Richard Oketch
Mississauga, Ontario
Tel: 647-***-****
add73c@r.postjobfree.com
Direct Energy
Director, Incident Response 2017 – Present
Responsibilities:
Provide leadership for all aspects of the Direct Energy’s information security incident response function including security operations center capability, awareness and education of incident response processes for administrators, business and technical staff and high impact incident investigations.
Architecture and management of measurement and detection capability using network and service event data collection methods and tools normally associated with Security Events and Information Management (SIEM) services.
Investigation into and implementation of data integration and analysis methods such as correlation, statistics, and normalization with the goal of creating and maintaining a high quality data source for use in threat and indicator of compromise analysis.
Investigation into and implementation of current data analysis frameworks such as Spark, Storm, machine learning tools and user-entity behavioral analytics.
Design and lifecycle management of information security orchestration, automation and response (SOAR) capability.
Key role in the creation and operation of incident response awareness and education materials such as guidelines, table-top exercises and custom procedures.
Participate in all aspects of an organizational information security operations program including vulnerability management, identity and access management and security/privacy risk assessment.
Regular authoritative interaction with company legal counsel, privacy officials, high-risk and law enforcement staff and senior IT leadership teams.
Subject matter expert in the development and lifecycle of information security standards, controls, guidelines and procedures.
Bank of Montreal
Manager, IT Security Operations 2010 – 2016
Responsibilities:
Providing oversight to the delivery of BMO enterprise operational security services, including the collection of cyber threat intelligence, security vulnerability management, perpetual scanning (VA), logging and monitoring, Security Information and Event Management (SIEM), event correlation, operational metrics and reporting, cryptographic services, management of remote access and tokens, security audits and remediation, access control, and specialized security services.
Established effective relationships and processes with all IT and business areas of BMO and established clear roles and responsibilities for information security practices and controls.
Managed, lead and acted as an escalation point and mentor SOC engineers
Adhered to SOC policies, practices, and standards; contributing to continual improvement efforts along the way
Communicated with relevant BMO IT Security colleagues regarding SOC issues, as required
Oversaw a team of SOC Analysts responsible for the following activities:
Configured, managed, and upgraded a wide variety of security technologies, including but not limited to IPS, Firewall, and Web Filtering
Identified issues relating to managed devices by reviewing logs, traffic behavior, alerts, and other information sources available
Used strong networking and troubleshooting skills to identify and diagnose problems relating to devices within scope of the managed services
Responded to inbound requests via phone or other electronic means for technical assistance with managed services
Respond in a timely manner (within documented SLA) to incidents relating to the managed services
Documented actions in cases to effectively communicate information internally and to customers
Follow ISA processes and procedures to meet and exceed SLA requirements and quality standards
Collaborated with management peers on process improvement, documentation and definition for threat analysis, classification, and response
Resolved problems independently and understood escalation procedures
Fostered a culture of growth and development within the SOC team
Adhered to documented workflow / processes when dealing with IT clients for the purpose of providing SOC functions
Achieved an acceptable level of customer satisfaction as measured through client surveys
McMaster University Jan 2006 – Dec 2009
Manager, IT Security
Responsibilities:
Responsible for establishing and maintaining a University wide information security management program to ensure that the institution’s information assets were adequately protected
Oversaw the information security portfolio and developed a strategic IT Security roadmap utilizing people, process and technology to deliver security controls and governance necessary to protect the university’s information assets.
Developed a risk management framework consisting of threat risk assessments, risk mitigation including control selection and mitigation including incident response processes etc.
Developed security policies and standards applicable across all IT systems on campus and led implementation and management of security controls and safeguards, and information security education and communications.
Participated in the valuation of SAP and other applications the University wanted to implement.
Led the ITS Information Security team to collaborate with all University departments to monitor and manage the administration of all computer security systems and their corresponding or associated software, including firewalls, intrusion detection/prevention systems, cryptography systems, and anti-virus software.
Responsible for the day-to-day ITS Information Security operations including preventing, detecting, and responding to cyber threats, defining information security architecture, assessing information security and privacy risk, and identity and access management.
Led the ITS Information Security department’s operational planning, in collaboration with the Associate Director, Strategic Initiatives (ADSI) to achieve the University’s goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and management of current and future security technologies.
Led and mentored a team of IT professionals and worked collaboratively with other directors within the CIO Portfolio and with senior managers across the University community.
IBM Canada Ltd Jan 2000 - 2005
Senior Analyst, IT Security Threat Management
Responsibilities:
Correlated events and indicators through security event and incident instrumentation, to applicable threats for rapid identification, and collaborate with other IT operational units for mitigation, reconciliation and resolution;
Coordinated and collaborated with respective systems and information asset owners to ensure threats were flagged and appropriate mitigation plans were developed and executed.
Developed and maintained threat management processes and ensured they were melded with other security, risk management and operational processes.
Performed threat and vulnerability assessment of all IBM Canada IT systems and information assets, including the development of mitigation strategies;
Developed, tested and coordinated the implementation of threat management plans and provided advice and guidance to the IT senior management team regarding impact, threat severity level etc.
Monitored the current, emerging and future threat landscapes, developed the necessary intel for IBM Canada, and communicated information to relevant communities;
Developed and maintained documentation for the security systems, processes and procedures;
Researched, recommended, evaluated and implemented security solutions that identified and protected against emerging/future threats and to respond to security violations.
Identified residual risk, vulnerabilities and other security exposure based on corresponding current, emerging and/or future threats.
Provided consultation and/or assessed IT Projects for potential threats or exposures and collaborated with all areas of IT to ensure appropriate controls were implemented to address potential threats.
Developed, and reported on, performance metrics for threat management, breaches and vulnerability assessment;
Conducted investigation of incidents, as well as analyzed and reported findings based on actionable security threat intelligence;
Participated in the creation of threat intelligence procedures and documentation and provided leadership in fostering equity and inclusiveness in the development and implementation of programs and services.
Other Experience
Makerere University 1990-1999
Associate Professor, Computer Science
Education
Makerere University
M.Sc (Computer Science)
1987-1989
B.Sc (computer Science)
1995 – 1999
Certifications
CISA (Certified Information Systems Auditor) Cert#: 0862934
CISSP (Certified Information systems security professional) Cert#: 110584
CISM (Certified Information Security Manager) Cert #:0810381
PMP (Certified Project management professional) Cert #:1372546