Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app
Work Background
Senior InfoSec Infrastructure Engineer/Architect, focused on DDI(DNS/DHCP/IPAM) solutions
Intel CorporationSenior InfoSec Infrastructure Engineer/Architect, focused on DDI(DNS/DHCP/IPAM) solutions
Oct. 2021 - Sep. 2024- Ensured corporate DNS/DHCP/IPAM(DDI) solutions and tools are designed, maintained, and operated using best security practices, according to InfoSec principles and standards (physical, network & app security). - Designed DDI solutions to enhance DDI service security, stability, scalability and functionality, while adhering to corporate InfoSec standards/policies. - Defined, designed and developed automation tools and processes to improve service data quality, reduce investigation and t-shooting times. - Managed DDI Products/solutions through different lifecycle stages. Defined roadmap. - Acted as a technical lead for a global team of engineers. ๐—ž๐—ฒ๐˜† ๐—”๐—ฐ๐—ต๐—ถ๐—ฒ๐˜ƒ๐—ฒ๐—บ๐—ฒ๐—ป๐˜๐˜€: โ€ข ๐——๐—ฎ๐˜๐—ฎ ๐—ฑ๐—ฟ๐—ถ๐˜ƒ๐—ฒ๐—ป ๐——๐——๐—œ ๐˜€๐—ฒ๐—ฟ๐˜ƒ๐—ถ๐—ฐ๐—ฒ โ€“ Transitioned DDI to a data-driven service, resulting in improvement of decision-making process for DNS & IPAM lifecycle management, enhanced anomaly detection capability, and uncovered product, architectural and customer originating problems. โ€ข ๐——๐——๐—œ ๐˜€๐—ผ๐—น๐˜‚๐˜๐—ถ๐—ผ๐—ป ๐—ฅ๐—™๐˜… - Initiated RFx for DDI solution, by presenting data-backed issues from the current products. Led the RFx process: 1) vendor engagement, 2) definition of security & functional requirements. โ€ข ๐—ฆ๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐—ป๐—ด ๐——๐—ก๐—ฆ ๐—ฟ๐—ฒ๐—ฐ๐—ผ๐—ฟ๐—ฑ๐˜€ ๐—น๐—ถ๐—ณ๐—ฒ๐—ฐ๐˜†๐—ฐ๐—น๐—ฒ - Defined, designed and integrated secure DNS lifecycle processes into existing DDI Solution. Developed automation to support these lifecycle processes. โ€ข ๐——๐—ฎ๐—ป๐—ด๐—น๐—ถ๐—ป๐—ด ๐——๐—ก๐—ฆ ๐—ฟ๐—ฒ๐—ฐ๐—ผ๐—ฟ๐—ฑ๐˜€ ๐˜๐—ต๐—ฟ๐—ฒ๐—ฎ๐˜ ๐—ฒ๐—น๐—ถ๐—บ๐—ถ๐—ป๐—ฎ๐˜๐—ถ๐—ผ๐—ป โ€“ Designed and developed an automated solution that detected and eliminated 100% of dangling DNS records, including a restore mechanism for false positives.
Senior Network Security Engineer/Architect, focused on Remote Access solutions
Intel CorporationSenior Network Security Engineer/Architect, focused on Remote Access solutions
Jun. 2016 - Oct. 2021Jerusalem, Israel- Ensured corporate remote access service is designed, operated and maintained using best security practices, adhering to InfoSec standards and frameworks. - Created architecture, design and documentation of remote access (on-prem & cloud) solutions, securing connectivity with 3rd party networks, M&As, tailored to customer needs. Evaluated new products via RFx process. - Product/solution management through different lifecycle stages, roadmap definition. - Technical lead for a global team of engineers. ๐—ž๐—ฒ๐˜† ๐—”๐—ฐ๐—ต๐—ถ๐—ฒ๐˜ƒ๐—ฒ๐—บ๐—ฒ๐—ป๐˜๐˜€: โ€ข ๐—–๐—ผ๐—ฉ๐—œ๐——๐Ÿญ๐Ÿต ๐—ถ๐—ป๐˜€๐˜๐—ฎ๐—ป๐˜ ๐—ฉ๐—ฃ๐—ก ๐—ฐ๐—ฎ๐—ฝ๐—ฎ๐—ฐ๐—ถ๐˜๐˜† ๐˜‚๐—ฝ๐˜€๐—ฐ๐—ฎ๐—น๐—ถ๐—ป๐—ด - Designed and led integration of on-prem and public cloud hosted virtualized VPN solutions to transition over 100,000 employees to fully remote mode of work within just three weeks. โ€ข ๐——๐—ถ๐—ณ๐—ณ๐—ฒ๐—ฟ๐—ฒ๐—ป๐˜๐—ถ๐—ฎ๐˜๐—ฒ๐—ฑ ๐—ฅ๐—ฒ๐—บ๐—ผ๐˜๐—ฒ ๐—”๐—ฐ๐—ฐ๐—ฒ๐˜€๐˜€ โ€“ Improved the adoption of โ€œLeast privileged accessโ€ security principle by changing architecture and design of the corporate remote access solution to offload authorization decisions to external PDP (Policy Decision Point). Laid the groundwork for ZTNA for remote access. โ€ข ๐—œ๐—ผ๐—ง ๐—ฆ๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐˜๐˜† - Designed and integrated a secure multi-domain solution for IoT devices used by smart building systems. โ€ข ๐——๐—ฎ๐˜๐—ฎ-๐—ฑ๐—ฟ๐—ถ๐˜ƒ๐—ฒ๐—ป ๐—ฅ๐—ฒ๐—บ๐—ผ๐˜๐—ฒ ๐—”๐—ฐ๐—ฐ๐—ฒ๐˜€๐˜€ (๐—ฅ๐—”) ๐˜€๐—ฒ๐—ฟ๐˜ƒ๐—ถ๐—ฐ๐—ฒ โ€“ transitioned Remote Access to become a data-driven service, enabling data-driven decision making to: 1) Improve visibility into overall service state, 2) Uncover security and configuration related problems, detect anomalies, 3) Improve capacity planning and increase the efficiency of resource utilization. โ€ข ๐—ฅ๐—ฒ๐—บ๐—ผ๐˜๐—ฒ ๐—”๐—ฐ๐—ฐ๐—ฒ๐˜€๐˜€ ๐˜€๐—ผ๐—น๐˜‚๐˜๐—ถ๐—ผ๐—ป ๐—ฅ๐—™๐˜… - Led vendor engagement, security and functional requirements definition, lab testing & PoC, solution architecture, design & integration. Resulted in more advanced product selection, improving ZTNA capabilities.
Network Security Engineer, Remote Access expert
Intel CorporationNetwork Security Engineer, Remote Access expert
Nov. 2011 - Jun. 2016Jerusalem- Ensured corporate remote access solutions are designed, operated and maintained with security in mind, adhering to corporate InfoSec policies/standards. Created documentation(LLD/HLD). - Managed Remote Access solutions/products, defined roadmaps, planned budget & capacity, BCDR. - Problem solving and RCA. - Technical and security awareness training delivery to support teams ๐—ž๐—ฒ๐˜† ๐—”๐—ฐ๐—ต๐—ถ๐—ฒ๐˜ƒ๐—ฒ๐—บ๐—ฒ๐—ป๐˜๐˜€: โ€ข ๐Ÿฎ๐Ÿฌ%-๐Ÿฐ๐Ÿฌ% ๐—ถ๐—ป๐—ฐ๐—ฟ๐—ฒ๐—ฎ๐˜€๐—ฒ ๐—ถ๐—ป ๐—ฉ๐—ฃ๐—ก ๐—ด๐—ฎ๐˜๐—ฒ๐˜„๐—ฎ๐˜† ๐˜‚๐˜๐—ถ๐—น๐—ถ๐˜‡๐—ฎ๐˜๐—ถ๐—ผ๐—ป ๐—ฒ๐—ณ๐—ณ๐—ถ๐—ฐ๐—ถ๐—ฒ๐—ป๐—ฐ๐˜† ๐—ฎ๐—ป๐—ฑ ๐—ถ๐—บ๐—ฝ๐—ฟ๐—ผ๐˜ƒ๐—ฒ๐—ฑ ๐—จ๐—ซ by designing and integrating a smart load-balancing solution across a large fleet of geo-dispersed corporate VPN gateways. โ€ข ๐Ÿฒ๐Ÿฌ% ๐—ฟ๐—ฒ๐—ฑ๐˜‚๐—ฐ๐˜๐—ถ๐—ผ๐—ป ๐—ถ๐—ป ๐—ฉ๐—ฃ๐—ก ๐—ด๐—ฎ๐˜๐—ฒ๐˜„๐—ฎ๐˜†๐˜€ ๐—น๐—ฎ๐—ป๐—ฑ๐—ถ๐—ป๐—ด ๐˜๐—ถ๐—บ๐—ฒ ๐—ฎ๐—ป๐—ฑ ๐—ฒ๐—น๐—ถ๐—บ๐—ถ๐—ป๐—ฎ๐˜๐—ถ๐—ผ๐—ป ๐—ผ๐—ณ ๐—ผ๐˜‚๐˜๐—ฎ๐—ด๐—ฒ๐˜€ ๐—ฐ๐—ฎ๐˜‚๐˜€๐—ฒ๐—ฑ ๐—ฏ๐˜† ๐—บ๐—ถ๐˜€๐—ฐ๐—ผ๐—ป๐—ณ๐—ถ๐—ด๐˜‚๐—ฟ๐—ฒ๐—ฑ ๐—ฑ๐—ฒ๐˜ƒ๐—ถ๐—ฐ๐—ฒ๐˜€ by designing a standardized gateway configuration and integrating into automation tools.
Enterprise Backup & Recovery and Data Center support engineer
Intel CorporationEnterprise Backup & Recovery and Data Center support engineer
Jul. 2008 - Nov. 2011Kiryat Gat, Israel- Corporate backup and restore projects execution, creating/maintaining technical documentation. - Support of Windows/Linux server OS and hardware. Management of contractor workforce, establishing operational processes for data center ops in Israel.
Data Center support engineer - Intern
Intel CorporationData Center support engineer - Intern
May. 2005 - Jun. 2008Jerusalem- Supported Windows/Linux server OS and hardware, NAS & SAN storages, and Enterprise Backup solutions.

Requests

Touchpoint image
0
Personal Pitch
Information Security Architecture. Remote Access & DDI Consultation.
Show more
Intch is a Professional Networking App for the Future of Work
300k+ people
130+ countries
AI matching
Get Intch if you'd like to
๐Ÿ“
Get Recommended to New Customers
๐Ÿ‘‹
Connect with Like-Minded People
๐Ÿ’ธ
Raise Capital
๐Ÿš€
Find a side project
๐Ÿ˜Ž
Reach Top Niche Experts
โšก
Find Jobs on a Hidden Market
๐Ÿ’ผ
Find a Perfect Co-Founder
๐Ÿ™Œ
Find a Trusted Mentor
๐Ÿค
Hire Top Global Professionals
See more people like Pavel on Intch
IT
451129 people
15
CTO @ Jacob AI
17
Fullstack Developer
19
CTO @ Bookmate
ITData Analyst
69589 people
15
CTO @ Jacob AI
156
Backend Engineer @ Freightos
17
Qa, junior developer, project manager