Alexander (Portnoy) Raif
Outstanding experience in risk, security and privacy management Deep knowledge of security hardening and system configuration.High Familiarity with information security-related regulatory requirements and frameworks.In-depth hands-on experience in monitoring, detecting, reporting security weaknesses, and enforcing information security policies.Solid understanding of supported system architectures and evolving technology Strong communications and analytical skills Ability to evaluate threats, vulnerabilities.I have the ability to effectively interact with internal and external customers, managers, and staff in both. I am a person that is willing to go the extra mile with a strong work ethic; self-directed and resourceful.I have excellent organizational skills and ability to manage workload with competing and shifting priorities.
[email protected]
(972) 54-660-8056
Israel
Experience
Present
Sr. Enterprise Security Solution Architect/Consultant | Amdocs Israel
Built and manage secure SDLC in R&D division including, threat analysis, secure architecture, secure development training, secure code analysis in CI (Continues Integration) & Agile environment.
Cyber Security focal point in R&D department for architectural reviews and blueprints initiatives.
Directly interact with internal and external clients, account managers and solution architects to identify, develop, and obtain complete information for addressing cyber security aspects, services including scope, statements, and level of effort for proposal/SOW development.
Providing Cyber Security authority service to different business units and their stakeholder, from initial “an idea” stage and till final stage of the project lifecycle taking into consideration business needs, special requirements, risk factors, policies, standards, state regulations all of which are coupled with applicable cyber mitigation controls in order to create the balanced solution between security and business.
Deliver security services including compliance to industry best practices, ISO and security framework evaluations, operational security assessments and security program creation.
2015 - 2016
Senior Cyber Security consultant and Architect | 2Bsecure LTD
Cyber & Security Architect, focused on helping Financial, Health, and Hi-tech organizations protect their valuable assets.
Support the organization's IT managers, CISOs, CTOs, IT security teams and cyber protection experts.
Design, plan & implement complex cyber security and information security architecture
Review existing cyber security and information security architecture, identify gaps and establish practical mitigation plans.
Mentor our on-site security experts
2014-2015
Senior Cyber Security consultant and Auditor | Deloitte Israel
External CISO function - Leading cyber security for customers.
Cyber security consulting for enterprise customers.
Performing comprehensive analysis of organizational cyber security programs - Assessing maturity and analyzing customer’s cyber security program while Identifying weak spots.
Creating full prioritized Taylor-made strategic roadmap designated to address gaps in customer's cyber security program while maximizing security ROI.
Assisting and guiding the implementation process.
Creating cyber security work plans.
Cyber risk management analysis.
Consulting and working closely with both senior managements and security and IT teams
Consulting from low level detailed technological level "Bits and Bytes", up to Security Strategy and policy and long-term security work plans.
Project management.
Client and account management.
Senior Cyber Security consultant and Auditor | Deloitte Israel
External CISO function - Leading cyber security for customers.
Cyber security consulting for enterprise customers.
Performing comprehensive analysis of organizational cyber security programs - Assessing maturity and analyzing customer’s cyber security program while Identifying weak spots.
Creating full prioritized Taylor-made strategic roadmap designated to address gaps in customer's cyber security program while maximizing security ROI.
Assisting and guiding the implementation process.
Creating cyber security work plans.
Cyber risk management analysis.
Consulting and working closely with both senior managements and security and IT teams
Consulting from low level detailed technological level "Bits and Bytes", up to Security Strategy and policy and long-term security work plans.
Project management.
Client and account management.
2012-2014
Senior Information Systems Team Leader | ICL Group | Israel Chemicals LTD
Creating, leading and inspecting Information Security of the company operations around the globe
Creating work plans, policies and procedures in order to avoid and deal with gaps and breaches
Creating monitoring tools and mechanism in order to identify threats and breaches
Developing and execute long-term information security solutions; supporting Information
Security incidents; analyzing and evaluating threats
Working with management in order to define strategy and allocated budget
Auditing and monitoring security of IT systems, infrastructure, physical security of the operations
Providing risk assessments and recommendations to management
Deep interaction with IT teams to execute and implement the corporate Information Security
policies, procedures, tools and solutions.
In charge of deploying Security tools on the operations’ systems
Establishing and deploying Computer Security Incident Response Capability guidelines
Reviewing & applying Common Criteria for IT security evaluation, including CSA Privacy Principles
Developing guidelines for Information Security plans
Preparing and delivering Security Awareness programs
2012-2014
Senior Information Security Advisor &Engineer, 2BSecure consulting company
Leading and coordinating the information security services the company provides to the clients.
Acting as trusted partner with the client and working collaboratively to understand, anticipate and recommend risk mitigation while promoting overall information security protection for the company clients.
Ensuring the delivery of information security services to the client is in compliance with the contract and is in compliance with any applicable standards and regulatory requirements.
Understanding the client’s culture, security strategies, security goals, security objectives and security capabilities and cultivating trusted partner relationships with account and client; keeping consistent and open dialogue to uncover issues, challenges, risks
Reviewing service management reports to ensure tickets (i.e., incidents, problems, requests, changes), related to information security, are being acknowledged, worked and Service Level Agreements are being met; providing direction on ticket remediation and ensuring remediation is complete
Consultant to companies on Israeli information security regulatory compliance - PCI DSS,
ISO 27001 - related to IT management, risk management etc
Management of a complex project from planning to full implementation
Define requirements, map and analyze organizational processes, write specifications, schedules and mile stones
Research and investigate security-related issue; Troubleshooting and debugging network failures
Supporting Internal Audit on systems on hand, and handle corrective actions till closed
Testing & evaluating newly developed or acquired Systems
Senior Information Systems Team Leader | ICL Group | Israel Chemicals LTD
Creating, leading and inspecting Information Security of the company operations around the globe
Creating work plans, policies and procedures in order to avoid and deal with gaps and breaches
Creating monitoring tools and mechanism in order to identify threats and breaches
Developing and execute long-term information security solutions; supporting Information
Security incidents; analyzing and evaluating threats
Working with management in order to define strategy and allocated budget
Auditing and monitoring security of IT systems, infrastructure, physical security of the operations
Providing risk assessments and recommendations to management
Deep interaction with IT teams to execute and implement the corporate Information Security
policies, procedures, tools and solutions.
In charge of deploying Security tools on the operations’ systems
Establishing and deploying Computer Security Incident Response Capability guidelines
Reviewing & applying Common Criteria for IT security evaluation, including CSA Privacy Principles
Developing guidelines for Information Security plans
Preparing and delivering Security Awareness programs
2012-2014
Senior Information Security Advisor &Engineer, 2BSecure consulting company
Leading and coordinating the information security services the company provides to the clients.
Acting as trusted partner with the client and working collaboratively to understand, anticipate and recommend risk mitigation while promoting overall information security protection for the company clients.
Ensuring the delivery of information security services to the client is in compliance with the contract and is in compliance with any applicable standards and regulatory requirements.
Understanding the client’s culture, security strategies, security goals, security objectives and security capabilities and cultivating trusted partner relationships with account and client; keeping consistent and open dialogue to uncover issues, challenges, risks
Reviewing service management reports to ensure tickets (i.e., incidents, problems, requests, changes), related to information security, are being acknowledged, worked and Service Level Agreements are being met; providing direction on ticket remediation and ensuring remediation is complete
Consultant to companies on Israeli information security regulatory compliance - PCI DSS,
ISO 27001 - related to IT management, risk management etc
Management of a complex project from planning to full implementation
Define requirements, map and analyze organizational processes, write specifications, schedules and mile stones
Research and investigate security-related issue; Troubleshooting and debugging network failures
Supporting Internal Audit on systems on hand, and handle corrective actions till closed
Testing & evaluating newly developed or acquired Systems
