Boris Itman

Established Cybersecurity Advisor

Senior IT Security Professional with extensive experience in Cyber Defense, Risk and Infrastructure Protection.

Recognized for strong analytical skills, problem-solving, and technical depth in securing enterprise systems.

CORE COMPETENCIES:

CYBERSECURITY ENGINEERING |

RISK & THREAT ANALYSIS | GRC |

VULNERABILITY MANAGEMENT |

SECURITY ARCHITECTURE |

APPLICATION SECURITY |

SECURE SDLC |

INCIDENT RESPONSE |

SECURITY AUDITS

CERTIFICATIONS

CISSP #647362, GSLC, GICSP #1876, CISA #19162015, CEH #1340795826

Professional Experience

Senior Security Specialist, Construction Industries Division @ Caterpillar Inc.

Provide technical cybersecurity expertise within the Construction Industries Division, supporting secure architecture, application security, and compliance.

  • Reviewed 20+ proposed Logical Technical Architecture solutions per quarter, ensuring alignment with enterprise standards.

  • Performed 30+ third-party security risk assessments annually in ServiceNow, applying OWASP SAMM-based controls.

  • Implemented monitoring and remediation for 200+ high-risk IT/OT assets, reducing vulnerability detection times by 30%.

  • Embedded SAST, DAST, Dependabot, and secrets scanning in the SDLC, covering 1,000+ applications; reduced backlog by 90% and cut remediation time from 90 to 30 days.

  • Completed due diligence on 100+ vendor solutions; supported client security audits and RFP responses.

  • Authored cybersecurity playbooks, policies, and training materials to support ISO 27001, NIST, and SOC 2 compliance.

  • Designed and maintained SharePoint knowledge base and authored weekly cybersecurity newsletter.

  • Ran phishing awareness campaigns, lowering click rates by 50% and increasing reporting by 30%

Security Expert / Cyber Security Specialist @ DSM NORTH AMERICA

Served on team responsible for company’s Security Services Governance to ensure confidentiality, integrity, and availability (CIA) of critical Operational and Corporate IT infrastructure components. Contributed to security services governance for Operational and Corporate IT systems.

  • Conducted risk assessments, BIAs, and technical control testing across firewalls, access management, and configuration.

  • Performed IT, cyber, and physical security audits; supported incident response planning and procedure development.

  • Managed MSSP engagements and improved security processes through responsibility matrices and workflow

    diagrams.

Associate, IP Services & Security Engineering @ JP MORGAN CHASE

Played key role as senior member of Application Delivery / Project Engineering group. Delivered security engineering and consulting for business-critical application deployments.

  • Supported GNS IT, Cyber, and Risk Management groups with network security consulting.

  • Remediated audit and compliance issues on perimeter and secure server farm firewalls.

  • Engineered and managed 2,000+ SSL certificates across enterprise load balancers.

  • Designed secure, multi-tiered DMZ network blueprints used for enterprise expansion.

  • Handled Tier 4 escalations for load balancing, IP services, and network security.

Vice President, Business Unit & e-Commerce Engineering @ BEAR STEARNS &CO

Played key role as senior member of Application Delivery / Project Engineering group. Delivered security engineering and consulting for business-critical application deployments.