Boris levit
Information Systems
Security Manager &
Architect. CISSP (CN 96686)
Resume
recent articles
contact

Resume:

MS with 24 years UNIX, 21 years Networking / Security, 16 years Microsoft experience.

Index

EMPLOYMENT HISTORY

TD Bank, Toronto, Canada.
Security Specialist, 08/2010 - current.

  • Legacy access system remediation after PCI audit.  Resolve integrity and access control problems with server farm configuration. Perl, ksh, awk programming.

Avetti.com (e-commerce company), Toronto, Canada.
Build/Deployment/SysAdmin Team Lead, CISO, 01/2010- 08/2010.

  • Restructured ITIL and Company Security systems to accommodate Good Practice standards.
  • Manage distributed (overseas) sysadmin team.
  • Worked with Amazon Cloud technology, AWS, AMI, Elasticfox and EC2 security.
  • Made E-Commerce risk assessment.
  • Made iptables reconfiguration.
  • Analysed PCI requirements.
  • Reviewes PCI code / infrastructure (OWASP code review project, ReviewClipse plugin project).
  • Did Massachusetts data protection regulation project.
  • Participated in Selenium, openCRX CRM projects.
  • WAF project. Analyzed commercial (Imperva) and opensource tools. Installed / configured ModSecurity (with Breach rule set) as a part of PCI Compliance Project.
  • Did Security awarness.
  • Worked with OpenSuSe, CentOS, RedHat, Vmware, java, java swing, perl, shell.

Dark Matter Development (media company), Toronto, Canada.
Security Consultant – Crisis Manager, CISO, 07/2009-12/2009.

  • Redesigned Security / System Architecture.
  • Wrote security policy.
  • Made audit and forensic analysis, Threat Risk and Vulnerability Assessments. Made cover channels search.
  • Analyzed botnet attacks.
  • Made vulnerability scan by nmap 5, nessus 4 and webinspect.
  • Made EPIC tools project.
  • Used Windows Vista / 2008, ScreenOS 5.4 (Juniper), Mac OS X 10.6, OpenSuSe 11.1 / 11.2, FreeeBSD 7.2,  Fedora, Simultaneous Dual-N Band Wireless Router, IP KVM Starttech, Foundry Load Balancer, MySQL, Apache, mediawiki, openldap, Open DS, postfix, Cyrus imap, OWASP, THC-Hydra, burp suite professional v1.3, autopsy, munin, svn, yafic, dovecot, Time Machine, Xsan, AFP, skype.
  • Made PCI compliance analyses, infrastructure / DB / code review.
  • Made anti-spam project. Suggested IronPort + RSA as an anti-spam and DLP decision.
  • Made ACL project for FreeBSD and MacOS.

N-Dimension Solutions Inc. (SCADA Security Integration, MSSP), Richmond Hill, Canada.
Sr. Security Developer / Architect / Project Manager, 07/2007-2/2009.
I was edge development leader and write down projects for utilities IT Security.

  • Primary responsible for projects management.
  • Leaded the design, testing, planning, and implementation of complex projects.
  • Leaded the development and implementation of a broad, coordinated set of plans and programs to meet the goals and priorities of the company.
  • Facilitated the definition of project missions, goals, tasks, and resource requirements; resolve or assist in the resolution of conflicts within and between projects or functional areas; develop methods to monitor project or area progress; and provide corrective supervision if necessary.
  • Participated in outside professional activities to maintain knowledge on developments in the field.
  • Continuously improved project management toolkits and methodologies.
  • Was responsible for project staff.
  • Participated in interviewing and hiring process.
  • Used tools: Fedora c7, Gentoo r6, openSuSe 11, RedHat, Win2K/XP/Vista/2008, Solaris 10, iptables, MySQL, SCADA, AGA-12, Modbus, DNP3, Perl, sh, bash, PHP, seagull, java, java swing, javascript, flex (lex), bison (yacc), SSL certificates (using openssl),  umbrello, gnupg, C, Eclipse, cvs acl, bugzilla, cvs web, syslog-ng, snortalog, Nagios, Android, Nessus, HP WebInspect, N-Stalker, nikto, Paros, OWASP, Pantera, OVAL,  OpenVAS, SLAD, tiger, nessus plugins development, nmap, zenmap, snort, oinkmaster, ITSA v3.5, Wireshark v0.99.6, Metasploit framework 3.1, ruby, python, Burp Suite 1.1, MoinMoin Wiki, lua, Google Mail / Calendar / Talk / Docs, etc.
  • Ruggedized (IEEE 1613 complaint) Platform Project. Used Schneider plarform with flash memory drives.
  • Made Identity Management  Project (AD, OpenSuSe LDAP, Fedora Directory Server, Sun Identity Manager, Novell Identity Manager,  WS-Security, SASL). Gentoo and Fedora pam_ldap implementation.
  • Made Version Transformation (parsing and lexical analysis) project.
  • Made Modbus gateway on Android platform project.
  • Participated in cloud computing project.
  • Made Ethical Hacking and Vulnerability Scanning Project (Threat Risk and Vulnerability Assessments) including general purpose and web application vulnerabilities scanning, vulnerabilities analysis, hardening, SELinux. Produced NERC and PCI compliance reports using Nessus, N-Stalker,  Webinspect and Burp Suite.
  • Did SCADA vulnerability plugins project.
  • Developed Snort SCADA signatures.
  • Created Snort enhancement project: EMERALD, SnortSP, SnortSMS.
  • Contributed to snort reporting and syslog server projects based on complex message filtering, integrating, archiving and visualization made by syslog-ng, snortalog, perl.
  • Participated in NERC (and other industry, Canadian and NIST standards) Compliance project (OEB / NEB).
  • Managed ARP Poisoning project. Wrote SOW, Project phases.
  • Initiated Security Event Management Project (and analysis of existing ones: ArcSight SIEM and ESM, Intellitactics, Qradar, enVision, Squil)
  • Made SCADA Audit project.
  • Assisted in staff development and mentor colleagues as needed.
  • Used TOGAF framework.
  • Participated in Hydro One Project.
  • Participated in Smart Meter / ZigBee Project.
  • Participated in High Availability (HA) Project.
  • Paticipated in implementation of a SDLC methodology.
  • Used Bugzilla Problem / Change Management. Architected ICT Technical Support Management based on moinmoin wiki.
  • Did Security Monitoring.
  • As a part of projects support I made Network Infrastructure and Servers System Administration (Cisco, OpenSuse, Gentoo, Solaris, Fedora, RedHat, Windows NT/ 2003/ XP/ Vista/2008), Installation, System Configuration, Network and System tuning, hardening, scripting (sh, bash, tcsh, perl), NFS, SMTP, POP3, IMAP, HTTP, HTTPS, DNS, NTP, SNMP, etc.

Research In Motion (Blackberry producer, ISP, MSSP), Waterloo, Canada.
BIS Incident Analyst, Security Analyst, Project Manager. 12/2005 - 06/2007

  • Technology: Hummingbird Exceed 7.0, Cygwin, Cygwin-X, KDE, Windows XP, Remedy 5.5, Solaris 8/9/10, Linux (RedHat, AIX, CentOS, LFS, Operator, Novell SuSe, Knoppix, BackTrack, Ubuntu), VMware – installation / configuration / support, Big Brother 1.9e, Mirapoint 4500N (MOS), Sunfire 1600(chassis), B100s (blades), NetApp FAS960 (SAN), Sunfire V210, HP Proliant DL360, IBM BladeCenter XTR14NCE, IBM Blades HS20, RAID management and clustering, Cisco, F5, IronPort AsyncOS 4.7, MS Exchange, PostgreSQL-7.3.4, OpenLDAP 2.1.29, BerkeleyDB 4.2.52p2, Apache 2.0.48, Juniper Firewall, syslog-ng, mod_jk 1.2.5, Jakarta Tomcat 3.3.1a, jsdk-1.4, Oracle, Weblogic, Sybase, SAP, MS Visio, Axure PR, MS Excel, Evolution, Ethereal, Bluetooth, GPRS, EDGE, EPIC tools, Mars, SolarWinds, Sendmail, SnertSoft, milter, postfix, cloud technology (SAAS), server index query protocol for email reputation and identity project, data flow diagrams, umbrello.
  • Service problem resolving.
  • Was a primary point of contact and advice.
  • Scripting: bash, Perl, PostgreSQL.
  • SPF (Sender Policy Framework) project.
  • Security Tools Installation and Configuration: chkroot, rkhunter, The Sleuth Kit, Autopsy, EnCase, Cheops, John The Ripper, Nikto, Paros, OWASP, WebScarab, IPTraf, Ettercap, EtherApe, Nessus,  Fortify 360,  Nmap, Kismet, gkismet, Watchfire AppScan, Cenzic Hailstorm, Aircrack-ng, SecureAware, bastard, IDA Pro,  ModSecurity, Joomla, Cisco ACE XML, WebGUI, SSO, etc.
  • Analysed / Redesigned System / Network / Security Architecture.
  • Resolved WiFi laptop modem “monitor mode” problem.
  • Enterprise Content Management Project. Facility Management. Business Objects Assessment Project.
  • Anti-Spam Project.
  • Business Continuity Planning Project.
  • Security incident response plan.
  • Forensic Analysis Project. Reverse engineering.
  • Participated in DLP project.
  • IT Audit. Vulnerability Assessment/Management/Penetration Testing project (Threat Risk and Vulnerability Assessments). Prepared SOW, Project phases, Process Groups. BB Datacenters, SAP, etc.
  • Hacker Technique Investigation (among other stuff learned: Cross Site Scripting, HTTP Response Splitting, Web Cache Poisoning, HTTP Request Smuggling).
  • Corporate Information Security / Privacy Policy development and enforcement (PIPEDA, CSA Privacy Code, ISO 17799, NIST, PCI regulation, SOX, Canadian Investor Confidence Rules, OSFI, TOGAF, etc.). Policies/Standards Project. EPIC alerts. Development of Mature Security Program.
  • Made PCI Infrastructure / DB / code review.
  • Information security consultative support to all lines of business.
  • Vendor products evaluation process.
  • Supported BB e-mail directory service.
  • Identity Management Project.
  • Tripwire Project.
  • Security Governance Project.
  • Security Awareness Project.
  • Security Monitoring Project.
  • Development an internal information security committee.
  • WiFi WarDriving Project.
  • Bluetooth Rifle Project.
  • UMTS/EDGE/GPRS WarDriving Project.
  • Application scanning / firewalling Project including PCI requirements..
  • 0-day Vulnerability Assessment Project.
  • Cryptography Project.
  • PCI Compliance Project.
  • TRA project, used OCTAVE / OWASP / Microsoft methodology.
  • Participated in Business Intelligence audit and development. Worked with Pega.
  • Participated in Forex Project.

ABBI Ontario. Manager. CSO. Senior System/Network/Security Consultant. Project Manager. Marketing. 1/2001-11/2005

Armor Technologies, Toronto.
Sr System/Security Developer.10/2005 - 10/2005
Knoppix 4.02, Armorware – EPIC financial broker tool (secure CD-bootable platform, secure connection, secure server), encfs, ruby, fxruby.

Invision.Com (ISP: B2B and B2C), New York.
Unix Group Manager, Project Manager, Information Security Officer. 6/2005 - 9/2005

  • Technology: RedHat ES v4, Fedora, FreeBSD 4.7, Novell Linux (Linux Kernel 2.6.5), Windows XP / 2003, Solaris 10, MacOS 10.3.9, Knoppix 3.9,  AS-400, VmWare  Workstation 5, ezmlm 0.53, Qmail, Postfix, InterMapper 4.3, Cisco PIX, BIND, Perl, PHP,  Ruby, CDB 0.75, mysql, osCommerce, x, cvs, make, dnscache, ssh, sudo, nmap, Nessus, Kerberos, Apache, Eclipse 3.1, ISO 9000, SAS 70, BrightStor, Amanda, mysql, sawmill, LogLogic, LSF, PTS, Quick Base, CRM, Active Directory.
  • Team Management: Team Recruiting and Development, Serving as the primary point of contact and advise, Technology Management (Infrastructure, Desktop / Laptop/ Lab), Service Management (Problem, Change, Service, Configuration Management; 24*7 hours on-call support), Oversight (Interviews, Measurement, Performance), IT Planning (Reports, Project Management, Quality Management).
  • Coordinated plan to meet SAS 70 compliance. 
  • Maintenance and planning IT Infrastructure (around 1000 computer).
  • Wrote InterMapper Problem Management database / advice system (Perl, cdb).
  • Resolved Qmail and depended / related software (cdb, supervise, ezmlm, etc.) installation / configuration problems. Installed patches. Made additional configurations, tuning, complex manual lists moving, troubleshooting, anti-spam decision (we moved from SpamAssassin to ProofPoint ) configuration, black lists problem resolving, etc. Did it more than 10 times.
  • Resolved computer upgrade problems.
  • Made multiplatform laptop run under VmWare – virtual lab.
  • Made installations, configurations, network management, system / network troubleshooting, test and install new releases, system upgrades, troubleshooting.
  • DNS support.
  • Made iptables configuration.
  • IT Audit.
  • Security Governance.
  • Used Avocent KVM over IP solution with DSView.
  • Made system / network components performance monitoring and capacity planning.
  • Day to day operations of client sites.
  • Bluetooth, IEEE 802.11i and RFID security research done for our client (Symbol) barcode reader.
  • Web site PHP programming.

Interdiction Solutions Inc., Toronto. Consultant. 04/2005 - 05/2005

  • Tivoli Access Manager design project. Zachman techniques.

ABBI Ontario. Project Architect. 02/2005 - 02/2005

  • Multiplatform Project. Novell Linux, Windows XP, VmWare, Solaris 10, Solaris Zones, Dtrace. System build, patching, Postfix.

Cisco Systems, Inc., Sun Microsystems, Fortuna, San Jose, USA. 01/2005 - 02/2005
Solaris 2.6/2.8, Java, Perl, C, appcert, Tibco, Solaris System/Application upgrade-migration project, reverse engineering, javap, JNI,  Inline C, perl XS, SWIG, CPAN. Made interviewing.

Q1 Labs, Fredericton, Canada. Security Consultant. 04/2004 – 11/2004

  • Helped Q1 Labs to add new security feature to their QRadar product (NBAD and SIEM). Make resolvers of their Intrusion Prevention System. Wrote prototypes of TCP Reset, ARP Poisoning, Cisco Switch Resolvers, Cisco PIX.
  • Made Vulnerability Assessment Project, TRA.
  • Made ITIL project (Remedy ARS, ITSM). Used Knowledge - Artificial Intelligence technology designed by UNB.
  • Security Information and Event Management Project.
  • Worked with:
    • Nessus 2.0.10, Nessus Transfer Protocol, NASL2, NessusWeb 1.0.1
    • BRO 0.8, snort.
    • VmWare 4.5, SuSe 9.0, Windows 2000/ XP / 2003, Fedora, RedHat
    • QRADAR 3.0 installation and configuration
    • C, gdb, C++
    • Perl 5.8.1
    • libpcap, Net::Pcap, Net::PcapUtils, Net::RawIP, libnet, libnids, NetPacket::Ethernet, NetPacket::ARP, NetPacket::IP, Net::Telnet, Net::Ping, Net::Ifconfig::Wrapper, Swing, CPAN.
    • iptables 1.2.8, Firewall-1
    • MIMIC, IOS 12.1 / 12.2 / 12.3, Catalyst 3550, Mars.
    • Eclipse 3.1, J2EE, Apache, mod_auth, servlets, JSP, Tomcat, Ant, Junit, JNI, Hibernate, Sun Java System Message Queue Platform Edition 3.5 SP1, java swing, jta 2.0 (Java Telnet/Ssh), Secure iNet Factory (by Jscape), cvs, Fast BugTrack, PostgreSQL, MySQL, SOAP, XML, SAML, hibernate, JavaScript.
    • Analyzed project components security.
    • Netflow, QoS, IPSEC, Managed Object Format, sendmail.

SecuryVision / ADT, Fredericton. 05/2004 – 06/2004
Wireless IP Video Monitoring Project. Satellite Internet connection Project, sendmail, web and other Internet services.

Worcsnet Inc., Toronto. IAB Studio, Installation/Testing Project. 03/2004 - 03/2004

  • j2dk 1.4.2
  • jboss 3.2.3
  • Oracle 10g.
EZD Consulting Inc., Consultant.
02/2004 – 03/20004.
Web Surfing project
  • PHP, C, gdb, Perl, MySQL, HTTP / Mail (sendmail) / Thread / DBI Perl modules, FreeBSD, RedHat.
  • IT Audit, TRA, reviewed current Security Architecture

Sinsational Intertaiment Inc. (on-line casino, gaming, sport betting) Antigua.
Technical Operations Manager, Project Manager, CISO.  10/2003 - 12/2003

  • Cisco PIX, NetScaler (Application Load Balancing), IIS, SQL Server, Game applications, FreeBSD SMTP, MS Exchange Server, MRTG, WMI scripting, batch, SFU, sendmail, mail clients, etc.
  • Planned VPN and VoIP architecture (Avaya) with access controls through RSA tokens (identity management), VoiceXML.
  • Designed Tivoli Access Manager for Websphere Application Server based portal; enabled granular authentication and authorization through integration with existing LDAP); Single-Sign-On policy; Microsoft security policy.
  • Reviewed Network / Application / Security Architecture. Made Threat Risk, Vulnerability and Privacy Impact Assessments (TRA / VA / PIA). Identified areas of improvement. Redesigned Security Architecture.
  • Ethical Hacking through encrypted (SSL) channel. Database Security: used SQL Server 2000 security tools (SQL Scan / Check / Critical Update Wizard), checked DB Authorization and Authentication Control. Investigated SQL Injections problem.
  • Managed IT division.
  • Planned Business Continuity (Disaster Recovery) , made Enterprise Resource Planning (ERP).
  • Remote management, patching, software distribution, job scheduling.

McGill University, Montreal, Canada.
IT Security Analyst. 05/2003-09/2003

  • Tripwire v.4 Project. Internal sale project. EPIC tools project.
  • Cisco Secure PIX Firewall (Cisco 7600). Planned McGill VLAN and VoIP architecture.
  • VmWare Project. Security, internal sale.
  • Knoppix project.
  • Made Forensic, collected evidences, made network scanning for vulnerable and infected (hacked) hosts.
  • Developed Perl program for Computer Statistic Reports.
  • Participated in Threat Risk and Vulnerability Assessments ( TRA / VA ),
  • Worked on Sarbanes-Oxley compliance project.
  • Used COSO and COBIT methodologies, ISO17799.
  • Worked on HIPAA, HL7 compliance projects with Medical faculty and Nursing school.
  • Mitigated effects of RPC DCOM based exploits, spyware.
  • Retina scanner project.
  • McGill Wireless Zone Project, wireless laptop connection, BlackBerry.
  • Participated in Anti-Spam Project, sendmail, mail clients.
  • Participated in McGill Anti-Virus Project.
  • Participated in Hitachi SAN Project.
  • Participated in RSA Security (Identity and Access Management Solutions) Project.
  • Solaris, Windows XP, Windows 2000, RedHat, HP-UX, AIX

ABBI Ontario, Toronto. Developer. 02/2003-03/2003
Blade System Developing Project.

ABBI Ontario. Developer. 01/2003
Perl CGI Project (blog). Done on RedHat.

Direct Leap Technologies, Developer. 11/2002-12/2002.
Axis  Embedded Linux Project. Managed outsourcing development.

Look Communication Wireless Services Sub-contract. 10/2002-11/2002

ABBI Ontario. Developer. 06/2002-09/2002
Web Robot, IDM, MIME Message Robot Project. Based on shell scripting, sendmail, metamail.

Seneca and CITC colleges. Course Developer. 02/2002 – 10/2002
Developed IT Security courses.

Ministry of Transport. Security Consultant. 12/2001 - 02/2003
Public Anti-terror Service Project. Strong Multi-source Biometric for Permanent Authentication Project.

IntrusionCheck.com. Security Analyst. 11/2001-11/2001
PGP e-Biz Server v 7.1 on hardened Windows 2000 platform

CIBC World Markets, IT Security Auditor. 10/2001 – 11/2001

  • Reviewed current Security Architecture.
  • Identified threats and areas of improvement.
  • By client wish only standard system tools were used (they especially asked don't use any "hacker" technique). Made system review, analyzed results and prepared recommendations. For example I checked DNS (bind), sendmail, NIS+, nsswitch, samba, eeprom, network parameters (ndd), and etc. configuration. Made Threat Risk Assessment according to GLBA 501(b).
  • Solaris, Clearcase.

Photon Dynamics. Security Consultant. 09/2001-10/2001

  • Mitigated the effects of the Nimda Virus and Prevented Further Infection. Made special Firewall-1 (Nokia platform) configuration to prevent further infection during browsing infected site.

CIBC, Security Analyst. 07/2001-07/2001

  • Penetration test/analysis. nmap, nessus, saint, tcpdump, snoop, dsniff, openssl, nc, shell scripting.

RT Capital. Security Analyst. 06/2001-06/2001.

  • Sunscreen to Firewall-1 migration + firewall hardening using yassp. Solaris.

IntrusionCheck.com. Security Analyst. 05/2001-05/2001

  • MTA (sendmail, postfix, qmail) update project. Made ipchains firewall, slapd (LDAP).

ABBI Ontario. Security Consultant 04/2001-06/2001.

  • Installed and configured McAfee personal firewall for different clients.
  • Performed different PC based UNIX's: Linux (Corel, RedHat, Slackware, Mandrake).
  • FreeBSD and Solaris, desktop/laptop installations and configurations

Odyssey, London, Ontario. Security Analyst 01/2001-03/2001.

  • Returned ISP under management control from former employee control. Solaris, FreeBSD

Circadence Corp., Toronto. Security Specialist, Project Manager. 4/2000-8/2001.

  • Provided security decisions for more than 750 computers located in extremely complex network environment. For example 700 computers were Internet Backbones and we had dynamic DNS resolution depended on user location and request type. Estimated QoS project value was $15 million.
  • Made security analysis (architecture / protocol / code review), data classification, architecture, design, developing and  testing for QoS subprojects (mainly Web applications). Worked with Kerberos. Used purify.
  • Created Application Firewall (Content Filtering) Project for Conductor QoS - ultimate client protection against malicious hacker's attacks. Initiator, designer and architect
    Performance tuning project. IP Measurement Protocol (IPMP). HP OpenView NNM.
    Performed SSL analysis for QoS. Investigated features of SSL protocol and possibility to use it in our services. Wrote report about using cryptography hardware. Found explanation why suggested previously SSL implementation would not work properly with a corporate firewalls and made working decision quickly and under pressure. Created special type of root and web certificates configured necessary tools and made test examples using Apache, mod_ssl,  OpenSSL. Implemented RSA BSAFE (PKI) software.  Worked with PKCS
  • Debugged and changed "black hat" tools. Developed penetration tools and "ethical exploits" using shell scripting, Perl, C, gdb and assembler. Did "ethical hacking" using nemesis, saint, nessus, tcpdump, ethereal, dig, whisker, nc (netcat), etc. against UNIX and Windows NT/2000 applications. Wrote Linux, Windows and HP-UX shellcodes. My automatic auditing tool (I invented web application 0-day vulnerability scanner) found in two week more bugs than whole QA division in half year and I even got best employee award. This tool was based on buffer overflow and malfunction requests used HTML, SSL, WebDAV and other protocols. Another penetration tests were based on vulnerability identification and exploitation - I crushed whole system sending only one manually crafted packet.
  • Performed hardening analysis and created hardening procedure for Gateway Conductor Product (Circadence QoS) based on HP-UX 11; nmap and saint cannot recognize OS type of my hardened site. Used tools like tripwire, ssh, tcp-wrapper.
  • Analysed some IDSes (RealSecure ISS , Dragon, etc.), designed and implemented Intrusion Detection System on UNIX and Windows NT platforms.
  • Performed Risk analysis and designed security for Gateway Conductor Project (Circadence QoS), made Threat Risk Assessment as far as Vulnerability Assessment.
  • Developed C/C++ license library. Used Harvest.
  • Created RedHat (with new kernels), Windows NT/2000 and Solaris 8 Intel Platform Edition desktop/laptop installations and configurations.
  • Wrote security policies. Did special ssh debugging for trusted HP-UX. Did hacker's techniques investigation. Did penetration tests. Created exploit's library. Did project design: wrote working plan proposals, concept papers, and functional specifications. Participated in network management project using HP Open View, IPSEC, SNMP
  • Made SAP and ABAP Evaluation Project.

Manulife Financial. Senior Technical Specialist/Internet based services, Security Officer, Project Manager, Sun/AIX Administrator. 3/98-4/2000.

  • Supported more than 40 middleware computers and provided Internet support for Manulife users (more than 10000) on UNIX and Windows platforms.
  • I was actively involved with Change Management Team, Problem Management Team (Manulife Computer Incident Response Team - CIRT) and IT Service Management (ITSM) of the company, supported Manulife ITIL design (based on Remedy Action Request System).
  • Responsible for a Firewall/CiscoSecure upgrade project, system/security analysis and isolated problem area, data classification, capacity planning, design, implementation (including hardware assembling and software installation/ configuration/ tuning). Summary value of the project was half million. Made several upgrades using DiskSuite (on first level) and Veritas Volume Manager (on next level) file systems, RAID management and clustering.
  • Made performance and security (hardening) tuning, took special Sun courses.
  • Made Threat Risk, Vulnerability and Privacy Impact Assessments ( TRA / VA / PIA ).
  • Installed and configured Axent Intrusion Detection System.
  • Ensured "5 nine's availability" of Manulife e-commerce (in a long chain: DNS – firewalls – load balancer – websites - Web Sphere Environment - AIX based DB2 - MQ Series – mainframe ETL - Applications - Remedy) including Support, Business Continuity and Disaster Recovery Planning.
  • Performed System analysis, Solaris 2.6/7/8 Sparc Platform Edition / AIX / Corel Linux / Windows NT/  Mac OS X and Solaris 8 Intel Platform Edition server/desktop/laptop installations and configurations.
  • I managed Manulife firewalls and remote network access  (CiscoAccess). Supported e-commerce projects. Resolved Internet mail problems (like mail avalanche problem, sendmail configuration problems, sendmail errors, virus, spam and relay problems, procmail configuration); OS system problems (like /var system overfull problem when visible files eat only 2% of partition space); firewall problems (like proxy creating, monitoring security); FIX Protocol; log monitoring, syslog server configuration; supported web applications, load dispatching, database and financial applications; supported both internal and external DNS (bind) and resolved name resolution problems; worked with external and internal users, did Internet Steady State Supported Manulife internal and external users (more than 10000) using Action Request System and by phone; supported CiscoSecure and access reports (made by shell, Perl, SQL and PL/SQL), Sybase, Oracle, resolved CiscoSecure problems; supported disaster recovery. Reviewed DB2 UDB Security. Did System Support for developing groups and business applications (Murex, custom Ingres based Equity Derivatives trade system, etc.). Made password management and systems logging. Made iPlanet Messaging Server and Gauntlet VPN implementations. Supported Sun and AIX and managed product life cycle. Took part in High Availability and Disaster Recovery project based on Sun SPARCCluster HA, HP cluster solution and in High Performance E-Commerce Computing based on HACMP, Oracle clustering. Made sure that e-commerce (including Java) used secure designs. Implemented RAID-1 and RAID-5 Sun solution for firewall upgrading project. Participated in Tivoli Integrated Enterprise Systems Management project (before we used Control-M), Tivoli Framework and Storage Management.  Developed related scripts. Supported CTI, IVR, VoIP. Worked with Lotus Notes and Rational Clearcase. Proposed SIEM and IPS.

Bay Networks (then Nortel), Tel-Aviv, Israel. UNIX System Administrator, CSO. 8/96-12/97.

  • Supported big (more than 80 computers) multiplatform net with different hardware and software, applications and network equipment, Internet protocols and services.
  • Designed and created big multiplatform net.
  • Made System analysis, SunOS/Solaris/AIX/HP-UX installations and configurations, supported cross-compiler build environment.
  • Made sale support.
  • Performed different kind of UNIX (Sun OS, Solaris, AIX, HP-UX, Linux, neoware, Mac OS X) and other OSes (Windows, WindRiver) different OS levels installations and configurations for checking Bay hardware (like probes, switch, routers) with all kinds of platforms, OS and Network Management Systems (HP OpenView, SNM, Optivity Analysis, TrafficMan 2, NetView). Supported disaster recovery (dump, Legato backup)  Made extensive shell programming, OS and net services troubleshooting, system support for Informix and developing groups. Implemented a platform independent storage system (Enterprise Storage Management Solutions). Supported Firewall-1 (Checkpoint) and Netscape project. Designed Identity Management. Developed Java/C/Shell/purify tools. Resolved Java and CORBA applications security issues. Supported EMC storage (SAN, NAS, Tape Library), Sun SPARCCluster HA and DiskSuite. Worked with PeopleSoft Human Resources Management. Supported sendmail and MS Exchange Server. Supported VxWorks development. Worked with SNMP and RMON.

Open University, Tel-Aviv, Israel.  UNIX System and Network Administrator. 8/94-7/96
Created WWW server and Home Page for Open University of Israel. Created the first version of the www.openu.ac.il. Performed System analysis, FreeBSD/Sun OS/Solaris/Linux and Windows NT installations, and configurations for university network services. Designed and created PPP based World WAN (more than 100 computers in USA, Israel and Europe) with improved security, integrated with Progress for Indigo Ltd., Israel. Pharmaceutical project done on Tru64 and IRIX. I was the UNIX (Sun/AIX)/Windows System and Network Administrator, WEB Developer, LAN and Internet Consultant. Developed Perl/TCL/C/shell system programs. Created and care of LANs with different computers and network equipment (Cisco). Supported sendmail, procmail, NFS, Secure NFS, samba, tcp-wrapper, logwatch, sudo, ssh, tripwire, TIS firewall toolkit, DiskSuite, Tape Library, gcc, make, etc. Worked with VB. Installed Kerberos host / clients. Made Data Classification.  Vulnerability scaning using satan. Did system support for several subcontractors. Worked with Sun, Windows NT / Word / Excel / Access / Powerpoint, AIX, Novell, Mac OS X. Made presales support.

Adanet Systems Ltd., Glil-Yam. UNIX (SCO/AIX) System / Network Administrator and  Application Programmer, Project Manager. 11/93-6/94
Ported, Developed and Built System of 1,350,000 lines of SuperNet (network management system) source for Adanet System Ltd., Israel. Project based on SCO UNIX and embedded Unix Real Time LynxOS. Used C, PVCS and make. Performed System analysis, SCO Unix, AIX, LynxOS installations and configurations. Developed OS level Inter-Process Communications including Socket Programming. Did release engineering, made cross-compiler build environment. Made sale support. Supported SCO, Windows, AIX, Novell, AS/400.

Orbotech, Nes-Ziona. System Software Engineer. 8/92-10/93.
Participated in porting several million lines (printed circuit board CAD/CAM) of from DOMAIN (HP-400) to HP-UX (HP-700), Sun SPARC and AS/400 in distributed UNIX environment for data based graphic application (PBC CAD/CAM) for Orbotech Ltd., Israel. Developed C/C++/shell/make programs. Did debugging (DDE) and porting. Made system design and support. Developed Inter-Process Communications and application subroutines.

DCL, Herzlia. Software Engineer. 5/92-6/92

  • INTERACTIVE UNIX, Irix, C, X Window, Molecular modeling (for biochemistry industry and universities)

Sevrybpoisk. Murmansk, USSR. Chief Programmer, Project Manager, System Administrator, System Programmer, Data Base Administrator. 1984-1991.
Created, taught, managed first UNIX group (20 programmers) in North USSR region. Designed licensing technology based on floppy that cannot be copied. Created SCO XENIX based anti-virus tool. Made Ingres - AutoCAD based navigation system for trawlers. Developed system to process data of ocean monitoring from airplane on RT-11 (RTOS). Developed science ship devices control application on RT-11. Designed and developed user interface for linear modeling packet in business application. Designed LISP based forecasting expert system (A.I.) Made and supported LAN. Made System analysis, SCO XENIX, Ultrix, RT-11 and VMS installations and configurations. Designed Disaster Recovery and Identity Management. Developed integrated management system for utility company. Developed Pl/1 programs and made system support for IBM-370. Worked with C, make and UNIX on IBM PC/AT 386/286 and VAX, Assembler, FORTRAN and PL/1 on RT-11 and mainframe (+JCL). SCO, Ultrix, PL/1, C, VB, Prolog, Ingres, LISP, AutoCAD, Auto lisp.

Arctic Marine Gas Oil Discovery Expedition, “Arcticmorneftegasrazvedka” (AMNGR). Murmansk, USSR. Dynamic Positioning Officer / Ship DP Manager. 1983.

  • Made dynamic positioning system maintenance / analysis on drilling ships ( "Viktor Muravlenko" and "Valentin Shashin") and diving support vessel "Sprut".

Marine Arctic Geological Expedition. Mumansk.
USSR. Programmer, System Administrator / Architect. 1981-1983.

  • IBM/360, OS/360-MVT, Assembler, PL/1. Reflection marine seismology application, computer support for seismic and geological-geophysical services for exploration of the shelf and the World Ocean mineral resources. Worked on Russian Arctic Shelf Resources Program.

Istok. Friazino, Moscow Region, USSR. Application Programmer. 1978-1981.
Created a GaAs device model. Fortran.

 

Open Source Development
Participate in Open Medical Body Area Network Infrastructure Development Future Health Care Direction.

Published Work
Using Artificial Intelligence Methods for Fishing Forecasting. 1990.
Multi-source Biometry for Permanent Authentication. To be published.

EDUCATION

1978 MOSCOW INSTITUTE of ELECTRONIC TECHNIQUES.  USSR.
Evaluated by York University.
Degree: MS in Computer Science. 
Thesis: "Software and hardware for CMDS Chips in Programmable Scientific Calculator" (ASIC).
Developed teaching routines, using artificial intelligence (frame technique) on PL/1.

PROFESSIONAL TRAINING

  • February-March 2008 Management 414 SANS Training Program for the CISSP Certification Exam, Toronto, Canada.
  • July 2006 IBM CISSP CBK Seminar, Toronto, Canada.
  • July 2006 Sun Fire X4500 / X4600 servers and Blade 8000 Modular System Seminar, Waterloo, Canada.
  • March 2006 Business Continuity, Waterloo, Canada.
  • March 2006 IBM Bladecenter Workshop (XTR14NCE), IBM Education and Training, Toronto, Canada.
  • February 2006 Mirapoint E-mail Server, Mirapoint, Waterloo, Canada.
  • January 2006 Exploring GPRS and EDGE, Award Solutions, Waterloo, Canada.
  • December 2005 Blackberry Relay / BWC / BIS-X, RIM, Waterloo, Canada.
  • June 2004 Qradar, Q1 Labs, Fredericton, Canada.
  • May – June 2002 Business Training, JVS, Toronto, Canada.
  • June 2000 12th Annual FIRST Conference on Computer Security Incident Handling, Chicago, USA.
  • February 2000 Sun Systems Fault Analysis Workshop (ST-350), Sun Educational Services, Toronto, Canada.
  • January 2000 Administering Security for Solaris (SC-300), Sun Educational Services, Toronto, Canada.
  • August 99 Enterprise Java Beans Implementation (Visual Age + Web Sphere Environment) IBM Team, Toronto, Canada.
  • March 99 Solaris System Performance Management (SA-400), Sun Educational Services, Toronto, Canada.
  • 99 Project Management. Manulife Financial, Toronto, Canada.
  • Nov.98 Web Sphere Workshop, IBM Web Sphere Developing Team, Toronto, Canada.
  • Oct.98 DB2 UDB EEE for UNIX Administration Workshop, IBM Education and Training, Toronto, Canada
  • Sept.98 A Technical Introduction to MQSeries, IBM Education and Training, Toronto, Canada
  • Apr.98 Gauntlet Administration, NAI, Toronto, Canada.
  • Dec.96 JAVA Programming, InterBit, Authorized Sun Service Training Center, Tel-Aviv, Israel.
  • Oct.94 UNIX Network Management TCP/IP. "Hi-Tek", Digital, Herzlia, Israel.
  • Dec.93 SUPERNET - Network System for IBM Mainframe, UNIX, DOS. "Harris Adacom Ltd.", Glil-Yam, Israel.
  • Nov.92 UNIX Networks. "Orbotech", Nes-Ziona, Israel.
  • Oct.87-Nov.87 Artificial Intelligence Course (FRL and LISP). Moscow Institute of Physics and Techniques, USSR.