Stathis - Administrateur réseaux WINDOWS NT

EXPERIENCE PROFESSIONNELLE:

Février 2006 à … IT Swift administrateur et officier de securite
Aegean Baltic Bank
Athènes, Grèce
Fonctions:

• Responsable du département informatique, de son budget et d’une équipe de 14 personnes.
• Planifie et prévoie l'architecture informatique de la banque, et coordonne l’implantation des changements.
• Prévoie les futures besoins de la banque (Stratégie informatique) et identifie des solutions proactives correspondant aux besoins.
• S’assure que les politiques de sécurité informatiques sont en phase avec les objectifs d’affaire
• Responsable de l’architecture de la sécurité informatique de la banque et du flux des données applicatives (application bancaire centrale SWIFT, AML, Access à distance, CheckPoint, IPSEC, SIEM, SSL, DNS, Sendmail, Linux, etc.)
• Responsable des audits informatique interne et de leur remédiation, de l’évaluation des risques informatique (architecture et sécurité) et de leurs analyses.
• [...] Mise en œuvre de solutions technologiques répondant aux besoins opérationnels et en conjonction avec les exigences de la sécurité informatique.
• Identifie les failles de sécurité et recommande les changements appropriés.
• S’assure que les points d’audit externe sont traités et répondues, ainsi que de la conformité de la gouvernance.
• S’assure que le BCP and le DRP sont en place et couvrent tous les besoins opérationnels.
• Création, implémentation, modification et conformité des politiques de la sécurité informatique, des standards et des directives (Gouvernance, ISO 27001-27002-27005, 22002, COBIT, OWASP,PCI-DSS).
• Coordonne les projets informatique ainsi que leur mise en production, avec le département informatique et avec les « Business owners ».
• Administrateur de “Swift Alliance Access” et Officier de sécurité Swift:
o Administrateur de l’infrastructure Swift ainsi que des nouvelles implémentations.
o Administrateur de la feuille de route de l’application, incluant les “patchs’ et les « upgrades » pour les composants Swift.
o Responsable quotidienne de l’application Swift (Operations générales, administration des utilisateurs, Messages, Archives, backup et site de désastre, et le routing.
o Administrateur de SAA, SAG, SNL et HSM.
o Test diffèrent scenarios de résilience de basculement
o Migration des messages MT (1xx,2xx,9xx) vers ISO20022
o Eastnets AML reporting et filtering (SDK).
• Administrateur des serveurs Unix, Redhat cluster et des serveurs SWIFT.
• Responsable de la remédiation des incidents de la sécurité informatique.
• Design, implémentation and documentation d’une solution de paiement électronique sécurisé pour les clients de la Banque (architecture trois tiers. Infrastructure PKI)
• Projets actuels: GDPR, « Swift security framework » ,Web Banking, PSD2, Customer Onboarding


• Environnement Technique: Microsoft Windows : 2003, 2008, 2012, Linux Redhat et Clustering, SendMail et Bind, Temenos Globus, SWIFT, AML, NAS, LUN, Iscsi, Cluster, Pacemaker et Corosync. EMC Networker et VNX, VMware.
• Environnement Sécurité: ASA, CheckPoint Cluster, VPN, IDS/IPS, CISCO Routeurs et Switch, WebSense, Symantec, Panda, Qualys et Web-PCI., Wireshark, Nagios, Zabbix, HPing, NMAP, OSSEC, Splunk, Iptables, TCP Wrapper, Tripwire, Cisco IPS/IDS, PGP, Open-SSH, Log Correlation, Metasploit, PKI Infrastructure,Checpoint Cluster XL,Fortisandbox, Fortigate, RSA, HID, HSM – Gemalto, Symantec, FireEye
• Applications : Temenos Globus T24, Temenos TCIB, SWIFT Alliance Access, Eastnets(AML), PRIME-AML(FIS), IBM Domino, IBM API Connect

Juin 2005 à Janvier 2006 CONSEILLER SENIOR SECURITE
Caisse de dépôt et de Placement du Québec (CDP),
Montréal, Québec, Canada
é


Faisant partie de l’équipe réseau et sécurité des consultants CGI pour la CDP.
En charge des pare-feu, VPN et des projets IPS et tests de vulnérabilité.

• Management des pare feu Check Point
• En charge de documenter l’architecture sécurité et réseau, les DNS (BIND), la messagerie (SendMail) et le système DHCP
• Recommandation d’une solution IPS
• Recommandation d’un meilleur comportement en sécurité informatique

Environnement: CISCO Routeurs et Switch, Checkpoint NG, CISCO Works, CISCO ACS, Radius, WebSense, Sun 8, Syslog Server, Windows servers and workstations 2003, SendMail, Bind


Octobre 2004 à Juin 2005 CONSULTANT SECURITE SENIOR
Indépendant
Paris, France

Consultant indépendant en sécurité informatique pour diverses missions spécialisées à travers la France et l’Europe.
Mission de court terme (en moyenne deux mois par mission).

Environnement: CISCO Routers, PIX « Firewall », Checkpoint NG, CISCO Works, CISCO ACS, Qualys, MAILMasrhal and WebMarshal, Sun 2.6, 8 et 9, Exchange, Windows 2003, Syslog Server, Windows servers and workstations 2000,


03/2006 to … Head of IT
IT security officer
Aegean Baltic Bank,
Athens, Greece
Functional aspects:
- Responsible of the data network and security of the bank.
- Responsible of the IT network architecture of the bank and the flows of application (Banking application, SWIFT, AML, etc...)
- Responsible for the IT security and network of the Bank (Segregation of duties, Access Control matrix, etc...).
- Responsible for the IT risk assessments and analysis.
- Plans and foresees the Data Network and Security architecture of the Bank, and coordinates the implementation of the changes with the IT team personnel.
- Foresees future network needs (IT Strategy) and identifies proactive solution to satisfy needs.
- Ensures that business continuity and contingency plans are in place to cover unexpected business interruptions.
- Creating and Implementing the IT Security policies and Standards (COBIT, ISO 27001/27005, ISO 20022)
- Enforces standard company policies and procedures.
- Designing, implementing, and documenting a secure electronic payment solution through Internet for the major clients of the Bank (Three tiers architecture, PKI infrastructure).
- Communicates effectively relevant IT-related information and project progress to the High Management.
- Ensures IT Audit points are answered and treated.
- Establishes and builds relationships with vendors.

Environment:
• Technical: Microsoft Windows : 2003, 2008, 2012, Linux Redhat 64 bits Clusters, SendMail and Bind, NAS, LUN, Iscsi. VMWare, Networker
• Network-Security: ASA, Pix, CheckPoint, CISCO (Nexus, ISR’s, Switches, ASA’s), WebSense, Symantec SEP, Qualys, Wireshark, Nagios, PRTG, HPing, NMAP, OSSEC, Splunk, Iptables, TCP Wrapper, Tripwire, Cisco IPS, PGP, Open-SSH, Log Correlation, Metasploit, PKI Infrastructure
• Applications: Temenos Globus T24, SWIFT, Eastnets-AML, CubeIQ-AML, IBM Domino.

06/2005 to 01/2006 Security consultant,
Caisse de dépôt et de Placement du Québec (CDP),
Montréal, Québec, Canada
Part of the network and security consultant team of CGI for the financial institution Caisse de dépôt et de Placement du Québec.
In charge of the firewalls, VPN’s and ongoing projects like IPS and vulnerability testing.
• To manage Check Point firewalls
• To produce extensive documentations on the architecture of the network, the internal and external DNS, the mail messaging system, The DHCP system
• IPS project documentation and deployment
• To advise for security best practices.
Environment:
CISCO Routers and switches; Checkpoint NG, CISCO Works, CISCO ACS, SUN 8, SendMail, DNS Bind, Radius, VPN, IPFilter, Snort

01/2004 to 07/2004 Project Manager,
Security department
AXA Investment Managers,
Paris, France
This project addresses the needs to analyze the security logs of various security equipments and to search for an analyzing solution tool.
• To define and to document existing or newly created logs collected from each device, and to validate the granularity of logging applied and it’s retention policy.
• To proactively identify weaknesses in out existing security systems so that an enhancement strategy can be identified.
• To collect logs automatically in a single point.
• To give the ability to identify more quickly intrusion and attacks.
• To define the adequate alert level of security logs.
• To create an escalation procedure for log alerts.
• To investigate solution to analyze logs and alert in a near real time mode.
• To analyze Production’s Logging requirements and integrate into software
Environment:
CISCO Routers, PIX « Firewall », Checkpoint NG, CISCO Works, CISCO ACS, Qualys, MAILMasrhal and WebMarshal, Sun 2.6, 8 et 9, Exchange, Windows 2003, Syslog Server, Windows servers and workstations 2000, Anti-Virus (Trend, Norton, Finjan)

05/2002 to 11/2003 Head of Networks and Systems,
Aegean Baltic Bank,
Athens, Greece
• Installation, configuration and administration of the IT systems of the Bank. (Network and security architecture, Intranet, Internet, Security and Audit, SWIFT, Domino Mail)
• Architecture and implementation of the systems, the networks and the security of the bank
• Management of the IT personnel
Environment:
CISCO Routers et PIX « Firewall », IOS, VPN, IPSec, 3DES, ISAKMP, ESP, AHP, TCP/IP, Sun 8, IBM AIX 5L clustered, Lotus Domino 5 and Lotus Notes Syslog Server, Windows servers and workstations 2000, , X.25 Script Bourne shell., SWIFT and SWIFTNET, Norton Anti-Virus Corporate Edition, SMTP, Rightfax server

04/2001 to 04/2002 Network and security Administrator,
Société Générale Banque,
Paris, France
One of the leading financial institutions in Europe
• Responsible for installing network cash-flow applications for a financial institution on many worldwide sites. The work included travelling to the sites to oversee the implementation of the installations in India, Pakistan, Bulgaria, Lethonia, Lithuania, Russia, Slovenia, Greece, Italy, Holland, England, France, Belgium, Switzerland, and Croatia.
• Responsible for CFO’s training on site.
• Third level for troubleshooting the network and the LAN and WAN security
• Responsible for approving the client configuration of the network.

08/2000 to 04/2001 Data Center Technical Liaison,
Sanmina Corporation,
San Jose, California, USA
One of the world’s largest independent manufacturer of printed circuit boards and backplanes with many acquisitions the years.
• Manager of 15 IT personnel ( first and second level personnel)
• Coordination between the helpdesk and the Data Center team.
• Writing technical secure procedure on NT and Unix OS to elevate knowledge of the Helpdesk personnel.
• Around 10 000 PC on NT and 98.
• WAN and LAN Network

10/1997 to 05/2000 Network and security Administrator,
Société Générale Banque,
Paris, France
One of the leading financial institutions in Europe
• Responsible for installing network cash-flow applications for a financial institution on many worldwide sites. The work included travelling to the sites to oversee the implementation of the installations in India, Pakistan, Bulgaria, Lethonia, Lithuania, Russia, Slovenia, Greece, Italy, Holland, England, France, Belgium, Switzerland, and Croatia.
• Responsible for CFO’s training on site.
• Third level for troubleshooting the network and the LAN and WAN security
• Responsible for approving the client configuration of the network.