Summary
Overview
Work History
Education
Skills
Affiliations
Preferred Job
Organisational Managerial Skills
Personal Information
Volunteer Experience
Certification
Interests
Work Availability
Quote
Timeline
Hi, I’m

Gábor Kisfaludi

Principal IT Security
Érd
Gábor Kisfaludi

Summary

Accomplished IT security specialist offering 20+ years' experience in comprehensive design and development of security frameworks for IT security projects. Attentive collaborator and communicator from project conception to completion. Creative in devising solutions to improve IT security operations to meet the requirements. Seasoned team leader possessing the technical and interpersonal skills to provide exceptional project deliverables.

Overview

31
years of professional experience
11
years of post-secondary education
3
Certifications
3
Languages

Work History

CELANESE Hungary Ltd

Principal IT Security
2023.07 - Current (3 education.years_Label)

Job overview

Vendor Risk Assessment (VRA)

  • Setting up process and protocol for VRA according to ITILv4 supplier management and NIST 850,
  • Tracking down and F2F meeting with vendors' POC to assess maturity and readiness of IT Security of over 300 vendors in ServiceNow risk module
  • Provided expert opinion for purchase strategy.

Project IT security consultancy

  • Approving projects at stage gates
  • Advising architects, project managers, developers and other interested parties on IT security

Business or sector: IT Security Consultancy and Operations in Chemical industry

DEUTSCHE TELECOM IT SOLUTIONS

Senior Security Consultant
2021.06 - 2023.07 (2 education.years_Label & 1 education.month_Label)

Job overview

DEUTSCHE TELECOM IT SOLUTIONS – Hungary / Budapest

Security consultancy for

  • Linux and Windows distributed cluster systems in multiple projects at Shell Global Account based on ISO 2700x, NIST, ISO 22301, PCI DSS, ETSI, OWASP and internal T-Systems and Shell company standards using Waterfall and Scaled Agile Framework (SAFe) project management methodology for private and commercial cloud secure services,
  • Security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems,
  • Development and validation of baseline security configurations for operating systems, applications, and network equipment,
  • Audit for internal and external technical control and vulnerability assessments to identify control weaknesses and assess effectiveness of existing controls, and recommend remedial action,
  • Source code reviews,
  • Remediation of findings of network and application penetration testing (Black box, Grey box and White box),
  • Definition of detailed security architecture for HLD, DLD of IT systems,
  • Remediation of technical security audits,
  • Remediation of log analysis and security monitoring,
  • Remediation of IT infrastructure/ Application Security configuration reviews,
  • Design and implementation of technical security mechanisms and technologies,
  • Design and implementation of technical security standards and procedures.

Business or sector: Telecom and IT Consultancy and Operations

Tools /Technologies and Methodologies: Linux, Windows, NIST, ISO 2700x, PCI DSS, GDPR, ETSI, OWASP, Waterfall, Agile, Cloud Secure service, Confluence, JIRA, Audit techniques

MATRIX Ltd
Budaörs, PE

System Designer and Python Developer
2019.01 - 2021.07 (2 education.years_Label & 6 education.months_Label)

Job overview

Total Cloud Consulting Ltd, -Budapest, Hungary

  • Sales support on Amazon WEB Services
  • Providing consultancy in compliance and security, DPA, GDPR, ISO27001, ISO22301, NIST850, handling intellectual property.
  • Risk based project design, execution for GDPR compliance and implementation of regulations and IT solutions.
  • System design, setup of IT environment, content design, project management of Moodle and Guru/Joomla LMS/CMS Web based e-learning systems.
  • Creation and customization of learning materials and user support.

AAM Ltd.
Budapest, BU

Senior IT Security Consultant
2019.08 - 2019.12 (4 education.months_Label)

Job overview

  • Providing consultation services of financial institutions (banks and insurance comps) including BCP / DRP design, regulations based on ISO 27000 and ISO 22301 standards, OWASP, audit services on IT security and GDPR. Regulating, auditing and streamlining IT security processes.

Business or sector: Consulting

Tools /Technologies and Methodologies:

ISO 2700x, ISO 22301, PCI DSS, GDPR, OWASP, Hungarian and EU regulations for banking industries, audit techniques

NATIONAL DIRECTORATE GENERAL OF DISASTER MANAGEMENT, MINISTRY OF INTERIOR

CISO - Chief Information Security Officer
2018.07 - 2019.07 (1 education.year_Label)

Job overview

  • Setting up IT security function based on Hungarian Information Systems Security Act, Regulating, auditing and streamlining IT security processes.
  • Designing, setting up distribution and providing information and regular education for all clients in IT security as support.
  • Contracting and controlling vendors, suppliers, solution and service providers and contractor

    Business or sector: Public Sector
    Tools /Technologies and Methodologies: ISO 2700x, ISO 22301, PCI DSS, GDPR, Hungarian and EU regulations for banking industries, audit techniques

Total Cloud Consulting Ltd
Budapest, BU

Advisor (external)
2016.06 - 2018.07 (2 education.years_Label & 1 education.month_Label)

Job overview

  • Sales support on Amazon WEB Services
  • Providing consultancy in compliance and security, DPA, GDPR, ISO27001, ISO22301, NIST850, handling intellectual property.
  • Risk based project design, execution for GDPR compliance and implementation of regulations and IT solutions.
  • System design, setup of IT environment, content design, project management of Moodle and Guru/Joomla LMS/CMS Web based e-learning systems.
  • Creation and customization of learning materials and user support.
  • General IT and IT Security Consulting – setup, improvement for Local Government of City of Szentendre,

Business or sector: IT Consulting

Tools /Technologies and Methodologies: DPA, GDPR, ISO27001, ISO22301, NIST850, GDPR

Compliance, Moodle and Guru/Joomla LMS/CMS Web based e-learning systems.

CENTRAL ADMINISTRATION OF NATIONAL PENSION INSURANCE

CISO - Chief Information Security Officer
2016.06 - 2018.06 (2 education.years_Label)

Job overview

CENTRAL ADMINISTRATION OF NATIONAL PENSION INSURANCE – Budapest, Hungary

  • Setting up IT security function, designing and ensuring compliance to local regulations and EU directives under State Audit for more than 130 systems ranging from Windows, Unix, AS400 and IBM39xx and networks, 4500 clients located in 200+ locations in Hungary.
  • Regulating and streamlining IT security processes.
  • Designing, setting up distribution and providing information and regular education for all clients in IT security as support, designing security architecture for infrastructure development projects costing 13M EUR, compounded.
  • Controlling firewall and antivirus protection activities.
  • Leading IT security administration group of 5 people.
  • Contracting and controlling vendors, suppliers, solution and service providers and contractors. GDPR preparatory control

Business or sector: Public Sector

Tools /Technologies and Methodologies: Windows, Unix, AS400, IBM39xx, Control Firewall,

IT Security Administration

WIPCON Ltd

Owner and Senior IT Security Consultant
2001.09 - 2016.05 (14 education.years_Label & 8 education.months_Label)

Job overview

WIPCON Ltd -Budapest, Hungary

  • System design, software and hardware development of COBIT/ISO 27000 audited legally compliant security entry system for poker cardrooms.
  • Outsourced CRM management, DW/BI applications and sales information distribution infrastructure (MS SPPS) for HP Hungary; ISO 9001 audit
  • As senior consultant to SMBs facilitating starting up web-based businesses.
  • Led Siebel CRM deployment in Hungary
  • Led projects for developing DW & reporting capability and data/information distribution infrastructure
  • Development of webshops in HTML/MySQL/PHP in hosted environment.
  • WEB design with Adobe DreamViewer MX. Website development in Joomla CMS.
  • Algorithmic trading on FOREX with MetaTrader4 and MetaTrader5 platform

Business or sector: Consulting

Tools /Technologies and Methodologies: COBIT/ISO 27000, Outsourced CRM management, DW/BI applications, information distribution infrastructure (MS SPPS), ISO 9001 audit, Led Siebel CRM, HTML/MySQL/PHP, Adobe DreamViewer, MX, Joomla CMS, FOREX with MetaTrader4 and MetaTrader5, Web design

COMPAQ Hungary Ltd

BID Office Manager and CRM Lead
1999.09 - 2001.08 (1 education.year_Label & 11 education.months_Label)

Job overview

  • Responsible for bids and sales processes, Developed and installed information supply and knowledge management systems

DIGITAL EQUIPMENT (DEC) Hungary, LTD.

MAJOR ACCOUNT SALES MANAGER, PUBLIC SECTOR, EDUCATION & MEDIA
1995.02 - 1999.08 (4 education.years_Label & 6 education.months_Label)

Job overview

  • Increased sales, Managed projects for the public sector

ROYAL SECURITY CORP.

CEO
1993.01 - 1994.12 (1 education.year_Label & 11 education.months_Label)

Job overview

  • Organization of structure, operations, staffing, marketing

Education

KATZ GRADUATE SCHOOL OF BUSINESS, Pittsburgh, PA, USA

BUSINESS ADMINISTRATION (MBA) from Marketing and IT Management
1993.09 - 1993.05 (-1 education.years_Label & -4 education.months_Label)

University Overview

INTERNATIONAL MANAGEMENT CENTER (CEU), Budapest

BUSINESS ADMINISTRATION (MBA) from Marketing and IT Management
1991.09 - 1992.05 (8 education.months_Label)

University Overview

EÖTVÖS LORÁND UNIVERSITY (ELTE), Budapest

DOCTOR OF PHILOSOPHY from Chemistry
1984.09 - 1988.04 (3 education.years_Label & 7 education.months_Label)

University Overview

Hungarian Academy of Sciences, Budapest

CANDIDATE OF SCIENCE FOR CHEMICAL SCIENCES from Inorganic chemistry
1984.09 - 1987.05 (2 education.years_Label & 8 education.months_Label)

University Overview

EÖTVÖS LORÁND UNIVERSITY (ELTE), Budapest

RESEARCH CHEMIST from Major: Nuclear Chemistry
1979.09 - 1984.05 (4 education.years_Label & 8 education.months_Label)

University Overview

Skills

    ITIL v4 Foundation 2019

Scaled Agile - SAFe (2022, 2023)

Information Security

Requirements Gathering

Business Solutions

Cybersecurity Best Practices

Cloud Computing

Client Communications

Software Development Lifecycle

Technical Architecture Design

Proficient in Python, HTML, MySQL, PHP

Adept in ServiceNow

Python & data science datacamp online - data wrangling, SQL, analysis tools (2019)Data scientist Nanodegree program - Udacity (online) (2019)

Flexible and Adaptable

Troubleshooting

Written Communication

Customer Relations

Attention to Detail

Calm Under Pressure

Self-Directed

Analytical Thinking

Information security integration

Information security technology

Safety and security regulations

Premises Security

Affiliations

Affiliations
  • Member of ISACA Budapest chapter (2001- )
  • Member of the Board, ISACA Budapest Chapter (2010-2013)
  • Member of the Hungarian Fulbright Alumni Association (1993- )
  • Member of the Assembly of the Hungarian Academy of Sciences (1988- )

Preferred Job

Preferred Job
IT Security, GRC, Compliance management

Organisational Managerial Skills

Organisational Managerial Skills
Owned and managed private enterprise for 15 years in Hungary between 2001-2016 Managed several multimillion USD IT projects for the public sector at a multinational company Directly managed a team of 5 people Managed multiple vendors and subcontractors in IT projects for 20+ years. Corporal at the rocket artillery of Hungarian Armed Forces #MN1971 (1978-79)

Personal Information

Personal Information
  • Date of Birth: 04/06/1960
  • Gender: Male
  • Nationality: Hungarian

Volunteer Experience

Volunteer Experience
International Children's Safety Service (2012 - )

Certification

CISA - Certified Information Systems Auditor

Interests

IoT

Geocaching

Availability
See my work availability
Not Available
Available
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Quote

You only have to do a few things right in your life so long as you don’t do too many things wrong.
Warren Buffett

Timeline

Principal IT Security
CELANESE Hungary Ltd
2023.07 - Current (3 education.years_Label)
Senior Security Consultant
DEUTSCHE TELECOM IT SOLUTIONS
2021.06 - 2023.07 (2 education.years_Label & 1 education.month_Label)
Senior IT Security Consultant
AAM Ltd.
2019.08 - 2019.12 (4 education.months_Label)
System Designer and Python Developer
MATRIX Ltd
2019.01 - 2021.07 (2 education.years_Label & 6 education.months_Label)
CISO - Chief Information Security Officer
NATIONAL DIRECTORATE GENERAL OF DISASTER MANAGEMENT, MINISTRY OF INTERIOR
2018.07 - 2019.07 (1 education.year_Label)
Advisor (external)
Total Cloud Consulting Ltd
2016.06 - 2018.07 (2 education.years_Label & 1 education.month_Label)
CISO - Chief Information Security Officer
CENTRAL ADMINISTRATION OF NATIONAL PENSION INSURANCE
2016.06 - 2018.06 (2 education.years_Label)
Owner and Senior IT Security Consultant
WIPCON Ltd
2001.09 - 2016.05 (14 education.years_Label & 8 education.months_Label)
BID Office Manager and CRM Lead
COMPAQ Hungary Ltd
1999.09 - 2001.08 (1 education.year_Label & 11 education.months_Label)
MAJOR ACCOUNT SALES MANAGER, PUBLIC SECTOR, EDUCATION & MEDIA
DIGITAL EQUIPMENT (DEC) Hungary, LTD.
1995.02 - 1999.08 (4 education.years_Label & 6 education.months_Label)
KATZ GRADUATE SCHOOL OF BUSINESS, Pittsburgh, PA, USA
BUSINESS ADMINISTRATION (MBA) from Marketing and IT Management
1993.09 - 1993.05 (-1 education.years_Label & -4 education.months_Label)
CEO
ROYAL SECURITY CORP.
1993.01 - 1994.12 (1 education.year_Label & 11 education.months_Label)
INTERNATIONAL MANAGEMENT CENTER (CEU), Budapest
BUSINESS ADMINISTRATION (MBA) from Marketing and IT Management
1991.09 - 1992.05 (8 education.months_Label)
EÖTVÖS LORÁND UNIVERSITY (ELTE), Budapest
DOCTOR OF PHILOSOPHY from Chemistry
1984.09 - 1988.04 (3 education.years_Label & 7 education.months_Label)
Hungarian Academy of Sciences, Budapest
CANDIDATE OF SCIENCE FOR CHEMICAL SCIENCES from Inorganic chemistry
1984.09 - 1987.05 (2 education.years_Label & 8 education.months_Label)
EÖTVÖS LORÁND UNIVERSITY (ELTE), Budapest
RESEARCH CHEMIST from Major: Nuclear Chemistry
1979.09 - 1984.05 (4 education.years_Label & 8 education.months_Label)
Gábor KisfaludiPrincipal IT Security