Michal Sobiegraj, CISSP, CISA, IPMA-D, CEH

Current

• IT Risk Officer (Assistant Vice President) at Credit Suisse
• Member of the board at ISSA Polish Chapter

Past

• Co-owner, Project Manager and Visionary at QuattroVisionaries
• Information Security Consultant and Evangelist at Self-employed
• Co-owner, Developer and Editor at SecurityInfo – an IT Security portal

• Information Risk Analyst at ABN AMRO
• Chief Developer at Domena.pl Sp. z o.o.
• Developer at InternetWorks Sp. z o.o.
• Apprentice Network Administrator at BRE Bank SA CERI Sp. z o.o.
• Developer at SRT-Software
• Developer at Towarzystwo Finansowe "Bankier" (Financial Services "Bankier")

see less...

6 more...

Education

• Politechnika Wroclawska
• Fachhochschul-Studiengang Oberösterreich
• Politechnika Wroclawska

see less...

Recommended

4 people have recommended Michal

Connections

236 connections

Industry

Computer & Network Security

Websites

• My Blog
• My Project

Michal Sobiegraj, CISSP, CISA, IPMA-D, CEH’s Summary

Information security professional based in Wroclaw (Poland, EU), information risk manager, security architect and tester, speaker, and information security trainer.

I have a wide hands-on technical exposure gained through over eight years of my professional experience in IT. Until lately I held a position of the Information Risk Analyst in ABN AMRO, a global bank ranked 13th in the world based on total assets. Starting July 2007 I have fully dedicated myself to the information security company I run for about a year now.

I'm very passionate about information security, and very keen on developing my skills and broadening my horizons constantly. I enjoy solving problems and dedicate myself to work.

Spoken at:
- Grill IT Wroclaw on Jul 20, 2007 and Oct 12, 2007 (http://www.grillit.pl/),
- GigaCON Warszawa on Sep 10, 2007 (http://www.bin.gigacon.org/),
- SecureCON Wroclaw on Oct 20, 2007 (http://www.securecon.pl/),
- ISSA meetings in Wroclaw on Jan 9, Feb 12 and Apr 8, 2008 (http://issa.org.pl/wroclaw/),
- and more.

Published:
- "Risk Assessment Tips and Tricks", Xploit 1/2008 (http://www.xploit.pl/),
- "Strong Authentication", Xploit 2/2008,
- Series of articles at Securityinfo (http://securityinfo.pl/),
- Number of blog entries at Sobiegraj on Security (http://sobiegraj.com/blog/),
- and more.

Michal Sobiegraj, CISSP, CISA, IPMA-D, CEH’s Specialties:

Information risk management, security architecture, security testing, penetration testing, security training, speaking

Michal Sobiegraj, CISSP, CISA, IPMA-D, CEH’s Experience

• IT Risk Officer (Assistant Vice President)

  Credit Suisse

  (Public Company; 10,001 or more employees; CS; Banking industry)

  October 2008 — Present (10 months)

• Member of the board

  ISSA Polish Chapter

  (Computer & Network Security industry)

  June 2008 — Present (1 year 2 months)

  On June 17. 2009 re-elected for a second term.

• Co-owner, Project Manager and Visionary

  QuattroVisionaries

  (Internet industry)

  July 2007 — September 2008 (1 year 3 months)

  - Proposing revolutionary ideas;
  - Performing market and technical analyses and advising on proposed ideas;
  - Managing web based projects selected for implementation;
  - Taking part in the process of designing applications selected for implementation.

• Information Security Consultant and Evangelist

  Self-employed

  (Information Technology and Services industry)

  September 2006 — September 2008 (2 years 1 month)

  Providing Information Security advisory and consulting services. Performing Risk Assessments and Risk Analyses. Evangelising Information Security.
  
  Customers:
  - ABN AMRO Bank (Polska) S.A. (http://abnamro.pl/),
  - Favore Sp. z o.o. (http://favore.pl/),
  - CNSgroup Sp. z o.o. (http://cnsgroup.pl/) and others.
  
  
  Providing Information Security trainings:
  - Information Systems and Networks Security (together with Presscom Sp. z o.o., http://presscom.pl/)

• Co-owner, Developer and Editor

  SecurityInfo – an IT Security portal

  (Computer & Network Security industry)

  September 2005 — December 2007 (2 years 4 months)

  http://securityinfo.pl/
  
  Co-developing the Securityinfo portal – an IT security portal presenting available technologies and commenting on what is going on in the security world. Publishing articles in Polish.

• Information Risk Analyst

  ABN AMRO

  (Public Company; 10,001 or more employees; NYSE:ABN; Banking industry)

  September 2006 — June 2007 (10 months)

  - Performing Operational and Project Risk Assessment of critical bank systems throughout Europe in accordance with Basel II;
  - Performing SOX Test of Design and helping to address SOX audit points;
  - Co developing the internal ABN AMRO Risk Assessment process based on ISO 27001 and ISO 17799 (BS 7799) and other widely recognised standards;
  - Providing Information Security advisory to business.
  
  Experience with security of popular operating systems (IBM i5/OS, IBM z/OS, Solaris, AIX, HP-UX, Windows 200X/XP), middleware (IBM DataStage, WAS, MQ, etc.), applications (ORACLE PeopleSoft, Business Objects, Odyssey Advisor, etc.), Data Warehousing utilities and databases (ORACLE DB, DB2, MSSQL).

• Chief Developer

  Domena.pl Sp. z o.o.

  (Partnership; 11-50 employees; Internet industry)

  January 2005 — March 2006 (1 year 3 months)

  Leading a few bigger projects:
  - Domain Management System communicating with registrar using a protocol similar to EPP (Extensible Provisioning Protocol);
  - integration of the aforementioned system with SWSoft HSPComplete billing system and Plesk hosting platform;
  - Invoicing System;
  - Credit Card Payment System (cooperating with Polcard).
  
  Projects were developed mostly in Perl, using lots of client-server architecture with remote procedure calling (XML-RPC and SOAP). Depending on the project specificity either PostgreSQL or MySQL was used as a database engine. GNU/Linux served as a target platform.

• Developer

  InternetWorks Sp. z o.o.

  (Privately Held; 11-50 employees; Internet industry)

  January 2004 — April 2005 (1 year 4 months)

  - CGI scripts programming (Perl mostly) and PHP-based e-commerce systems (Mambo, OS-Commerce) customization
  - EPP (Extensible Provisioning Protocol)
  - online card payment issues (cooperation with PolCard and eCard -- polish credit card authorization companies)
  - remote procedure calling (XML-RPC)
  - PostgreSQL and MySQL
  - platform -- GNU/Linux

• Apprentice Network Administrator

  BRE Bank SA CERI Sp. z o.o.

  (Public Company; 1001-5000 employees; Banking industry)

  August 2003 — September 2003 (2 months)

  - helping with administration and maintenance of a local area bank network
  - installations, maintenance and minor repairs of computers in the network
  - large experience in performing conservations of the MS Win* systems
  - development of some administrative tools (Borland C++ Builder)

• Developer

  SRT-Software

  (Privately Held; 1-10 employees; Hospital & Health Care industry)

  October 2001 — September 2002 (1 year)

  - development of a database application meant to be an advanced tool for management of a partnership program, advertisement system and clients
  - technology -- PHP + Interbase + Apache
  - platform -- Win*

• Developer

  Towarzystwo Finansowe "Bankier" (Financial Services "Bankier")

  (Privately Held; 1-10 employees; Financial Services industry)

  April 1999 — June 1999 (3 months)

  - project of database structure and database application implementation
  - technology -- Delphi
  - platform -- Win*

Michal Sobiegraj, CISSP, CISA, IPMA-D, CEH’s Education

• Politechnika Wroclawska

  Ph.D. , Information Security , 2006 — 2010 (expected)

• Fachhochschul-Studiengang Oberösterreich

  Software Engineering 2006 — 2006

  Socrates/Erasmus student exchange programme

• Politechnika Wroclawska

  M.Sc. , Computer Science (Computer Systems and Networks) , 2001 — 2006

  Master's Thesis subject: “Research on performance of the active TCP/IP set services detection and recognition”

Additional Information

Michal Sobiegraj, CISSP, CISA, IPMA-D, CEH’s Websites:

• My Blog
• My Project

Michal Sobiegraj, CISSP, CISA, IPMA-D, CEH’s Interests:

photography, sailing, climbing, playing capoeira

Michal Sobiegraj, CISSP, CISA, IPMA-D, CEH’s Groups:

ISSA, ISACA, (ISC)2, IPMA

•    Certified Information Systems Security Professionals (CISSP)
•    Global Project Management
•    Wroclaw University of Technology / Politechnika Wrocławska
•    ABN AMRO Bank
•    ISSA Poland
•    Information Systems Security Association (ISSA)
•    IT Governance
•    Information Security Community (30,000+ Members)
•    Consultants Network
•    Certified Information Systems Auditor
•    Project Management and Executive Professionals Worldwide Network
•    Grill IT
•    ISACA Professionals
•    Global Security Professional
•    Informed Ideas For Writers
•    Banking IT Security Professionals
•    Toastmasters International Members
•    (CEH) Certified Ethical Hacker
•    CONFidence
•    Seth Godin's Triiibes.com
•    Bezpieczeństwo informacji

Michal Sobiegraj, CISSP, CISA, IPMA-D, CEH’s Honors:

CISSP - Certified Information Systems Security Professional
CISA - Certified Information Systems Auditor
CEH - Certified Ethical Hacker
IPMA Level D - Certified Project Management Associate

Michal Sobiegraj, CISSP, CISA, IPMA-D, CEH’s Contact Settings

Interested In:

• career opportunities
• consulting offers
• new ventures
• job inquiries
• expertise requests
• business deals
• reference requests
• getting back in touch