OB

Oldair Barbosa

available

Last update: 06.09.2022

Senior Information Security Consultant

Graduation: not provided
Hourly-/Daily rates: show
Languages: English (Full Professional) | Portuguese (Native or Bilingual)

Attachments

Oldair_J._Barbosa_-_ISP.pdf

Skills

Information Security, enterprise architecture, penetration test, Identity Management, Cloud solution, API security, IT security, Cyber Security, ood, data systems, SO6, PCI, PCI DSS, application design, data security, Penetration Testing, penetration tests, IPS, PCI-DSS, COBIT, network security, Cisco ASA

Project history

01/2013 - 07/2020
Security Specialist / Head of Information Security
Grupo Nethoes

IMm responsible for information security to de&ne and applied security standards,
procedures and guidelines across at (rupo Netshoes. Assist with the development
of Disaster Recovery plan )DRPX. Develop and maintain external and internal
security related networks such as &rewall, IPS and NAF. Coordinate and conduct
security audits including preparation of security reports of PCI-DSS and SO6. Act as
advisor on security risk management. Respond to and/or manage security incidents.
Assist in developing training and awareness programs. Vendor Management.Security
Operation and architecture experience with a strong emphasis on design and
development of conceptual, logical and physical security models, using named
industry standard such as NIST, ISO27000, PCI-DSS, COBIT.
Lead a team of Information Security. Development Security Baseline using best
practice and based on risk and vulnerabilities assessment. Security Advisor.
Development Security Projects such as Fraud Protection, Security Remote Access,
Identity and Access Management, Vulnerability Management.

03/2010 - 07/2020
Tech Leader
HP Enterprise Services

Lead network security team to support device such as &rewall )Cisco ASA,
CheckpointX Proxy)Bluecoat, McafeeX load balances )F9X and IPS) HP TippingPointX.
Create and recommend remediation for components of security policies, procedures,
processes, and standards.Nork on multiple projects concurrently, manage time
effectively, and require minimal supervision in the execution of projects. Manage a
team of security analyst with activities day-by-day and drive the right resource to solve high issue.

11/2017 - 11/2018
Senior Information Security Analyst
Brasilprev S.A

Assesses information risk and facilitates remediation of identi&ed vulnerabilities
with the Bank network, systems and applications. Reports on &ndings and
recommendations for corrective action. Performs vulnerability assessments as
assigned utilizing IT security tools and methodologies. Performs assessments
of the IT security/risk posture within the IT network, systems and software
applications, in addition to assessments within the Vendor Management Program.
Identi&es opportunities to reduce risk and documents remediation options regarding
acceptance or mitigation of risk scenarios. Facilitates and monitors performance
of risk remediation tasks, changes related to risk mitigation K reports on &ndings.
Maintains oversight of IT and vendors regarding the security maintenance of
their systems and applications. Provides weekly project status reports, including
outstanding issues. The IT Security/Risk Analyst assists in all IT audits, IT risk
assessments and regulatory compliance.

+ey responsibilities including but not limited to:

11/2013 - 11/2017
Senior Information Security Consultant
Cipher

Identifying all the stakeholders, sponsors, technical references )e.g. IT Project
Manager, Software Engineer, Security AnalystX of the client in order to de&ne
the initial conditions and the needs analysis. Conducting PCI DSS/PA-DSS related
interviews with responsible employees in order to have a complete map of
information/data workJows, processes and procedures, payment card data Jows,
application design and functionality. Conducting technical interviews to understand
eventual data security problems from in-depth technical point of view. Analysis
of network diagrams, asset lists to understand the infrastructure used by the
customers. Analysis of Penetration Testing reports )PCI DSS Compliance ProcessX
and/or performance of applications penetration tests and forensic analysis )PA-DSS
Compliance ProcessX within ad-hoc penetration testing laboratories. Providing the
customer with a remediation plan/gap report. (uiding and supporting all the
remediation processes ensuring that the gaps are mitigated correctly.

Local Availability

Only available in these countries: Brazil

Other

  • Knowledge of security industry best practices and standards: ISO 27001, PCI, COBIT, NIST and ITIL.
  • Experience leading Information Security related projects from planning to implementation.
  • Experience on Network Security, Security Operational, Risk Management.
  • Experience with security technologies and best practices
  • Hands-on experience with security operations and solutions.
  • Experience in performing security architecture reviews.
  • IT risk assessments and regulatory compliance.
  • Develop and enhance security policies.
  • Experience with security and compliance.
  • Lead, develop and coach a small team of security analysts.
  • Manage employees, contractors and vendors involved in IT security.
In addition to these accomplishments, I think my creative mind and passionate curiosity regarding the latest IT security trends is what sets me apart from other candidates. If you’re interested in granting me an interview, then please contact me at your earliest convenience.
Profileimage by Oldair Barbosa Senior Information Security Consultant from Senior Information Security Consultant
Register