[var] => content
[type] => preview
[var] => cut_url
R E S
U M É
V. VLADIMIROVICH B.
Email: , ,
Twitter/@bezalex, FB/Alex Beza
EDUCATION & PRACTICAL
Finance & credit, Finance
Academy under the Government of the Russian Federation, / /
Diploma AВС December , , reg. number / January
Information System Electrophysics,
Moscow Power Engineering Institute Technical University, //
Diploma ЦВ February , , reg. number February
CISA Certified Information
Systems Auditor, Information Systems Audit and Control Association
ISACA Certificate No September , , Member of ISACA
ID No March , .
CISSP Certified Information
Systems Security Professional, International Information Systems Security
Certification Consortium ISC Certificate No June , .
Billing Technologies Department Manager, Directorate of housing and
public utility projects, Sberbank of Russia HQ. Business Address:
Vavilova street, Moscow, , Russia. Business phone/fax: +
: Payment instruments and remote service channels Direction
Manager, IT infrastructure security Division; Senior Engineer, IT security
division; Senior Engineer, Card operations security division, Bank Security
Department, Sberbank of Russia HQ. Business Address: Vavilova street,
Moscow, , Russia. Business phone/fax: + .
Senior Expert, st class Expert, International Department, Presidential
Committee of the Russian Federation for Informatization Policy Roscominform,
Administration of the President of the Russian Federation. Business
Address for mentioned dates: bld. , Myasnitskaya street, Moscow,
, Russia. Business phone/fax for mentioned dates: + /.
Department management, business project's development in the sphere
of technologies of charges, billing and payments for housingandmunicipal
services, nonfinancial transactions and operator services, search of
startups, new types of transactional and operator businesses, development
projects, mergers and acquisitions of the companies concerned, the management
of reengineering and development of the acquired businesses and services.
Project work includes:
. Making business, financial
and technological models of developed services and acquired companies,
object for investment searching “vacuumcleaning” of startups,
organizing of “seed” stage for ideas;
. Analysis of financial and
technical condition of the acquired businesses;
. Structuring of transactions
on business acquisition;
. Negotiations with the owners
of potential objects of purchase and technology partners;
. Definition of new technologies
for implementation new and/or changing the existing business and technological
processes of the companies;
. The development of a legal
structure for the protection from possible litigation processes, connected
with the appeal of transactions on business acquisition/restructuring;
. Organization and control
of due diligence process of the acquired companies;
. Creation and management
of project team in the processes of acquisition and restructuring of
business and technology;
. Control of the management
of the acquired companies, replication and expansion of businesses and
. Business development and
new services and technologies implementation to increase company profitability;
. Interaction with consultants
and government agencies.
: Management of the direction, which ensures the development
of business and related information technology IT, logical information
security IS and risk management for the operation of the means of
payment and remote service channels in Sberbank, work in this direction
since in the making till maturity stage i.e. practically with the opening
of card project in Sberbank to the largest issuer of bank cards in Europe. This means the development, implementation
& management of information security program for card & related
businesses in headquarter through all Sberbank branches.
The programme includes the
following IT/IS business directions:
. Access control systems and
. Telecommunications and Network
. Security management practices
in IT, card operation and related businesses;
. Applications and systems
. Operations security;
. Business Continuity / Disaster
. Ensuring investigations of
incidents, legislation and ethics of IT/IS business compliance;
. Physical security.
service; consulting, international cooperation in the sphere of information
technology, standards, security techniques, initializing of legal documents,
decrees of the President, Government and Parliament of the Russian Federation,
Intergovernmental Agreements, Memos, joint science research and investment
projects in the spheres of information technologies and surroundings;
responsibilities as executive secretary of Russian subcommittee of Joint
Technical Committee of the International Standard Organization and
International Electrotechnical Commission JTC ISO/IEC.
the development of business of charges, billing and payments big deal
was closed to acquire a controlling stake %+ of the shares of OJSC
Regional settlement center of Belgorod RSC, which takes about %
of the market of charges for housing and communal services and supports
the production of % of the unified payment documents UPD in Belgorod.
Migration of RSC to new technology, optimization of expenses allowed
to significantly increase the operating profit of the subsidiary company
OIBDA increased from , million rubles to , million rubles
in comparison with the previous year. The business on reception of payments
was optimized. Now RSC is engaged in the calculation of payments and
the seal of the UPD, and the payments are accepted through retail and
terminal network of Sberbank. The implemented technology of calculation
and payment reception allows you to split an ongoing payment directly
to providers of services without intermediate settling funds on the
accounts of asset management companies, in accordance with the requirements
of state authorities. Development of a replication of the project RSC
starting point of business growth expansion from the territory of
Belgorod region for other Russian regions. Then project development
was reformatted. Using the business model of RSC the development of
a profitable financial model of the Authorized organizations of the
subjects AOS for the Universal electronic card UEC project started.
Development of new types of operator services for the AOS, the incorporation
in the business model of AOS existing regional businesses transport
operator, medical billing. Other startup project development of the
business model overlay service operator for householders service aggregator
and access provider to banking, government, informational, entertainment
and other syndicated services content.
of the card operation security Direction. Management of the joint Direction
person, informational and economic security of transactions and settlements
with payment means, prior to the merger functions were performed by
people. Improvement of the work of Direction creation of standard
models of investigation, the association of similar transactions and
projects, reengineering of systems used made staff points free. Project
management of certification of the Bank on the requirements of the payment
card industry on data security PCIDSS. Organization of the Direction
activity in the strategic projects of creation of alternative card product,
universal cards, launch of the base product, internetDacquiring,
improvement of the regulatory framework, innovative activity on the
improvement of operational and technological processes of the Direction,
facilitation of redundant requirements.
migration project on microchip technology. Development of the card fraud
control system. Design of fraud models for monitoring unit. Participation
in design of the system of the retail internet banking. Development
of the model of multifunctional java cards.
: Organization of
the operational units for monitoring of fraudulent transactions from
the callcenter section of bank cards department for the execution of
commonly used functions. Organization in the Department of information
security of the Direction section of ensuring the information security
of the means of payment. Direction management. Ensuring of security
system for alternative channels of service development programme.
: Successful passing
over the MasterCard International and Payment Card Industry Standard
Logical Security and IT Management Certification & Audit Program.
Auditor KPMG. I.e. acknowledgement of Bank IT&IS program maturity.
Information, IT and IS management
system inspection of Bank card operation processes for monitoring purposes
and possible reengineering needs.
: Development, reconciliation
and releasing of common corporate IS Policy, based on business needs,
risk policies, best practice, existing crossreference IS regulations
Acknowledgement of highlevel
professional skill on international basis successful passing CISSP
and CISA certification program globally recognized and adopted worldwide
as a symbols of achievement.
IT&card peripherals reengineering
and maintenance program realization especially DES migration program
finishing for ATMs&POS'.
: Development and
release of worldwide brandnew IT&IS strategy common automated
key management system for IT&Card hosts & peripherals.
Developing smartcard migration
business plan and strategy. Processing center host computer migration
: Developed system
of special IT measures on peripherals allowed to prevent, detect, help
in collecting of evidence and legally terminate an activity of "carders"
: Processing center
host computer reengineering and migration plan was developed and its
realization was started. Endtoend security transmission and reengineering
program in corporate network were realized.
: Participation in
IT and ITSec idea invention and analysis cardholder mobile notification
as a fraud detection control.
: Automated system
of PKI service for IT and card processing hosts and peripherals were
developed and released.
: Fullblown set
of regulations, standards, procedures and guidelines on IT and IT security
were elaborated and released. Even early versions of the methodology
were formed, based on Sberbank best practice, in correspondence with
later worldwide adopted standards BS ISO.
: Sberbank wide
secure automated system of financial data input were designed and implemented.
: Offline and pseudoonline
cardholder and merchant fraud prevention activity monitoring system
were developed and released. The system was based on parametric patterns
of object's behavior.
: First version of
unreliable clients database were developed.
Current Salary: RUR .
+ promotion + annual bonus, Grade .
manager startup, venturing projects in technology, transaction businesses.
English Common European Framework
C Upper Advanced level, English First, /.
Corporate TCP/IP Networks CIW,
Specialist Education Center, /.
Application Security of WEBTechnology,
InfoSecurity Education Center, /.
Investigation of Computer Incidents,
InfoSecurity Education Center, /.
Making the Transition from
IT to IT Audit ITG, MIS Training Institute, /.
MasterCard Worldwide ECommerce
Risk Management Seminar and Workshops, MasterCard Worldwide Academy,
Implementing and Administering
Security in a Microsoft Windows Server Network, Microsoft A,
Specialist Education Center, /.
MasterCard New Products Strategic
Seminar and Workshop, MasterCard Europe Academy, /.
IS Audit and Management CISA
Certification Seminar, ISACA education center, PricewaterhouseCoopers,
CISSP CBK Common Body of Knowledge
Seminar ISC, ISC consortium education center,
Developing and Writing Information
Security Policies IW, MIS Training Institute, /.
How to Manage an Information
Security Program IS, MIS Training Institute, /.
Securing and Auditing Your
Web Site IS, MIS Training Institute, /.
ATM & ATM Network Management,
NCR branch in London, /.
Effective Fraud & Risk
Management, MasterCard Europe Academy, /.
Fundamentals of the UNIX System,
HP Education Services, /.
Effective Fraud & Risk
Management, Europay Academy MasterCard Europe, /.
Oracle Administering &
Developing, IT Academy, /.
Risk assessment & management,
Europay Academy MasterCard Europe, /.
Networks & data transfer,
/, Siemens Nixdorf Education Center.
“Pandemia of Skimming, or
… Chip is almost not visible”, th VISA CEMEA Fraud
Forum Conference , Moscow, April thth,
“Risk Management for Multifunctional
Card Design”, th MasterCard Europe Fraud Conference Workshop,
Budapest, October thth, .
“Fallback as Fraud and Skimming
Sponsor”, th MasterCard Europe Fraud Conference Workshop,
Paris, October thth, .
“New “Carders”' Threats
To Card Operations”,