Post Job Free
Sign in

Security Operations Application

Location:
Richmond Hill, ON, Canada
Posted:
October 27, 2024

Contact this candidate

Resume:

Jacky Xia

Richmond Hill, ON Phone: 905-***-**** Cell: 416-***-**** Email: *********@*****.***

Professional Summary

Seasoned cybersecurity leader with over 20 years of experience in architecting, implementing, and managing robust security frameworks across diverse industries. Expertise in security operations, application security, cloud security, blockchain security, risk assessment, and regulatory compliance. Recognized for leveraging AI technologies to enhance security measures, streamline operations, and stay ahead of evolving threats. Proven ability to execute security strategies that align with organizational objectives, balancing risk mitigation with business enablement.

Core Competencies:

●Security Operations Management: Managed Security Operations Centers (SOCs), coordinated incident response teams, and optimized security monitoring systems.

●Application & Cloud Security: Expertise in SDLC, DevSecOps, vulnerability management, and security controls in multi-cloud and hybrid environments.

●Blockchain Security: 5 years of experience in smart contract auditing, dApp security, and cryptographic protocol implementation.

●Risk Assessment & Management: Comprehensive experience conducting enterprise-wide risk assessments and applying holistic risk management programs.

●Regulatory Compliance: Proven track record of ensuring adherence to regulatory standards including GDPR, ISO 27001, and NIST frameworks.

●AI & Security Automation: Skilled in participating in AI and machine learning technologies to enhance threat detection, automate security processes, and predict vulnerabilities.

●Leadership & Team Management: Proved abilities to lead, mentor, and inspire security teams, fostering a culture of continuous improvement and innovation.

Technical Skills

●Security Tools: SIEM (Splunk, Wazuh), IDS/IPS (Snort, Suricata), Next-Gen Firewalls, DLP, EDR, IAM.

●Blockchain Technologies: Ethereum, Hyperledger Fabric, Solidity, Cryptographic Protocols.

●Cloud Platforms: AWS, Azure, Google Cloud Platform (GCP).

●Programming Languages: Python, Java, PowerShell, Bash, PHP, C/C++.

●AI & Machine Learning: TensorFlow, PyTorch, Scikit-learn, Transformers.

●Regulatory Compliance: GDPR, HIPAA, SOX, NIST, ISO 27001.

Professional Experience

Senior Security Manager

iArtemis Security Inc, Richmond Hill 03/2015-Present

●Led a team of 20 security professionals managing 30,000 servers and 300 million security events daily, achieving zero critical incidents over 4 years.

●Directed 24/7 operations of a global SOC, overseeing advanced threat detection and rapid incident response.

●R&D AI-driven solutions, reducing false positives by 37% and critical vulnerability remediation time by 79%.

●Developed and executed cloud security strategies, reducing cloud-related incidents by 52%.

●Conducted enterprise-wide risk assessments, achieving a 43% overall organizational risk exposure reduction.

●Ensured compliance with GDPR, ISO27001, and NIST standards, passing external audits with zero findings.

●Managed blockchain security projects, focusing on smart contract auditing and dApp security, resulting in zero security breaches.

●Enforced secure coding guidelines, reducing vulnerabilities by 73%.

●Collaborated with development teams to integrate security requirements, reducing client project delays by 68%.

●Conducted regular security assessments and penetration tests, remediating 94% of critical vulnerabilities before exploitation.

Security Consultant

Telus Security Solutions, Toronto 09/2005-03/2015

●Participated as a core security consultant, used packet analysis, reverse engine, protocol analysis and source code analysis skills to create the vulnerability research report which describes the mechanisms and properties of software vulnerabilities in depth.

●Developed intrusion detection signatures and remote vulnerability detection for these vulnerabilities in a timely fashion

●Experienced in the successful full-lifecycle execution of various secure software development projects aimed at improving the performance and capabilities of major IDS and IPS products from industry-leading customers

Senior Linux Software Engineer

Raidtec Inc. China office, China 03/2000- 09/2004

●Provided key technical leadership and proficiency in the full-lifecycle execution of Network Attached Storage (NAS) core embedded OS development, system architecture, and prototype design to the industry-leading customers

●Customized the Linux kernel with XFS, and JFS filesystem support and re-designed partition structure to support large file capability

●Coached junior members on internal processes and research

Education

Bachelor of Computer Software, Wuhan University, China

Certifications: CISSP Since 2010

Publications

"SSADLog: Whole Lifecycle Tuning Anomaly Detection with Small Sample Logs" Published in Research Square, 2024.



Contact this candidate