Silviu Trofimov is an experienced information security professional with expertise in identity and access management, network security, cryptography, and data protection. He has over 20 years of experience designing and implementing security solutions for organizations. His technical skills include identity management, firewall management, PKI, next generation firewalls, and database security. He holds multiple security certifications.
Content Strategy and Developer Engagement for DevPortalsAxway
Slides from Write the Docs Ottawa Meet Up at Shopify HQ in Canada, June 24, 2019
We’ll walk through 5 scenarios and concrete ways of reaching a developer community for frictionless and increased engagement.
Content Strategy and Developer Engagement for DevPortalsAxway
Slides from Write the Docs Ottawa Meet Up at Shopify HQ in Canada, June 24, 2019
We’ll walk through 5 scenarios and concrete ways of reaching a developer community for frictionless and increased engagement.
The cloud offers simplified application development and delivery by providing infrastructure, platform and software services that are ready to use immediately. However, the major inhibitor for businesses has been concerns around security. IBM has simplified the typical method for approaching this problem. Whether you’re looking to employ infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) or software-as-a-service (SaaS), use the framework below when designing your solution. Each platform comes with certain built-in security qualities and lets you use add-ons on top of the platform to secure each workload.
Rationalization and Defense in Depth - Two Steps Closer to the CloudBob Rhubart
Security represents one of the biggest concerns about cloud computing. In this session we’ll get past the FUD with a real-world look at some key issues. We’ll discuss the infrastructure necessary to support rationalization and security services, explore architecture for defense –in-depth, and deal frankly with the good, the bad, and the ugly in Cloud security. (As presented by Dave Chappelle at OTN Architect Day in Chicago, October 24, 2011.)
Will your organization or enterprise expand cost-effectively with the power of a managed cloud? We outline 10 key reasons why this strategy will help you improve security, simplify compliance, reduce costs and streamline scalability.
Be Aware Webinar – Office 365 Seguro? Sym, Cloud!Symantec Brasil
Office 365 Seguro? Sym, Cloud!
1-Estratégia de Segurança da Symantec
2-VIP & SAM for Office 365
3-DLP for Office 365
4-Email Security.cloud
Be Aware Webinar acontece todas as quartas às 10h30. Curta nossa página no Facebook e acompanhe a programação
We will explore why the current industry approach to security is failing us. We will then discuss how building security as an architecture can raise the security level for any organization. An architectural approach is required to take security to the next level and defend against modern threats. We will discuss how you can use Cisco solutions to build a true security architecture.
Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...CA Technologies
In this age of an interconnected global business ecosystem, businesses rely on network connections with partners, suppliers, and others for efficient business processes. You just have to look at the headlines to see that several recent security breaches have compromised these connections as a way into a corporate network. Utilizing CA Advanced Authentication, CenterPoint Energy is making connections more secure through multi-factor authentication and reduce the risk of standard network credentials becoming compromised.
For more information on CA Security solutions, please visit: http://bit.ly/10WHYDm
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.Cristian Garcia G.
El control de cuentas y accesos privilegiados enfrenta la realidad actual que involucra complejidad de ambientes de nube, sistemas y plataformas SAAS, así como sistemas legados y bajo premisa. ¿Cómo se adecúan los productos de administración de accesos actuales a esta realidad tecnológica? ¿En torno a qué deben estar listas estas soluciones?
The cloud offers simplified application development and delivery by providing infrastructure, platform and software services that are ready to use immediately. However, the major inhibitor for businesses has been concerns around security. IBM has simplified the typical method for approaching this problem. Whether you’re looking to employ infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) or software-as-a-service (SaaS), use the framework below when designing your solution. Each platform comes with certain built-in security qualities and lets you use add-ons on top of the platform to secure each workload.
Rationalization and Defense in Depth - Two Steps Closer to the CloudBob Rhubart
Security represents one of the biggest concerns about cloud computing. In this session we’ll get past the FUD with a real-world look at some key issues. We’ll discuss the infrastructure necessary to support rationalization and security services, explore architecture for defense –in-depth, and deal frankly with the good, the bad, and the ugly in Cloud security. (As presented by Dave Chappelle at OTN Architect Day in Chicago, October 24, 2011.)
Will your organization or enterprise expand cost-effectively with the power of a managed cloud? We outline 10 key reasons why this strategy will help you improve security, simplify compliance, reduce costs and streamline scalability.
Be Aware Webinar – Office 365 Seguro? Sym, Cloud!Symantec Brasil
Office 365 Seguro? Sym, Cloud!
1-Estratégia de Segurança da Symantec
2-VIP & SAM for Office 365
3-DLP for Office 365
4-Email Security.cloud
Be Aware Webinar acontece todas as quartas às 10h30. Curta nossa página no Facebook e acompanhe a programação
We will explore why the current industry approach to security is failing us. We will then discuss how building security as an architecture can raise the security level for any organization. An architectural approach is required to take security to the next level and defend against modern threats. We will discuss how you can use Cisco solutions to build a true security architecture.
Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...CA Technologies
In this age of an interconnected global business ecosystem, businesses rely on network connections with partners, suppliers, and others for efficient business processes. You just have to look at the headlines to see that several recent security breaches have compromised these connections as a way into a corporate network. Utilizing CA Advanced Authentication, CenterPoint Energy is making connections more secure through multi-factor authentication and reduce the risk of standard network credentials becoming compromised.
For more information on CA Security solutions, please visit: http://bit.ly/10WHYDm
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.Cristian Garcia G.
El control de cuentas y accesos privilegiados enfrenta la realidad actual que involucra complejidad de ambientes de nube, sistemas y plataformas SAAS, así como sistemas legados y bajo premisa. ¿Cómo se adecúan los productos de administración de accesos actuales a esta realidad tecnológica? ¿En torno a qué deben estar listas estas soluciones?
Explore the comprehensive CISSP Certification Course syllabus with InfosecTra...InfosecTrain Education
Explore the comprehensive CISSP Certification Course syllabus with InfosecTrain's CISSP Online Training. Covering eight domains essential for Information Security Professionals, our program delves into topics like Security and Risk Management, Asset Security, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, Software Development Security, and Security Architecture and Engineering. With our expert-led training, you'll acquire the knowledge and skills needed to ace the CISSP exam and excel in the field of cybersecurity.
For every organization, effective cybersecurity is reliant on a careful deployment of technology, processes and people. The Global Knowledge cybersecurity perspective features a three-tiered organizational matrix, ranging from foundational to expert skills, coupled with eight functional specializations that encompass the features of a successful cybersecurity organization.
Cybersecurity isn’t a one-person job—it’s dependent on several different factors within an organization. This webinar will show you how to build a strong cyber defense by focusing on:
• The characteristics of winning cybersecurity teams
• The Crown – Organizational map and career progression
• The Castle – The eight functional specializations
• Architecture and data policy
• Data loss prevention
• Governance, risk and compliance
• Identity and access management
• Incident response and forensic analysis
• Penetration testing
• Secure DevOps
• Secure software development
• Building a winning cybersecurity organization
1. Silviu Trofimov (CISA, CISSP)
Farmington, CT, 06032 ph: 860 626 9865 / email:strofimov@gmail.com
Information Security Architecture, Data Protection and Network Security
Accomplished Information Systems security professional with outstanding relationship and project
management skills. Demonstrated expertise in research, development, implementation and audit of:
Identity /Privileged Access Management (IAM/PIM), Network and Application Firewalls (NG-FW),
cryptographic-based trust /assurance models (PKI/SSO), integrated application and data leakage
protection programs.
• Security Architecture Methodology • Information Security (IS) Strategy • Application / Cyber Security
• Identity and Access Management • IS Management and Operations • Next Generation Network Security
• Privilege Identity Management • Risk Remediation and Controls • Business and Security Analysis
• Role-Based Access Control • Policy and Regulatory Compliance • Project Management
• Security Architecture: designed and implemented IS solutions using Sherwood Applied BSA
(SABSA), Zachman, Capability Maturity Model (SSE-CMM), VeriSign SAR, Computer
Associates (CA) methodology (SAO/SAS); UML/BPML.
• Privileged Identity / Access Management: strategically analyzed, realigned and implemented
policies, procedures, standards, processes and workflows for on-boarding, off-boarding and
cross-boarding, access role engineering, authentication assurance modeling and implementation.
• Security / Network Operations Center: planned, designed and implemented L2/L3
converged network infrastructure, physical and logical controls, zone segmentation, n-scalable
one-arm firewalls and packet / stream inspection.
• Cryptography: researched, implemented and optimize cryptographic controls (encryption and
digital signature) for securing data at rest (storage, RDBMS, z/OS ICSF) and in transit.
• Data Protection and Application Security: implemented and operationalized geographically
distributed data protection framework: data classification / labelling enforcement, distributed
DLP (DIT and DAR), remediation and escalation process; designed and implemented integrated
application security
TECHNICAL SKILLS
• IdM: CA *Minder Suite, Centrify • Federation: PingId, CA, Opensaml • Malware: FireEye
• Dir: LDAP(S)/ AD and X.500 • NIDS: SourceFire, Juniper, PAN • NAC: ForeScout, IVE/Juniper
• PIM: Cyber-Ark, e-DMZ Security • DLP: Symantec, Varonis, Orchestria • FWMgm: SkyBox
• PKI: RSA/Keon, Entrust/PKI,
VeriSign/MPKI, MS/CA, Openssl
• NGFW: Palo Alto (PAN), Juniper
(SRX/NS), CP (FW-1), Cisco (ASA)
• RDBMS: IBM/Guardium,
AppSecInc/DBProtect
EDUCATION
GRC, UNIVERSITY OF SUSSEX, East Sussex, UK 1998
PhD
UNIVERSITY OF TRANSILVANIA, Romania 1993
MSc (Eng)
‘MIRCEA CEL BATRÂN’ NATIONAL COLLEGE, Romania 1986
Baccalaureate
Page 1 of 3
2. Silviu Trofimov (CISA, CISSP)
EXPERIENCE
ROYAL BANK OF SCOTLAND (RBS), STAMFORD, CT Oct 2012 – Dec 2016
Sr Security Analyst
Reporting to the Information Security Project and Engineering Head, the position supported the
specialized analysis, design and implementation needs of the C&IB US, UK and SG InfoSec teams.
•Access Management –lifecycle controls mitigation for user and system identities, authentication,
authorization and accounting (AAA), Privilege Identity Management (PIM) – Cyber-Ark / EPV,
PACLI, and Centrify, resulting in enhanced controls resilience and closure of material RIs.
•Network Security – addressed critical security and reporting regulatory requirements: solution
design for centralized firewall management rule-base recertification process (SkyBox); port controls
with Network Access Control (802.1x and lite - ForeScout / CounterAct); network segmentation
lockdown process (Check-Point/R77).
•Database Security – elevated critical database security posture by researching, analyzing, selecting
and validating the RDBMS VM vulnerability and compliance scanning and reporting tools: IBM /
Guardium, AppSecInc / DBProtect and Secunia / Advisory; and materially enhanced the lifecycle
management of privileged RDBMS accounts (Oracle, Sybase, MS-SQL) using Cyber-Ark PIM.
•Data / Leakage Protection – implemented geographically distributed data protection program (at
rest, and in transit), enforcement of data classification labeling / infrastructure, and remedial process
for global DLP program (Symantec Vontu, CA Orchestria, Titus and Boldon James Classifier).
INTEGRALIS, HARTFORD, CT 2010 - 2012
Security Architect
Network and Application security consulting and implementation projects within the ProServ group.
Designed and implemented next-generation and virtualized network infrastructure (L2, L3, remote
access, network segmentation, Network / Federation – SAML, IF-MAP, WS-Sec), Privileged
Identity Management with Enhanced Authentication Assurance Levels (SCM/X.509, OTP/RSA),
Identity Firewalls (Cisco ASA / Juniper SRX & NetScreen), and NAC (IVE) solutions.
GOV. OF ONTARIO / MINISTRY OF GOV. SERVICES, CANADA 2009-2010
Senior IAM Security Specialist
Implemented the IAM strategy in the Ontario Government: Centrify, Entrust, RSA, and PIM Cyber-
Ark solution validation / design.
Responsibilities: business analysis / modeling for IAM, ABCP / DR specialist for the Entrust
infrastructure DR Project, architecture blueprinting and review, consulting in PIM, PKI, RACF,
federation (SAML , WS-Security) and directory services (X.500).
SYMCOR, MISSISSAUGA, CANADA 2007-2009
Security Architect
Reporting directly to the CISO, the position provided IAM, PIM and IT security / risk management
strategic support for the largest item / statement processing organization in Canada.
Responsibilities: leadership, coordination and communication of security strategy and roadmap,
governance-based risk management methodology, capability maturity / KPI reporting for core
Enterprise functions: IAM/ PIM, SIEM and Security Architecture (SDLC gating with SPARX/EA).
Projects: IAM / PIM requirements gathering and analysis, policy recommendation (internal and
external), role-based provisioning (SDLC), IT Security Roadmap and annual Security Plans, storage
security (SunMicro KMS), C/S (PGP, Utimaco/SG), specialized audit support for PCI-DSS.
Page 2 of 3
3. Silviu Trofimov (CISA, CISSP)
COMPUTER ASSOCIATES (CA), FRAMINGHAM, MA 2006-2007
Security Architect / IAM Practice
Reporting to the VP of IAM practice / North America, the position supported client architecture
integration process for the implementation of IAM solution offered by CA (eTrust suite /*Minder).
Responsibilities: provision of rapid solution architecture (SAO/SAS), security assessments (capability
maturity modeling within Integrated IT Flows), business case, roadmap, and project planning.
Projects: AAA Framework for top-tier US wireless operator, SAP NetWeaver –SiteMinder
integration for Canadian network operator, Federation Services (SiteMinder and PingIdentity) for
mobile phone operators / service provider networks. CA Trainer for CA eTrust and SAML.
VERISIGN CANADA / SOLTRUS, TORONTO, CANADA 2001-2006
Chief Security Architect
Reporting to VP Technology and Professional Services, the position provided consulting and
architecture leadership for the VeriSign Canadian operations.
• Managed Soltrus consulting practice and security consulting framework (“Network Wellness”
program), acting as principal for requirements gathering, solution design, planning and project
execution for PKI/PMI, directories, network security and integration.
• Directed the Security Infrastructure division of Soltrus through its transition from CIBC-
VeriSign unit: data center relocation and security enhancements for the multi-tiered SOC
infrastructure; developed, implemented and tested the DR plans for VeriSign MPKI operations.
1998-2001
Senior Security Consultant, Deloitte & Touche LLP / SeB, Toronto, Canada
Global Security Analyst, Celestica, Global IT eBusiness Group, Toronto, Canada
CERTIFICATIONS
Palo Alto Networks (ACE) 2012
Juniper Networks Certified Internet Specialist / Professional (JNCIS-SEC, JNCIP-SEC) 2012
Juniper Networks Technical Master, Authorized Design Specialist, Net Advanced Infra, Net Advanced
Security, JNCIS-ER, JNCIA-ER, JNCIS-SSL, JNCIA-SSL, JNCIS-AC, JNCIA-EX 2011
IBM Tivoli ISS Tech Advisor / Pre-Sale Specialist 2010
ABCP / DRII (Disaster Recovery Institute) 2010
K-Learning PMP (Project Management Professional) Certification 2010
Inquestra Business Systems Analyst Certification 2009/2010
CA Architect Academy (Certified CA Architect) 2006 / 2007
CA SiteMinder / IdMinder /eTrust (TopGun Certification and Trainer) 2006
Sun IdM (Certified in Sun Microsystems WaveSet Lighthouse Administration / Implementation) 2004
ISC2
/CISSP (Certified Information Security Systems Professional) 2002
VCA/VCE (VeriSign Certified Administrator / Engineer, VeriSign OnSite / MPKI) 2001
ECRA / ECRE (Entrust / PKI Management, trust models and directory integration) 2001
ISACA/CISA (Membership / Certification) 2001/2005
CCSA/CCSE (CheckPoint Certified System Administrator / Engineer Certified) 1999
AWARDS AND HONORS
Top CISA exam writer, Toronto Chapter 2002
Wolfson Scholarship, UK (4 years) 1994
Page 3 of 3