported RSA enVision 4.0 SIEM implementation, analyzed configuration, data collection, SOX / PCI related issues, wrote and analyzed enVision Reports. Provided SIEM RSA enVision results to key stakeholders.

Facilitated eDiscovery. Worked on Suspicious Activity Reports, RBAC, File Integrity.

Repaired OS Hardening, server, storage, private cloud security, security policies / procedures, CyberArk (Privileged Account Security).

Used AIX, HP-UX, Solaris, Windows XP, Vmware, OpenSuSe, Redhat, Remedy.

Avetti.com, Toronto, Canada. Security Consultant / Team Lead, 01/2010- 02/2010.

Restructured ITIL and Company Security systems to accommodate Good Practice standards.

Managed distributed (overseas) sysadmin team.

Worked with AWS, AMI, Elasticfox.

Conducted E-Commerce risk assessment.

Configured iptables.

Analyzed PCI requirements. Reviewed PCI code / infrastructure (OWASP code review project, ReviewClipse plugin project), performed OWASP web application audit.

Massachusetts data protection regulation project.

Analyzed commercial (Imperva) and opensource tools for WAF project. Installed / configured ModSecurity (with Breach rule set) as a part of PCI Compliance Project.

Built Security awareness program and presented it on team meetings.

Worked with SaaS, PaaS, OpenSuSe, CentOS, RedHat, Vmware, Citrix, Xen, Puppet, Chef, MongoDB, java, java swing, jython, git, Eclipse, Hudson, Selenium, perl, shell. Used TOGAF for EPF (Eclipse Process Framework), GoToMeeting.

Dark Matter Development, Toronto, Security Consultant / Architect, 07/2009-12/2009.

Mitigated insider threat.

Facilitated company wide ssh access system reconfiguration.

Redesigned Security / System Architecture, Video Management Solutions.

Wrote security policy.

Performed audit and forensic analysis, OWASP Threat Risk and Vulnerability Assessments. Searched for covert channels.

Analyzed botnet attacks.

Scanned for vulnerabilities by nmap 5, nessus 4 and webinspect, performed OWASP web application audit.

Used Windows Vista / 2008, ScreenOS 5.4 (Juniper), Mac OS X 10.6, iOS, OpenSuSe 11.1 / 11.2, FreeeBSD 7.2, Fedora, Simultaneous Dual-N Band Wireless Router, IP KVM, Brocade, Startech, Foundry Load Balancer, MySQL, Apache, Hadoop Distributed File System (HDFS), Pig, Hive, mediawiki, openldap, Open DS, OpenSSO, postfix, Cyrus imap, OWASP, THC-Hydra, burp suite professional v1.3, autopsy, munin, svn, yafic, dovecot, Time Machine, Xsan, AFP, skype.

Performed PCI compliance analysis, infrastructure / DB / private cloud / code review.

Created anti-spam project. Suggested IronPort+RSA as an anti-spam and DLP decision.

ACL project for FreeBSD and MacOS.

N-Dimension Solutions Inc. (SCADA Security Integration, MSSP), Richmond Hill, Canada. Sr. Security Developer / Architect / Project Manager, 07/2007-2/2009.

Had primary responsibility for projects management.

Led the design, testing, planning, and implementation of complex projects.

Led the development and implementation of a broad, coordinated set of plans and programs to meet the goals and priorities of the company.

Made the definition of project missions, goals, tasks, and resource requirements; assisted in the resolution of conflicts between projects or functional areas; developed methods to monitor project or area progress; and provided corrective supervision if necessary. GO-ITS 24,25.

Participated in outside professional activities to maintain knowledge on developments in the field.

Continuously improved project management toolkits and methodologies.

Was responsible for project staff. Participated in interviewing and hiring process.

Used tools: PaaS, Fedora c7, Gentoo r6, openSuSe 11, RedHat, Xen, Win2K/XP/Vista/2008, Redmine, System Center Configuration Manager (SCCM), lighttpd, Solaris 10, iptables, MySQL, SCADA, AGA-12, Modbus, DNP3, Perl, sh, bash, PHP, seagull, java, java swing, spring, javascript, APM, flex (lex), bison (yacc), SSL certificates (using openssl), umbrello, gnupg, C, C++, Eclipse, Hudson, cvs acl, bugzilla, cvs web, syslog-ng, snortalog, Nagios, Android, Nessus, HP WebInspect, N-Stalker, nikto, Paros, OWASP, Pantera, OVAL, SCAP, OpenVAS, SLAD, tiger, nessus plugins development (nasl2), nmap, zenmap, snort (Sourcefire), oinkmaster, ITSA v3.5, Wireshark v0.99.6, Metasploit framework 3.1, ruby, python, Burp Suite 1.1, MoinMoin Wiki, Drupal, Web Content Accessibility Guidelines, lua, NetIQ, Google Mail / Calendar / Docs, Forensic Toolkit (FTK), etc.

Ruggedized (IEEE 1613 complaint) Platform Project. Used Schneider platform with flash memory drives.

Identity Management Project (AD, OpenSuSe LDAP, Fedora Directory Server, Sun (now Oracle) Identity and Access Manager, Novell Identity Manager, WS-Security, SASL). Gentoo and Fedora pam_ldap implementation.

Executed Version Transformation (parsing and lexical analysis).

Wrote Modbus gateway on Android platform.

Participated in cloud computing project.

Performed Ethical Hacking and Vulnerability Scanning Project (Harmonized – HTRA / OWASP Threat Risk and Vulnerability Assessments) including general purpose and web application vulnerabilities scanning, vulnerabilities analysis, hardening, SELinux. Produced NERC and PCI compliance reports using Nessus, N-Stalker, Webinspect and Burp Suite, performed OWASP web application audit. Participated in Risk Management.

Developed Snort SCADA signatures and Nessus vulnerability plugins.

Created Snort enhancement project: EMERALD, SnortSP, SnortSMS.

Contributed to snort reporting and syslog server projects based on complex message filtering, integrating, archiving and visualization made by syslog-ng, snortalog, perl. Facilitated eDiscovery.

Participated in NERC and other industry, Canadian and NIST standards for example ISO 27001/2, COBIT, OSSTMM, Domain Expert Working Groups (further NIST 7628), Compliance projects (OEB / NEB). Security Governance-Risk-Compliance (GRC).

Managed ARP Poisoning project. Wrote SOW, Project phases. Today such tool would be named Security Orchestration Automation and Response (SOAR).

Initiated Security Information Event Management Project (analyzed SRI’s suggestion of EMERALD connected to ArcSight and opensource Squil)

SCADA Audit project.

Assisted in staff development and mentor colleagues as needed.

Used TOGAF, SABSA and Zachman framework.

Participated in Hydro One, Smart Meter / ZigBee / GO-ITS 51, High Availability (HA), HDFS (Hadoop Distributed File System), SDLC Projects.

Used Bugzilla Problem / Change Management. Architected ICT Technical Support Management based on moinmoin wiki.

Security Monitoring.

Third Brigade and OSSEC (Open Source Host Intrusion Detection and Prevention Project – HIDS / IPS)

Supported and maintaned Network Infrastructure and Servers System Administration (Cisco, OpenSuse, Gentoo, Solaris, Fedora, RedHat, Windows NT/ 2003/ XP/ Vista/2008), Installation, System Configuration, Network and System tuning, hardening, scripting (sh, bash, tcsh, perl), NFS, SMTP, POP3, IMAP, HTTP, HTTPS, DNS, NTP, SNMP, etc.

Research In Motion, Waterloo, Canada. Incident / Security Analyst, 12/2005 - 06/2007

Hummingbird Exceed 7.0, Cygwin, Cygwin-X, KDE, Windows XP, Remedy 5.5, Solaris 8/9/10, AIX, Linux (RedHat, CentOS, LFS, Operator, Novell SuSe, Knoppix, BackTrack, Ubuntu), VMware – installation / configuration / support, Big Brother 1.9e, Mirapoint 4500N (MOS), Sunfire 1600(chassis), B100s (blades), NetApp FAS960 (SAN), Sunfire V210, HP Proliant DL360, IBM BladeCenter XTR14NCE, IBM Blades HS20, RAID management and clustering, Cisco, F5, IronPort AsyncOS 4.7, MS Exchange, PostgreSQL-7.3.4, OpenLDAP 2.1.29, BerkeleyDB 4.2.52p2, Apache 2.0.48, WebSphere, DataPower, Juniper Firewall, syslog-ng, mod_jk 1.2.5, Jakarta Tomcat 3.3.1a, jsdk-1.4, Oracle, Weblogic, Sybase, MS Visio, Axure PR, MS Excel, Evolution, Ethereal, Bluetooth, GPRS, EDGE, EPIC tools, Mars, SolarWinds, Sendmail, SnertSoft, milter, postfix, cloud technology (SAAS), BlackBerry Enterprise Server (BES) Mobile Device Management (MDM), server index query protocol for email reputation and identity project, data flow diagrams, umbrello, Confluence, SOA.

Service problems resolving. Facilitated eDiscovery. Made Root Case Analysis (RCA) using company wide (mode than 100000 nodes only in one of our world wide DCes networks) decentralized log services using centralized search. Represented team on CIRT and CM.

Scripting: bash, Perl, PostgreSQL.

SPF (Sender Policy Framework) project.

Security Tools Installation and Configuration: Entrust, chkroot, rkhunter, The Sleuth Kit, Autopsy, EnCase, Cheops, John The Ripper, Nikto, Paros, OWASP, WebScarab, IPTraf, Ettercap, EtherApe, Nessus, HP Fortify 360, Nmap, Kismet, gkismet, Watchfire AppScan, Cenzic Hailstorm, Aircrack-ng, SecureAware, bastard, IDA Pro, ModSecurity, Joomla, Symantec, OpenText, Cisco ACE XML, TippingPoint, WebGUI, SSO, GlobalPlatform SCP02, etc.

Analysed / Redesigned System / Network / Security Architecture.

Enterprise Content Management / Facility Management / Business Objects Assessment Projects.

Anti-Spam Project. Participated in DLP project.

Business Continuity Planning Project.

Security incident response plan.

Forensic Analysis Project. Malware Reverse engineering.

IT Audit. Vulnerability Assessment/Management/Penetration Testing.

Prepared SOW, Project phases, Process Groups for BB Datacenters, etc.

Hacker Technique Investigation (among other stuff learned: Cross Site Scripting, HTTP Response Splitting, Web Cache Poisoning, HTTP Request Smuggling).

Corporate Information Security / Privacy Policy development and enforcement (PIPEDA, FIPPA, PHIPA, HIPAA, CSA Privacy Code, ISO 17799 & 27001/2, CICA 5900, NIST, FISMA, COBIT, PCI regulation, SOX, OSSTMM, Canadian Investor Confidence Rules, Electronic Evidence Act Consultation Paper, OSFI, TOGAF, Zachman, etc.). Policies/Standards Project. EPIC alerts. Development of Mature Security Program.

PCI Infrastructure / DB / code review.

Information security consultative support to all lines of business.

Vendor products evaluation process.

Supported BB e-mail directory service.

Made next projects: Identity Management, Tripwire, Security Governance-Risk-Compliance (GRC), Security Awareness, Security Monitoring Project.

Development an internal information security committee.

WiFi WarDriving Project. Bluetooth Rifle Project. UMTS/EDGE/GPRS WarDriving Project.

Application scanning / firewalling Project including PCI requirements.

0-day Vulnerability Assessment Project. Disk Encryption Project.

PCI Compliance Project.

TRA project, used OCTAVE / OWASP / Microsoft / Harmonized Threat Risk Assessment (HTRA) methodologies.

Participated in Business Intelligence audit and development. Worked with Pega.

Participated in Forex Project.

Armor Technologies, Toronto. Sr System/Security Developer.10/2005 - 10/2005

Invision.Com (ISP: B2B and B2C), New York. Unix Group Manager, Project Manager, Information Security Officer. 6/2005 - 9/2005.

Interdiction Solutions Inc., Toronto. Consultant. 04/2005 - 05/2005

ABBI Ontario. Project Architect. 03/2005 - 03/2005

Cisco Systems Inc., Sun Microsystems, San Jose, USA. 01/2005 - 02/2005

Q1 Labs (now IBM), Fredericton, Canada. Security Consultant. 04/2004–11/2004

Helped Q1 Labs to add new security feature to their QRadar product (NBAD and SIEM) - IPS.

Made resolvers for their Intrusion Prevention System. Wrote prototypes of TCP Reset, ARP Poisoning, Cisco Switch / PIX Resolvers. Department of Homeland Security liked the product. Today such tool would be named Security Orchestration Automation and Response (SOAR).

Made ITIL project (Remedy ARS, ITSM). Used Knowledge - Artificial Intelligence (AI) technology designed by UNB.

SecuryVision / ADT, Fredericton. Security Consultant. 05/2004 – 06/2004

Worcsnet Inc., Toronto. IAB Studio, Installation/Testing Project. 03/2004 - 03/2004

EZD Consulting Inc., Consultant. 02/2004 – 03/2004

Sinsational Intertaiment Inc. (on-line casino, gaming, sport betting) Antigua. Technical Operations Manager, Project Manager, CISO. 10/2003 - 12/2003

McGill University, Montreal, Canada. IT Security Analyst. 05/2003-09/2003

Participated in Threat Risk and Vulnerability Assessments (TRA / VA).

Worked on Sarbanes-Oxley compliance project.

Used COSO and COBIT methodologies, ISO17799.

ABBI Ontario, Toronto. Security Consultant. 01/2001-03/2003

Circadence Corp., Toronto. Security Specialist, CISO. 4/2000-8/2001

Manulife Financial. Toronto. Canada. Senior Technical Specialist 3/98-4/2000

Open Source Development

Participated in Consultation on Data Breach Regulations under the Personal Information Protection and Electronic Documents Act for Canadian Government 2016

Participated in IEEE 802.15 WPAN™ Task Group 6 Body Area Networks (BAN). 2008-2009

Published Work

Using Artificial Intelligence Methods for Fishing Forecasting. 1990.

Multi-source Biometry for Permanent Authentication. 2005.

EDUCATION

Moscow Institute of Electronic Techniques. MS Diploma evaluated by York University

PROFESSIONAL TRAINING

March 2023, DND/CAF Architecture Framework (DNDAF) & Enterprise Architecture Toolset (QualiWare), DND & QualiWare, Canada.

January 2023, Smart Management and Architecture Course, Qualiware

LinkedIn Trainings (2018-2023): https://www.linkedin.com/in/boris-levit-025a88/details/certifications/

January 2022, Microsoft Canadian AICP – SC-900T00 (1.0)

August 2020, Incident Management: Preparation and Response Course, ISC2

December 2018, DevSecOps: Integrating Security into DevOps, ISC2

December 2018, How to adapt the SDLC for DevSecOps, ISC2

August 2017, DXC, Core Security, Damballa – Network Insight Technical Product Training, Canada.

April 2017, DXC, Tanium – VB, PowerShell and Containment Training, Canada.

November 2016, HPE, Tanium Incident Response Course, Canada.

January 2016, HPE, ArcSight SmartConnector Foundations and ToolKit, Canada.

January 2016, HPE, ArcSight ESM Administrator 6 CORR Engine (AEIA) (No Oracle DB). Toronto, Canada.

September – October 2015, HPE, ISO27001 Training and Awareness. Toronto, Canada.

September 2015, Company Security Officer Training, Outreach Division of Industrial Security Sector of Public Works and Government Services Canada. Toronto, Canada.

July 2015, ArcSight Logger Administration & Operations, ArcSight Console, HP, Canada.

December 2010, O’Reilly, Developing Android Applications with Java. P. 1 and 2

February-March 2008 Management 414 SANS Training Program for the CISSP Certification Exam, Toronto, Canada.

July 2006 IBM CISSP CBK Seminar, Toronto, Canada.

July 2006 Sun Fire X4500 / X4600 servers and Blade 8000 Modular System Seminar, Waterloo, Canada.

March 2006 Business Continuity, Waterloo, Canada.

March 2006 IBM Bladecenter Workshop (XTR14NCE), IBM Education and Training, Canada.

February 2006 Mirapoint E-mail Server, Mirapoint, Waterloo, Canada.

January 2006 Exploring GPRS and EDGE, Award Solutions, Waterloo, Canada.

December 2005 Blackberry Relay / BWC / BIS-X, RIM, Waterloo, Canada.

June 2004 Qradar, Q1 Labs, Fredericton, Canada.

May – June 2002 Business Training, JVS, Toronto, Canada.

June 2000 12th Annual FIRST Conference on Computer Security Incident Handling, Chicago.

February 2000 Sun Systems Fault Analysis Workshop (ST-350), Sun Educational Services, Toronto, Canada.

January 2000 Administering Security for Solaris (SC-300), Sun Educational Services, Toronto.

August 99 Enterprise Java Beans Implementation (Visual Age + WebSphere Environment) IBM Team, Toronto, Canada.

March 99 Solaris System Performance Management (SA-400), Sun Educational Services, Toronto, Canada.

Jan. 99 Project Management. Manulife Financial, Toronto, Canada.

Nov. 98 WebSphere Workshop, IBM WebSphere Developing Team, Toronto, Canada.

Oct. 98 DB2 UDB EEE for UNIX Administration Workshop, IBM Education and Training, Toronto, Canada

Sept. 98 A Technical Introduction to MQSeries, IBM Education and Training, Toronto, Canada

Apr. 98 Gauntlet Administration, NAI, Toronto, Canada.

Contact this candidate