1901157_10203092677185150_901236417_n.jpg

Alexander (Portnoy) Raif

Outstanding experience in risk, security and privacy management Deep knowledge of security hardening and system configuration.High Familiarity with information security-related regulatory requirements and frameworks.In-depth hands-on experience in monitoring, detecting, reporting security weaknesses, and enforcing information security policies.Solid understanding of supported system architectures and evolving technology Strong communications and analytical skills Ability to evaluate threats, vulnerabilities.I have the ability to effectively interact with internal and external customers, managers, and staff in both. I am a person that is willing to go the extra mile with a strong work ethic; self-directed and resourceful.I  have excellent organizational skills and ability to manage workload with competing and shifting priorities.

[email protected]
(972) 54-660-8056
Israel

Experience

Present

Sr. Enterprise Security Solution Architect/Consultant | Amdocs Israel

Built and manage secure SDLC in R&D division including, threat analysis, secure architecture, secure development training, secure code analysis in CI (Continues Integration) & Agile environment.

Cyber Security focal point in R&D department for architectural reviews and blueprints initiatives.

Directly interact with internal and external clients, account managers and solution architects to identify, develop, and obtain complete information for addressing cyber security aspects, services including scope, statements, and level of effort for proposal/SOW development.

Providing Cyber Security authority service to different business units and their stakeholder, from initial “an idea” stage and till final stage of the project lifecycle taking into consideration business needs, special requirements, risk factors, policies, standards, state regulations all of which are coupled with applicable cyber mitigation controls in order to create the balanced solution between security and business.

Deliver security services including compliance to industry best practices, ISO and security framework evaluations, operational security assessments and security program creation.

amdocs.png

 2015 -  2016

Senior Cyber Security consultant and Architect | 2Bsecure LTD

Cyber & Security Architect, focused on helping Financial, Health, and Hi-tech organizations protect their valuable assets. 

Support the organization's IT managers, CISOs, CTOs, IT security teams and cyber protection experts.

Design, plan & implement complex cyber security and information security architecture

Review existing cyber security and information security architecture, identify gaps and establish practical mitigation plans.

Mentor our on-site security experts

2Bsecure@matrix.jpg

2014-2015

Senior Cyber Security consultant and Auditor | Deloitte Israel

External CISO function - Leading cyber security for customers.

Cyber security consulting for enterprise customers.

Performing comprehensive analysis of organizational cyber security programs - Assessing maturity and analyzing customer’s cyber security program while Identifying weak spots.

Creating full prioritized Taylor-made strategic roadmap designated to address gaps in customer's cyber security program while maximizing security ROI.

Assisting and guiding the implementation process.

Creating cyber security work plans.

Cyber risk management analysis.

Consulting and working closely with both senior managements and security and IT teams

Consulting from low level detailed technological level "Bits and Bytes", up to Security Strategy and policy and long-term security work plans.

Project management.

Client and account management.


download (1).png

2012-2014

Senior Information Systems Team Leader | ICL Group | Israel Chemicals LTD

Creating, leading and inspecting Information Security of the company operations around the globe

Creating work plans, policies and procedures in order to avoid and deal with gaps and breaches

Creating monitoring tools and mechanism in order to identify threats and breaches

Developing and execute long-term information security solutions; supporting Information

Security incidents; analyzing and evaluating threats

Working with management in order to define strategy and allocated budget

Auditing and monitoring security of IT systems, infrastructure, physical security of the operations

Providing risk assessments and recommendations to management

Deep interaction with IT teams to execute and implement the corporate Information Security

 policies, procedures, tools and solutions.

In charge of deploying Security tools on the operations’ systems

Establishing and deploying Computer Security Incident Response Capability guidelines

Reviewing & applying Common Criteria for IT security evaluation, including CSA Privacy Principles

Developing guidelines for Information Security plans

Preparing and delivering Security Awareness programs


2012-2014

Senior Information Security Advisor &Engineer, 2BSecure consulting company

Leading and coordinating the information security services the company provides to the clients.  

Acting as trusted partner with the client and working collaboratively to understand, anticipate and recommend risk mitigation while promoting overall information security protection for the company clients.

Ensuring the delivery of information security services to the client is in compliance with the contract and is in compliance with any applicable standards and regulatory requirements.

Understanding the client’s culture, security strategies, security goals, security objectives and security capabilities and cultivating trusted partner relationships with account and client; keeping consistent and open dialogue to uncover issues, challenges, risks

Reviewing service management reports to ensure tickets (i.e., incidents, problems, requests, changes), related to information security, are being acknowledged, worked and Service Level Agreements are being met; providing direction on ticket remediation and ensuring remediation is complete

Consultant to companies on Israeli information security regulatory compliance - PCI DSS,
ISO 27001 - related to IT management, risk management etc

Management of a complex project from planning to full implementation

Define requirements, map and analyze organizational processes, write specifications, schedules and mile stones

Research and investigate security-related issue; Troubleshooting and debugging network failures

Supporting Internal Audit on systems on hand, and handle corrective actions till closed

Testing & evaluating newly developed or acquired Systems


sdsddsd.PNG
Powered by CakeResumePowered by CakeResume
Powered by CakeResumePowered by CakeResume