Gennadiy

Контактна інформація

Шукач вказав телефон, ел. пошту, адресу та LinkedIn.

Отримати контакти цього кандидата можна на сторінці https://www.work.ua/resumes/6083672

Досвід роботи

Securiity Architect

з 09.1981 по нині (42 роки 8 місяців)
Canada Corp, Toronto, Canada (IT)

Gennadiy Krivdyuk, MS (CS), MS (CE), SAPS, PM
184-89Knyaziv Koreotovichiv, Vinnitsa, Ukraine. 2100
011380682776702, [відкрити контакти](див. вище в блоці «контактна інформація»)

Profile: Security Architect
I have a strong background in technology complemented with leadership positions in international projects. I served in leadership positions for projects with budgets ranging from $2 million to $1250 million. My experienced visioning, costing and executing projects from inception to launch and is able to provide a structured framework to analyze complex situations into simple strategic imperatives. I am an expert in both agile and traditional project management

Areas of Expertise
•Leadership and innovation
•Strategic thinking and attention to details
•IT implementations (150+ projects)
•Project management
•Business analysis and process redesign
•Performance management and scorecards
•IT Architecture, Security Architecture
•Business Transformation

Selected companies where I did selected projects as IT Architect / IT Director
Tim Hortons, Burger King, Uni - Select, Sunoco, Saudi Electricity Company, Tampa Electric Company, SaskPower, Applied Materials, NBC Universal, Municipality of Anchorage, Saudi Aramco, General Motors, ConAgra Foods, Becton, Dickinson and Company (BD), Graphic Packaging, ConocoPhillips, Colgate, Deloitte US, Allegheny Energy, Inc., NASA, Whirlpool, Eastman, Adobe, CMC, BNSF, Chevron-Phillips, Department of Personal State of Washington, FEMSA (Coca Cola Mexico and Latin America's), JoAnne, CMC, Convergys Corp, State of Florida, Fifth Third Bank, AT&T, Whirlpool, DuPont, Johnson & Johnson, Pfizer, Solectron Corporation, Guidant, Lucent, Medtronic, Bridgestone Tires, PWC, CAMECO, KGH, British Columbia Government, IBM, SAP Mexico, SAP America and SAP AG internal projects, modules and author of Security Course P_ADM_SEC_70 for professional (United all previous SAP Security courses ), SAP America and SAP AG Authorization Concept Lead for SAP Resource Management @ Field Services new module, IBM (Blue Harmony Project) Global HR for IBM (174+ countries), Visa International and Bank of America ( Migration Project over 200 countries), Oracle, City of Kingston, Canada Customs and Revenue Agency, Alternative Resources Corporation, National Grocery - Loblaws Company Limited, eCommQuest, Al Bilad Arabia Co. Ltd, Gwinnett County Government, State of Georgia, ASK Staffing, Ajace, CSI Group, Bombardier Aerospace Group, Municipality of Anchorage, MODIS

Selected Methodologies, Architecture and Design Tools
ASAP, User - Centered Design (UCD), Centralized and De-Centralize Business Model, 3 Tier Approach Model, Position Based Model, Tasks Oriented Model, RBAC Model, Job Related Model, Agile, Waterfall, Drop Down, TOGAF, ECM/BPM, Zachman Framework, SAP Activate methodology, Integration Architecture Framework, Reference

Security Architect

з 06.1981 по нині (42 роки 11 місяців)
Federal Corporation Canada Corp, Toronto (IT)

TECHNICAL SUMMARY
All levels of encryption are created equal and using a data encryption method that is PIPS-certified (Federal Information Processing Standard), which means it has been certified for compliance with federal government security protocols.
Cryptography: Algorithms ranging from symmetric, a-symmetric, hashes, and random number generators,
All aspects of the Key life-cycle including storage. Hardware Security Modules or Software based modules, and the FIPS 140-2 certification, including the Certificate life-cycle, Certificate Practice Statements and Certificate Policies, Pseudo-Random Number Generator,The "next-bit test" in that given the first k bits, there is no polynomial-time algorithm that can predict the (k +1)th bit with probability of success higher than 50%.Symmetric Key Encryption (Private-Key)
Specific stream ciphers include: One-Time Pad, Feedback Shift Register (LFSR), Linear Congruential, and RC4. RC4 is the most widely-used stream cipher and is used in Secure Socket Layer (SSL) and Wired Equivalent Privacy (WEP), Asymmetric Key Encryption, Diffie-Hellman Key Exchange, RSA Encryption, Elliptic Curve Cryptography
Transmission security ( TRANCES ) : The component of communications security that results from the application of measures designed to protect transmissions from interception and exploitation by means other than crypt-analysis and cryptography (frequency hopping and spread spectrum).
Network Security-related
Divided on two categories:
1.”Passive" when a network intruder intercepts data traveling through the network, and 2.”Active" in which an intruder initiates commands to disrupt the network's normal operation or to conduct reconnaissance and lateral movement to find and gain access to assets available via the network Passive: Wiretapping, Port scanner, Idle scan. Active:Denial-of-service attack, DNS spoofing, Man in the middle, ARP poisoning, VLAN hopping, Smurf attack, Buffer overflow, Heap overflow, Format string attack, SQL injection, Phishing, Cross-site scripting, CSRF, Cyber-attack, PKI Database Security-related: Access control, Auditing, Authentication, Encryption, Integrity controls, Backups, Application security, Database Security applying Statistical Methodologies Disaster Recovery, Backup, Business Continuity, Developed a set of policies and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster.
Physical security: The component of communications security that results from all physical measures necessary to safeguard classified equipment, material, and documents from access thereto or observation thereof by unauthorized persons
Standards: Familiar with ISO 27002, COBIT, NIST Framework, Guidelines, and the SANS Consensus Audit Guidelines Six Sigma, CMM, ITIL, Application Security Assessment: Penetration Testing and

Освіта

CDI College of Technology

IT, KIngston
Вища, з 1997 по 1999 (2 роки)

Master of Science Degree in Computer Science and Electronic Engineering, Vinnitsa State Technical University, Vinnitsa, Ukraine, USSR
Central Processor Internal Operations Certificate (Assembler), Union Computer Complex, Kazan, USSR
Programmer Analyst Diploma, CDI College, Kingston, ON
Security and Authorization Concepts Certificate, SAP, Montreal, QC

Vininnitsa National Technical University

IT, Computers, Vinnytsia
Вища, з 1976 по 1981 (5 років)

Master of Science Degree in Computer Science and Electronic Engineering, Vinnitsa State Technical University, Vinnitsa, Ukraine, USSR
Central Processor Internal Operations Certificate, Union Computer Complex, Kazan, USSR
Programmer Analyst Diploma, CDI College, Kingston, ON
SAP- Security and Authorization Concepts Certificate, SAP, Montreal, QC

Додаткова освіта та сертифікати

SAP SECURITY

2001

Знання і навички

Знання мов

• Англійська — вільно
• Російська — вільно

Додаткова інформація

EMPLOYMENT HISTORY
Federal Corporation- 8851484 CANADA CORP., Toronto, ON Canada
April 2014- October 2017
Principal Security Architect
Designated Road map to HANA S/4, HANA Platform Cloud, SaaS, PaaS, Iaas, mCaaS
Authored company wide-methodology for implementing
Manage complex information technology centered projects Implement technical security architecture from authorization, authentication, network and application perspectives
Worked as Enterprise Architect to deliver solutions that meet the business strategy and requirements , establish technology standards
•Expert knowledge maintaining security for email messaging systems and relays, with a focus on Microsoft Exchange-based messaging and related tools.
•Expert knowledge of security incident management and response, including use of SIEM tools such as Exabeam, Splunk, SolarWinds, and similar
•Expert knowledge of Information Security principles, forensics, and incident response.
•Expert knowledge of NIST Cyber Security Framework, PCI, SOC, ISO/IEC and similar security
standards, and practical application of those standards to solution's.
•Experience with network access control implementation and management
Produced user security policies covering acceptable & secure use of the organisation’s systems. Establish a staff training program. Maintained user awareness of the Cyber risks
Incident Management Establish an incident response & disaster recovery capability. Produce & test incident management plans.
Provide specialist training to the incident management team.
Managing User Privileges - Establish account management processes & limit the number of privileged accounts. Limit user privileges & monitor user activity. Control access to activity & audit logs
Big Data, corporate intranets, e-mail, e-commerce, business-to-business (B2B), ERP (Enterprise Resource Planning), Customer Relationship Management (CRM), data warehousing, CAD/CAM, rich media streaming, voice/video/data convergence, and many other real time applications, the demands on the enterprise storage capacity has grown by leaps and bounds
Prevention, Prophylactics, Remediation Contents:
Indiscriminate attacks, Destructive attacks, Cyberwarfare, Government espionage,Corporate espionage, Stolen e-mail addresses and login credentials, Stolen credit card and financial data, Stolen medical-related data, Hacktivism.
Created integrated platform for performing security testing of web applicationsOS command injection, SQL injection, SQL injection (second order), ASP.NET tracing enabled, File path traversal, XML external entity injection, LDAP injection, XPath injection, XML injection, ASP.NET debugging enabled, HTTP PUT method is enabled, Out-of-band resource load (HTTP), File path manipulation, PHP code injection, Server-side JavaScript code injection, Perl code injection, Ruby code injection, Python code injection,Expression Language injection, Unidentified code injection, Server-side template injection, SSI injection Cross-site scripting (stored), HTTP response header injection, Cross-site scripting (reflected), Client-side template injection, Cross-site scripting (DOM-based), Cross-site scripting (reflected DOM-based)
Cross-site scripting (stored DOM-based), JavaScript injection (DOM-based), JavaScript injection (reflected DOM-based), JavaScript injection (stored DOM-based), Path-relative style sheet import, Client-side SQL injection (DOM-based), Client-side SQL injection (reflected DOM-based), Client-side SQL injection (stored DOM-based), WebSocket hijacking (DOM-based), WebSocket hijacking (reflected DOM-based)WebSocket hijacking (stored DOM-based), Local file path manipulation (DOM-based), Local file path manipulation (reflected DOM-based), Local file path manipulation (stored DOM-based)
Client-side XPath injection (DOM-based), Client-side XPath injection (reflected DOM-based), Client-side XPath injection (stored DOM-based), Client-side JSON injection (DOM-based), Client-side JSON injection (reflected DOM-based), Client-side JSON injection (stored DOM-based).
Flash cross-domain policy, Silverlight cross-domain policy, Cross-origin resource sharing, Cross-origin resource sharing: arbitrary origin trusted, Cross-origin resource sharing: unencrypted origin trusted, Cross-origin resource sharing: all subdomains trusted. Cross-site request forgery, SMTP header injection, Cleartext submission of password, External service interaction (DNS)
External service interaction (HTTP), External service interaction (SMTP), Referer-dependent response
Spoofable client IP address, User agent-dependent response, Password returned in later response
Password submitted using GET method, Password returned in URL query string, SQL statement in request parameter, Cross-domain POST, ASP.NET ViewState without MAC enabled, XML entity expansion
Long redirection response, Serialized object in HTTP message,