个人资料封面照片
您正在关注
关注用户错误。
该用户不允许他人关注他们。
您已经关注了这个用户。
您的会员计划仅允许0个关注。升级在此。
成功取消关注
取消关注用户错误
您已成功推荐
推荐用户错误。
出问题了,请刷新页面并重新尝试。
电子邮箱已成功验证。
用户头像
$100 USD / hour
UNITED STATES的国旗
$100 USD / hour
目前这里是3:12 上午
六月 3, 2011已加入
0 推荐

Lufsec L.

@lucianoferrari

2.8 (2条评论)
1.0
1.0
67%
67%
$100 USD / hour
UNITED STATES的国旗
$100 USD / hour
50%
工作已完成
100%
在预算内
100%
按时
不适用
重复雇用率

Information Security

A global, multi-cultural passionate information technology senior professional with strong background leading Information Security Risk and Vulnerability Management, Public Key Infrastructure (PKI) and IT Network global and regional projects.

联系Lufsec L.询问您的工作详情

登录并通过聊天讨论所有细节。

评论

变更已保存
展示2中的1-2条评论
筛选评论规则:
0.0
$30.00 USD
He tried and did a good job but couldn't complete due to my choice of passwords. Its a difficult task for sure. He did help me and I suggest sending him 10 dollars for his troubles. He as a freelancer can not be marked down for this.
PHP
C Programming
Computer Security
Software Architecture
用户头像
的国旗 Eric C.
@fxphil
11 年前
2.8
$30.00 USD
The Freelancer is just starting out and I am sure will do a great job in future.
Web Security
Computer Security
Article Writing
S
的国旗 Sanjeev W.
@swalia
11 年前

经验

Manager, Information Security

SC Johnson
5月 2015 - 现在
Risk Management

Information Security

Kimberly-Clark
10月 2001 - 现在
Vendor Risk Management: Developed a Vendor Risk Assessment tool increasing the capability of the team and increased efficiency with automation for requests by 35%. The tool includes an on-line assessment, initial risk definition for each vendor and initial remediation required. Risk Assessment: Improved time to answer the Risk Assessment from 30 days to 1-2 weeks making questions more clear. Added +150 questions to the assessment but made it smarter and dynamic asking specific questions on the beginning of the assessment to capture business scope and profile. (For example questions for e-commerce site, or hosting provider, or digital marketing, etc.) Compliance with Kimberly-Clark Standards: Added an area on the on-line risk assessment for vendors to upload required documents for review and analysis against SSAE 16 requirements, PCI compliance, etc. Increased the number of Risk Assessments performed per year by 60% through Global training and creating a synergy and work process with Procurement and Legal teams. The relationship with these two areas positioned security to engage and participate in vendor selection processes and also review of Master Agreements, Contracts and Statement of Work. Security Framework: Changed the process and increased the scope of Risk Assessments to adjust with security best practices following NIST and ISO. Covered not only “confidentiality” but also integrity and availability. Diminished 75% of escalated Risk Assessments to management (Sr. Manager and CISO) resolving vendor and business risk issues and remediation requirements at the lowest level possible. Translate Technical Requirements to Business Language: Implemented a Risk Management process to a spinoff Health Care company (Halyard Health) on time and on budget. Participated in meetings with the Chief Information Security Officer (CISO) and Business Director to translate technical security concerns to business language providing pragmatic understanding of the real threat to empower the business to make smart decisions. Public Key Infrastructure (PKI): Led implementation of a cloud PKI solution (Symantec mPKI) for mobility to a spin-off new company (Halyard Health) on time and on budget. Led and managed the global PKI solution for Kimberly-Clark including Root Certified Authority, Issuing/Subordinated Certified Authorities, NDES server, OCSP, Safenet Luna SA 5 Hardware Secure Module (HSM) and integration with MDM solution Vulnerability Management: Proved to management the need for a Vulnerability Management Solution. Designed and implemented from definition of scope, vendor selection, installation and operation of the devices. Built processes, procedures and policy for executing the discovery and vulnerability scans and integrating with support areas (desktop, network, server, etc.). Increased visibility of threats and engaged other teams to patch and update their devices increasing the overall security. Performed discovery and vulnerability scans every 30 days and specific scans when new threats appeared (i.e. Poodle, Shellshock, Heartbleed, etc.) using Beyond Trust Retina and Nessus Policies and Standards: Developed Information Security Standards (Cryptography, PKI, Hardware Disposal, Password Management, Remote Access, Two Factor Authentication, Risk Management and Vulnerability Management). Data Privacy: Led an information security Data Privacy project with Global Security and Legal. Security Awareness: Promoted multiple information security awareness campaigns including social engineering calls raising the security knowledge of employees. Security Strategy: Provided definition of Information Security Strategy for Risk, Vulnerability, PKI and Third Party Access Management. Data Loss Prevention (DLP): Led development and implementation of a DLP Solution for a single location in Latin America as a pilot. Configured the device to monitor for two weeks before implementing the policy settings. IT Network: Managed $3M Capital Budget for Latin America Network Operations. Led Latin American MPLS Data Network deployment. Successfully reduced 50% of Latin American network costs and doubled capacity. Led standardization of IT infrastructure in Latin American reducing the Total Cost of Ownership. Reduced 20% of Data Center Infrastructure with VMware virtualization.

教育

MBA

Fundação Getúlio Vargas, Brazil 2006 - 2007
(1 年)

Masters Computer Network

Fundação Armando Alvares Penteado, Brazil 2000 - 2001
(1 年)

Technology in Microelectronics

Faculdade de Tecnologia de São Paulo, Brazil 1993 - 1997
(4 年)

资质

CRISC

ISACA
2016
Certified in Risk and Information Security Controls

PCIP

PCI SSC
2014
Payment Card Industry Professional

CISSP

(ISC)2
2013

出版物

Replacing Tokens with Digital Certificates for User Authentication on Remote VPN. Is this a Bad Idea?

Kakin9 e-book - Public Key Cryptostructure
Imagine that you were sent a request by senior management, you have a new mission: reduce the costs of the tokens license, improve the user experience via something simpler and keep the same level of security for your remote VPN users. Would you say no? Would you say that this impossible to achieve? Or would you investigate and try to deliver a solution for the business? If you believe this is impossible, I can tell you that you can have something that comes very close.

Brasil chefia projeto da Kimberly-Clark

Brasil Economico
Luciano Ferrari é o brasileiro que está à frente das iniciativas mais sustentáveis no departamento de tecnologia da Kimberly-Clark no mundo. O profissional foi escolhido pelo engajamento com o assunto e pela implementação de soluções simples e eficazes no país.

联系Lufsec L.询问您的工作详情

登录并通过聊天讨论所有细节。

认证

优选威客
身份已验证
支付已验证
电话已验证
邮箱已验证
Facebook已关联

资质

freelancer_orientation.png Freelancer Orientation 1 75%
之前的用户 下一个用户
邀请已发送成功!
谢谢!我们已通过电子邮件向您发送了索取免费积分的链接。
发送电子邮件时出现问题。请再试一次。
已注册用户 发布工作总数
Freelancer ® is a registered Trademark of Freelancer Technology Pty Limited (ACN 142 189 759)
Copyright © 2024 Freelancer Technology Pty Limited (ACN 142 189 759)
加载预览
授予地理位置权限。
您的登录会话已过期而且您已经登出,请再次登录。