Confidential
Curriculum Vitae
of |
|
Endre P. Bihari JP
MBA (Technology Management); Grad. Dip of Comp.; GAICD, CISM; MCSE; CCSA |
|
Last revision:
20th of December 2005
Contact Details:
Address: |
Australia |
Mobile: |
+61 (0)414 35 15 58 |
Email: |
|
Web: |
CAREER Objective
A position in a senior, leading role in an IT organisation where the experience to date can be applied, and further developed. This could be in on an employed or contracted basis.
Professional Summary
Endre brings Enterprise Architecture and Management experience as an end-to-end senior consultant to the design and conduct of business projects in IT strategy, infrastructure planning, integration and operational management. He has a strong understanding of project management; strategic planning, and other value add activities across different platforms. This experience is based on hands on exposure to industry areas ranging from manufacturing through telecommunications to government across e-business, IT Security and Network Integration and more traditional business areas.
Endre’s experience is derived from 16 years working with internationally competitive companies in areas ranging from:
Ø Information Technology solution design, procurement and integration including contract negotiations and the development and management of strategic relationships;
Ø Project management of significant business projects balancing the cost, quality, speed triangle;
Ø Conduct of IT operation management covering infrastructure planning, optimisation & rationalisation, standardisation, data centre etc.;
Ø Technology lifecycle management; support & maintenance, vendor management, including service level agreements.
Ø Risk assessment and management, methodologies and quality assurance systems.
Ø Bespoke solution design, development and implementation of complex problems;
Ø E-commerce solutions from conceptual modelling to executing projects and implementation;
Ø Startup business implementation - physical and technical infrastructure, costing and management;
Ø International commerce experience (including international negotiation, contracting and payment) and in-depth cross-cultural understanding of the following countries: Australia, EU, Japan, SE Asian countries, Russia and former Eastern-Bloc countries, Sri Lanka.
KEY SKILLS AND ATTRIBUTES
§ Project Management competence is a core skill in achieving success in a number of senior management roles. While developed and honed in a range of complex projects, to develop clear project plans and manage projects to deliver outcomes that meet quality, cost and time specifications, this capability has realised significant financial benefits in a number of industries. Prominent in this has been the ability to successfully realise business objectives and recover projects that are either poorly managed or in high-risk phases. Strong organizational skills; ability to plan, coordinate and monitor a significant number of complete functions simultaneously further enhanced this competence.
§ General Business Skills is demonstrated through the achievement of strategic change management objectives in several organisations resulting in the significant improvement of net profit performance. The application of business skills has produced positive outcomes in a diverse range of industries around the areas of risk assessment and reduction, service and product quality improvements and cost containment.
§ Strategic planning skills have been applied in a range of areas including IT strategy development and implementation, and taking e-business concepts through design, development and deployment.
§ Persuasion/Negotiation skills have been a central element to identify and assess a range of possible options, convince others of a point of view in implementing project strategies and successfully negotiating and dealing with diverse client groups. Exposure to a broad cross section of organisational cultures has arisen by working with privately held and mutually owned companies, listed entities and Government bodies.
§ Presentation skills have been refined through multiple forms of delivery to audiences ranging from formal board and government presentations to the less formal and informal presentations at operational levels, including shareholders and other stakeholders.
§ Corporate financial skills are demonstrated by successfully setting budgets appropriate to needs and negotiating with corporate strategy on new project initiatives, and by control of operational and discretionary spend.
§ Successful people management has been a central focus in managing multifunctional teams implementing significant and complex business initiatives. This competence has been applied across a broad range of industries and multinational projects via combinations of virtual and direct team structures.
Education
Academic |
Industry Training |
PhD (Research title: IT Security Governance as part of Corporate Governance) current |
Corporate Directors Course Diploma (Australian Institute of Company Directors) 2004 |
MBA[1] in e-business (Deakin University) 2003 |
CISM[2] 2003 |
Graduate Diploma of Management (Deakin University) 2002 |
Competency-Based Project Management (Planpower Pty Ltd) 2000 |
Graduate Certificate of Management (Deakin University) 2001 |
MCSE[3] 1999 |
Graduate Diploma in Computing (Monash University) Average: D (distinction) Finished: 1998 |
CCSA[4] 1997 |
Certificate in Marketing (Clements School of Management) Finished: 1993 |
Certificate IV in Microcomputer Technology Average mark: 92% Finished: 1996 |
|
|
Detailed Skills and Areas of Expertise
Skill/Expertise |
Duration (Years) |
Industry |
General Management § Finance § HR / IR § Operations
|
Transport / IT / Retail |
|
e-commerce; e-government (B2B, B2C, B2E, G2B) § Conceptual Modeling § ERP (SCM ), CRM (SCHM) § EProcurement § E-Marketing § E-Commerce catalogue systems, portals § E-Learning § Knowledge Management m-commerce
|
6 |
Government / Retail / Freight Forwarding / Utilities / Education / IT
Telecommunication |
General Business Skills Corporate Strategy Business Analysis Policy/Process/Procedure Development ISO 9001 QA System Development IPO/Merger Management SLA Development, Management
Business Continuity Planning / Disaster Recovery Planning § Impact Assessment § Contingency Planning § Emergency Response Procedures § Recovery Strategy / Procedure Development
Vendor Management Contract Management Change Management BPR (Business Process Reengineering) § Business / Process Mapping Presentation (Class, Board, Public environment)
|
10 9 10 7 5 7
7 7
10 10 9 7
18 |
Retail / IT / Government Retail / IT / Government Manufacturing / Finance IT (Software/Operations) IT Manufacturing / Telecommunication
Manufacturing / IT / Retail / Transport
IT / Retail / Manufacturing Transport / IT / Retail IT / Transport / Retail IT / Finance / Government
IT / Transport / |
IT IT Strategy § Consultation / Development / Implementation Information Security § Access Control / OS Hardening § Vulnerability Management § Operation Control Guidelines Development § Risk Management § Risk Assessment § Risk Reduction / Policy Development § Asset Profiling § Security Baseline creation § Security Policy / Standard / Guideline development Security Audit IT Solution Development, Integration Internet/Intranet development TCP/IP networking Project Management (full SDLC)
|
12 7
10 10 9 9 6 6 6 4 10 7
6 12 9 9 12 |
Government / Finance / Transport / Education Government / Utilities / Finance / Manufacturing / Mining / Resources
Telecommunication / Education / Government / IT IT / Government/ Retail Construction / IT / Finance |
Selected Technical Skills
Software Package |
Version |
Experience (Installation and Support) |
Duration (years) |
Knowledge level on the scale from 1 - 10 |
Antivirus Packages (All enterprise level) |
|
ü |
12 |
9 |
Backup Software (Enterprise) |
ARCServe 6.0 – 6.61 Seagate Backup Exec |
ü |
9 |
9 |
Checkpoint FireWall-1 |
2.1 – NG |
ü |
8 |
8 |
Microsoft Office |
4.2 – XP |
ü |
12 |
9 |
Content Security |
Mimesweeper |
ü + General Usage |
4 |
8 |
Project Management Software |
Project, PMW |
ü + General Usage |
10 |
7 |
Oracle |
7.3 – 9i |
ü |
4 |
6 |
Intrusion Detection (IDS) |
ISS |
ü |
7 |
5 |
OS |
|
|
|
|
NT/Windows 2003 Server |
|
ü |
10 |
10 |
MS BackOffice |
4.0 – 4.5 |
ü |
8 |
9 |
Unix (Linux, Solaris) |
5.0 – 6.2; 2.4 – 2.6 |
ü |
5 |
4 |
Novell Netware |
3.12 – 4.1 |
ü |
5 |
4 |
Programming Language |
|
|
|
|
C, C++ |
|
Small Business |
5 |
6 |
SQL |
|
Enterprise |
5 |
6 |
Internet related languages (HTML, Javascript) |
|
Enterprise |
5 |
6 |
Standards / Guidelines |
Methodologies |
ISO/IEC 17799 (AS/NZS 4444) Code of Practice for IT Security |
COBIT[5] |
ISO/IEC TR 13335-(1 to 5) Guidelines for Management of IT Security |
|
ISO/IEC 15408 (Part 1 to 3) Security Evaluation Criteria |
ITIL[8] |
AS/NZS 4360 (Risk Management) |
ISF[9] |
AS 8000 Series (Governance) |
BSI IT Baseline Protection Manual |
ACSI 33 (Australian Communications-Electronic Security Instruction) |
PMBOK[10] |
NIST[11] (Special Publication 800 series) |
Prince2 |
Career History
2004, November – 2005, August
Deloitte Touche Tohmatsu
Director, INFormation Security (contract)
DTT is one of the four big consultancy firms. This role was created to support the Enterprise Risk Services group with clients who needed information security governance consulting. The role included both consulting and client management.
Selected Achievements
§ Developed an information security architecture framework for a major Australian state government agency;
§ Created an information security governance framework for a semi-government client.
§ Developed information security governance and assurance metrics.
§ Established information security Governance controls.
§ Formulated Pervasive and General information security Principles
§ Created an AS/NZS ISO/IEC 17799:2001 compliant policy framework.
§ Advised on data centre security requirements and architecture.
§ Consulted on security architecture for HelpDesk.
§ Developed the security architecture for a SAN[12].
§ Created information security management and operational processes (e.g. Patch and Antivirus Management processes; Access Control and Root Cause Analysis processes).
§ Developed an Asset Classification framework.
§ Identified and developed new business opportunities in risk management, information security governance and technical architecture areas.
1992 – 1997July; (2001 July – Current)
PERFORMANCE RESOURCES
Managing Consultant
The focus of this position has been identifying and developing opportunities in the eBusiness and m-commerce areas; providing corporate and government strategic IT solutions and leveraging Endre’s military background to provide secure enterprise networking solutions and other facets of Information Security based on international standards/methodologies.
Selected Achievements
§ Created information security architecture to several government owned organisation.
§ Developed an AS/NZS ISO/IEC 17799:2005 and ISO/IEC 27001:2005 compliant policy
§ Taught the CISM[13] exam preparation course on behalf of ISACA.
§ Participated in final reviews of ISACA teaching materials and publications.
§ Project managed IT Audits and BCP[14]/DRP[15]s, both in manufacturing and telecommunication;
§ Developed Security Risk Registers and Compliance Assessment methodologies.
§ Conducted Sensitivity Assessment throughout the Computer System Life Cycle.
§ Consulted on secure Network Design and eBusiness Security Systems to government and several SME[16]s.
§ Consulted to the government of an Asian country in regards to IT strategy, providing advice on five functional areas. The recommendations are being implemented.
§ Developed an International Service Delivery Model (ISDM) using Virtual Teams over the Internet.
§ Project managed multiple projects ranging from $80,000 to $1,000,000 using Strategic Opportunism[17] to deliver them on time and within budget.
§ Project managed an e-commerce development over the Internet using three-tier architecture based on EJB[18], Java Servlets and JSP[19]s throughout the full SDLC[20].
§ Project managed the development of a WAP application targeted for use by major carriers in three-tier architecture, using different Java languages. The potential earning power of this product is very high, so a Business Plan was also developed for potential investors.
§ Designed a Windows 2000 Network Infrastructure including Directory Services. Project managed the migration from an NT environment to the Win2K platform.
§ Designed, developed and project managed a B2E Intranet based on Microsoft SharePoint Portal Server.
§ Developed a curriculum and successfully trained several people to MS Certification with over 95% success rate.
§ Contracted, placed and managed/coordinated personnel at multiple international development sites working on interconnected projects in the wireless telecommunication field.
§ Consulted to several small/medium businesses.
Other large scale projects in the IT Security, e-business and IT networking sphere, which can be discussed personally, due to NDA[21]s.
2004 June – 2004 November
ANZ BANK
INFormation Security Risk Consultant Manager (contract)
ANZ Bank is one of the leading banks in Australia. This role reports to the manager Business Security Management within Global Information Security and is responsible for the revision and management of the information security policy framework and the creation of the information security governance and strategy model throughout the global ANZ.
Selected Achievements
§ Created a three year strategic plan;
§ Created a two year tactical plan;
§ Established an operational plan for the next financial year;
§ Created the strategic objectives, enabling strategies, strategic imperatives, programmes and initiatives for ANZ global information security;
§ Developed strategic conversation documents, impact analysis and performance measurement tools;
§ Aligned the information security strategy with business objectives;
§ Developed security programme and project charters;
§ Conducted workshops on strategic thinking and strategy lifecycle management;
§ Created a Balanced Scorecard for initiative performance management;
§ Created a strategic service framework;
§ Built a strategy development methodology using a Strategy Tree approach;
§ Developed the improvement criteria and plan for the policy and strategy service using the SSE-CMM methodology;
§ Established Key Process Areas, Common Features and Key Practices for the policy and strategy services;
§ Redesigned the security risk register;
§ Established a topical Information Security Management forum;
§ Engaged external consultants and managed third party teams to achieve project targets.
§ Managed a core project team of 8 people including senior executive managers and an extended virtual team of 14 people.
2002 January – 2004 May
BHP BILLITON
Enterprise Architecture Consultant Manager (contract)
BHP Billiton is the leading diversified natural resources group in the world, with offices and operations around the world. The position belongs to the corporate IT Enterprise Architecture group having the responsibility to oversee and incorporate all aspects of IT Security in every IT development.
Selected Achievements
§ Assisted the Global Strategy and Architecture group in developing strategies for the introduction of leading edge technologies;
§ Project Lead for the AD[22] Security design for the Global Server Upgrade project;
§ Provided Subject Matter Expert guidance on several e-business initiatives involving third parties;
§ Developed several Policies and Standards (including Antivirus, Internet Access, Intrusion Detection, Third Party Access, PKI, Data Centre etc.);
§ Project Lead for corporate Enterprise Architecture Intranet site re-development;
§ Designed and re-designed business processes (ie. Standard Development, 3rd Party Risk Assessment etc.), using advanced BPR[23] tools and methods aligning processes with industry Best Practice;
§ Security Architect/Project Manager for the following projects:
Global Programming Threats (Corporate level multi-layered Anti-Virus program)
Next Generation WAN project using IP VPN based on MPLS[24].
Enterprise Directory Services (an X.500 LDAP Metadirectory structure)
eRooms (a managed team collaboration service)
Secure Email (Using PKI X.509 Certificates)
Security Awareness programme
(Projects range from a few million dollars to tens of millions of dollars);
§ Developed and compiled Communication Packs for assisting the delivery of projects;
§ Filled in for the Regional Lead, IT Security Australia/Asia;
§ Conducted forensic analysis;
§ Developed Risk Audit and Vulnerability Testing methodologies;
§ Developed a Security Risk Register
§ Developed a Risk Mitigation Strategy including Technical, Management and Operational Security Controls; Residual Risk Controls and Cost-Benefit Analysis.
§ Engaged the outsource service provider to several projects
§ Selected and employed several consultants;
§ Developed presentations on behalf of the CIO for leading industry forums.
§ Created / reviewed security design for several e-commerce applications.
October 2000 – July 2001
TRINITY BUSINESS SOLUTIONS LTD
This company was formed as the result of merger between several companies including LogicalTech (Aust) Pty Ltd specializing in end-to-end IT strategic solutions.
Enterprise Architect
Key Responsibilities:
§ Architect and operate the project to handover for internal IT staff to complete the delivery of Trinity’s next generation of product and service delivery capabilities.
Selected Achievements
§ Assumed responsibility for the corporate Intranet including daily maintenance and administration.
§ Participated in the development of a WEB enabled corporate document and knowledge management system.
§ Developed a Knowledge Management Center based on MS BackOfficeTM and OpenText technologies to provide integrated Web-based document management including Versioning, Document Collaboration, Profiling, Lifecycle Management, etc.
§ Initiated the development of a VOIP[25] network.
§ Provided pre-sales consultancy on LAN/WAN data & voice communication and e-commerce/security.
IT Manager
Key Responsibilities:
§ To establish core IT capabilities open to new and emerging business and technical opportunities; on line self-service, E-commerce; and value adding products, using innovative approach (Contingency Thinking[26]) to problem resolution.
§ Day to day Operations Management
§ Relationship management and service level negotiation with third party service providers
§ Education of key staff in the essence of change management
§ Preparation of Board papers and liaison with external auditors
Selected Achievements
§ Used highly developed leadership skills to deliver a customer focused, task/result oriented operating style within the business unit using empowerment techniques.
§ Designed and implemented a corporate WAN including a SOE[27] by integrating multiple independent networks into one based on CISCO technology.
§ Managed external vendors to ensure timely delivery of necessary components.
§ Carried out Capacity Planning and Scalability Studies to improve system efficiency.
§ Consulted to external parties on Risk Management and Contingency Planning.
§ Developed budget for the IT department of the corporate using Activity Based Costing.
§ Developed SLAs[28] for use with internal business units as well as external parties.
§ Signed off KPIs[29] for business unit as well as to subordinates.
§ Managed customer expectations to work effectively with shifting demands and rapid change;
§ Generated and improved business efficiencies through Process Mapping and BPR in relation to service call response time and procurement procedures.
§ Developed and maintained a Service Centre including a three-level HelpDesk solution.
July 1999 – September 2000
LOGICALTECH CORPORATION (PVT) LTD
General Manager (international, based in Sri Lanka)
This company is a subsidiary of LogicalTech (Aust) Pty Ltd, as they moved to globalisation, providing offshore development capabilities.
Key Responsibilities:
§ To establish and develop the new company from ground up;
§ To represent it at various levels of government and corporate;
§ To manage all aspects of emerging business needs including operations, finance and a broad spectrum of IR and HR issues.
Selected Achievements
§ Identified market trends and opportunities and developed a fourfold revenue stream by creating services that meet customer requirements, fit company strategy and have clear competitive advantage.
§ Negotiated and signed contracts with the country’s government (Board of Investment) and Landlord (World Trade Centre of Colombo).
§ Built a high performance organization by implementing organizational control systems, including TQM[30].
§ Personally developed, built and implemented a fully switched mixed (NT domain /Linux) network including a VPN[31] based on Checkpoint and Oracle technologies.
§ Identified partnering opportunities with 3rd parties and established relationships and work with alliance partners, vendors and customers
§ Developed documentation and reporting standards. (Business Requirement Specifications, System Enhancement Requests, etc.)
§ Established qualitative and quantitative reporting mechanisms designed to substantially reduce or eliminate annual consulting and external audit expenses.
§ Prepared quarterly and periodic management reporting for the Board of Directors on variances of actuals against budgets throughout the fiscal year.
§ Authored business cases and prepared a wide range of business analysis (i.e. Gap Analysis, Sensitivity Analysis, Organisational-level Analysis etc.).
§ Controlled and managed capital and operating budgets.
§ Managed several development processes including metrics, quality, methodologies, and people.
§ Attracted and developed a quality workforce by handpicking a core team from a pool of over 400 applicants.
§ Provided leadership to them including work planning, progress monitoring, resource assignment, and coaching, modeling and mentoring.
§ Achieved 100% employee retention by using MBO[32], One Minute Management and career planning to build loyalty, quality of work life and a challenging work environment.
§ Contracted personnel out at multiple international development sites working on interconnected projects and negotiated settlements.
August 1997 – July 1999
LOGICALTECH (AUST) PTY LTD
CONSULTANT (IT Security); MANAGER (Network, IT Operations; IT Security)
LogicalTech was a software house, specialising in software development, targeting the vertical market with high-end database solutions.
This position involved a wide variety of different areas in the computer industry. I completed several tasks as a Field Specialist, and then moved on to management tasks as Project Manager, finally I was given the task to overlook the company’s network and then IT Operations.
Selected Achievements
§ Designed, implemented and administered single- and multi-domain NT networks.
§ Consulted on network management issues in enterprise environments.
§ Project managed the migration of a mid-size network from Novell to an NT domain.
§ Provided background support for large development teams using SQL Server, IIS and Exchange Server etc.
Clients included Telstra eDirectory
OTFE
§ Provided solutions to different TCP/IP problems including DNS, WINS, DHCP, routing, etc.
Clients included: Department of Infrastructure
Department of the Premier & Cabinet
Registrar of Births, Deaths & Marriages
§ Installed, maintained and redeveloped several e-mail systems, using different SMTP servers.
§ Planned and project managed the building of several Internet/Intranet sites using different WEB technologies.
Clients included: OPE (The Office of Public Employment)
YES
MedWeb
§ Conducted IT Security Audits
Clients included: Bush Boake Allen Australia Ltd
Air Liquide Australia Limited
§ Redesigned and redeveloped corporate Internet Security Strategy including Perimeter Defence, Access Control and Authorisation, Operational Security Management, System and Network Security Administration.
§ Developed fully comprehensive IT Security solutions to several government and large corporate clients, and consulted on Internet Security including Checkpoint’s FireWall-1, Content Security, Virus Protection, Disaster Recovery, Authentication & Integrity, Contingency and Risk Management, etc.
Clients included: Coles Myer
Department of Justice
MOORE Business Systems Australia Ltd.
Roads and Traffic Authority (NSW)
Victoria Police
§ Planned, coordinated and monitored a significant number of functions simultaneously.
§ Project managed several BCP/DRP and risk management projects.
Clients included: Air Liquide Australia Limited
City West Water Limited
§ Initiated and project managed work process changes, using Process Value Analysis and Benchmarking to streamline several internal processes.
§ Prepared recommendations for the Board of Directors on organizational design and gained approval for those recommendations to be integrated into the company’s functional strategy on all occasions.
§ Closely involved in the development of standards, procedures and an ISO 9001 quality system.
(Further career history including managerial experience in large firms but not in the IT industry is available upon request. Please contact Endre’s Human Capital representative for further details.)
Glossary
[1] MBA Master of Business Administration
[2] CISM Certified Information Security Manager
[3] MCSE Microsoft Certified Systems Engineer
[4] CCSA Checkpoint Certified Software Administrator
[5] COBIT Control Objectives for Information and related Technology
[6] CMM Capability Maturity Model
[7] SSE-CMM Systems Security Engineering – Capability Maturity Model
[8] ITIL IT Infrastructure Library
[9] ISF Information Security Forum
[10] PMBOK Project Management Body of Knowledge
[11] NIST National Institute of Standards and Technology
[12] SAN Storage Area network
[13] CISM Certified Information Security Manager
[14] BCP Business Continuity Planning
[15] DRP Disaster Recovery Planning
[16] SME Small to Medium Enterprise
[17] Strategic Opportunism (Ability to remain focused on long-term objectives while being flexible enough in dealing with short term problems and opportunities as they occur)
[18] EJB Enterprise Java Beans
[19] JSP Java Server Pages
[20] SDLC System Development Life Cycle
[21] NDA Non-Disclosure Agreement
[22] AD Active Directory
[23] BPR Business Process Re-engineering
[24] MPLS Multiprotocol Label Switching
[25] VOIP Voice Over IP
[26] Contingency Thinking (matching managerial responses with the problems unique to different situations)
[27] SOE Standard Operating Environment
[28] SLA Service Level Agreement
[29] KPI Key Performance Indicator
[30] TQM Total Quality Management
[31] VPN Virtual Private Network
[32] MBO Management By Objectives