Mar 2024 – Present · 2 yrs · Tel Aviv District, Israel · Hybrid

• Oversee the organization’s cybersecurity strategy and operations.
• Own all cybersecurity aspects and risk mitigation efforts.
• Develop and enforce cybersecurity policies and standards.
• Conduct risk assessments and fix security gaps.
• Ensure compliance with industry regulations.
• Lead incident response and recovery plans.
• Deliver cybersecurity training for staff.
• Monitor and manage security across systems.
• Integrate security within business processes.
• Advise leadership on threats and cybersecurity trends.

Feb 2024 – Apr 2025 · 1 yr 2 mos

• Chief Information Security Officer as a service (VCISO)

Jan 2022 – Jan 2024 · 2 yrs

• Managing OTORIO's Cyber security team
• Product security architect and application security
• Protect the cloud environments and the CICD process
• Evaluating cyber security, configurations, and strategy.
• Developing and designing security plans and implementations.
• Performing security audits based on leading industry standards.
• Act as a trusted advisor for industrial and operational organizations CISOS
• Consulting and developing security roadmaps, policies, and procedures.
• Guide the IT, R&D teams, legal support HR and Finance units
• GRC: ISO 27001, IEC62443 SOC2

Jan 2017 – Jan 2022 · 5 yrs

• GRC, experienced navigating security in highly regulated environment
• Evaluation of technological and process risks designing relevant controls
• Guiding the (SOC) and defining relevant work scenarios at the (SIEM) system
• Crisis management and incident response
• Proven experience in securing hybrid cloud environment.
• Prepare the organization for a cyber crisis
• Directly manage information security team
• Managing risks surveys, penetration tests and red team tests
• Create and manage a unique employee's awareness program
• Present information security status and security review to management and board of directors
• Plan a yearly budget and a yearly work plan
• Defining a secure architecture solutions for business needs
• Risks prioritizing off all IT related risks and building a risk mitigation plan
• Chain of supply, security due diligence and security legal appendix

Oct 2013 – Dec 2016 · 3 yrs 2 mos · Rehovot

• Information Security Services, ongoing support for customers
• PCI Assessments, prepering customers for a PCI Audit
• Perform penetration tests, internal, extenal, application and Infrastructure.
• Perform Information Security Assessments
• Application Security, secure code developing principles
• Defining Information Security Procedures and Policies.
• Project Managment, Monitoring project activities and advised staff of issues due to resource availability.
• Risk Assessment Risk Management, Fundamentals, Risk Assessment, Qualitative and Quantitative Assessment, The Hybrid Approach, Asset Management, MSAT, Identifying Asset, Vulnerability, Formalizing Risk Statement, Prioritizing Risk, Stating Solutions
• Legal & Regulatory: The Applicable Legislation, The privacy Act, Information reservoirs, Registration & Protection, The Regulation, 357,257.

Aug 2010 – Mar 2013 · 2 yrs 7 mos · israel aerospace indusry

• Monitor satellites spacecraft status.
• Reviewing real-time telemetry and initiating immediate
• response to spacecraft, telemetry, tracking and
• control anomalies.
• Routine operation of Amos satellites and ground control station.
• Custemer support of international companies.

Mar 2007 – Jan 2009 · 1 yr 10 mos · Israel

• Integration, installation and upgrade of systems in the field of cellular communications.
• Management and maintenance of worldwide projects with frequent and extensive travels to the regions.
• Post sale / technical support to clients worldwide.
• Technical training.
• Installation of systems for clients worldwide.
• Systems knowledge (UNIX, LINUX, WIN), SQL, XML.

Feb 2004 – Feb 2007 · 3 yrs

• Head of Network integration team
• In this role I was responsible for:
• Designing, intstalling, configuring and testing IAF computer networks
• Locating complicated network faults using different monitoring equipments such as: Sniffer pro, Fluke and HP Open View, and fixing them in the shortest time possible
• Designing new Lan & Wan network topologies for new projects and for legacy networks
• Documenting and establishing new networks, this includes configuring network switches and routers such as: Cisco routers, Cisco catalysts and Lucent switches.
• Measuring and improving network performance in terms of delay, jitter, redundancy, stress, scalability, upgrade & maintenance issues and stability