Eventbrite

Dynamic and results-oriented Senior Security Program Manager with extensive experience leading strategic security initiatives and fostering a culture of innovation. Demonstrated expertise in security program management, leadership, and critical governance activities, driving excellence in cybersecurity practices.  Adept at inspiring and mentoring teams to achieve organizational objectives amidst evolving threat landscapes.

Key Responsibilities:

➡ Oversaw strategic security initiatives, overseeing the development and execution of comprehensive security programs.
➡ Implemented scalable and sustainable operational plans, improving efficiencies and ensuring alignment with organizational objectives.
➡ Mentored and inspired cross-functional teams ( Spain, India, and US ), creating a culture of innovation and excellence in security practices.
➡ Collaborated closely with technical management teams to develop secure solutions and systems, ensuring robust defenses against emerging threats.
➡ Led incident response efforts, orchestrating timely and effective responses to security incidents and breaches.
➡ Drove continuous improvement initiatives, identifying and mitigating security risks across cloud and back-office infrastructure.
➡ Developed and communicated strategic security roadmaps, aligning priorities and direction with organizational goals.
➡ Administer critical governance activities including risk management frameworks, oversee compliance programs and audit committees ( Cybersecurity Steering Council )

Senior Security Program Manager

International Air Transport Association (IATA)

Demonstrated expertise in security program management, leadership, and critical governance activities, driving excellence in cybersecurity practices within the aviation industry.

Key Responsibilities:

➡ Cloud Administration: Management of cloud services including AWS and  Azure.

➡ MDM and Device Management: Overseeing Intune and Autopilot for published apps, device management, and patching.

➡ VPN Solutions: Implementation of Single Sign-On, Certificates, and Two-Factor Authentication (2FA).

➡ Security & IAM: Administration of security and identity access management tools such as Sailpoint, Splunk, Proofpoint, CarbonBlack, CrowdStrike, and Forescout.

➡ WiFi & IoT Management: Managing Arista, Cisco, and Meraki systems for WiFi and IoT devices.

➡ Server & VM Management: Administration of Windows and Linux servers and virtual machines.

➡ Infrastructure as Code (IaC): Utilizing Git, Terraform, and Kubernetes for infrastructure automation.

➡ Agile & Scrum Frameworks: Applying knowledge of Scrum and Agile methodologies.

➡ Scripting & Automation: Expertise in PowerShell and Python for automation tasks.

➡ Continuous Integration & Continuous Deployment (CI/CD): Managing JIRA, Bitbucket, and Confluence for CI/CD processes.

➡ SIEM Management: Using Datadog, LogRhythm, and Log360 ManageEngine for Security Information and Event Management.

➡ Remote Administration: Overseeing One-Time Password (OTP) and Bastion for secure remote administration.

ITS Engineering and Projects

T-Systems International

Key Responsibilities:

➡ Network Infrastructure Management: Oversaw the management of the network infrastructure to ensure optimal performance and security.
➡ Active Directory Administration: Complete administration over the company's Active Directory, ensuring seamless user and resource management.
➡ SSCM Administration: Managed System Center Configuration Manager (SSCM) with complex scripting to automate and streamline operations.
➡ Backup Monitoring: Monitored backups over Linux and Windows servers to ensure data integrity and availability.
➡ Backup Management: Handled backups management using Tivoli Storage Manager (TSM) for secure data storage and retrieval.
➡ Ticketing and Database Management: Utilized Remedy7 ticketing system and managed databases with CMDB and MySQL for efficient incident tracking and resolution.

IT Engineer

Senior Security Program Manager | Leading Cybersecurity Initiatives | Driving Strategic Security Solutions| Cybersecurity Excellence | Cloud Security

Imagine a world where security threats are constantly evolving, and the stakes are higher than ever for tech industry leaders. As decision-makers, you need more than just a reactive approach—you need a visionary partner who can anticipate, mitigate, and transform potential threats into robust defenses.
That’s where I come in.

► WHAT I DO:
I empower decision-makers in the tech industry to fortify their organizations against the ever-changing landscape of cyber threats. My mission is to help you enhance your security posture without sacrificing operational efficiency or stifling innovation.

► HOW I DO IT:
With years of hands-on experience in security program management and leadership, I’ve developed a comprehensive approach that combines strategic oversight with critical governance activities. I lead cross-functional teams, inspire innovation, and collaborate closely with technical experts to build secure, resilient systems.


► WHY IT WORKS:
My methodology is proven and practical, rooted in a deep understanding of the cybersecurity field. I’ve spearheaded strategic security initiatives, joined the Cybersecurity Steering Council, and implemented scalable, sustainable operational plans. This unique blend of strategic vision and tactical expertise ensures that your organization remains a step ahead of potential threats.

Think Before You Post  The Internet Never Forgets

“One careless share can cost you trust, money, or opportunities. 

Are you protecting your digital self?”

What you share online can destroy what you build offline.

Privacy is your power.

Problem: Oversharing makes you vulnerable.
Agitation: One post can haunt you forever.
 Solution: Share wisely, protect yourself.

🔍 Hackers scan your posts for details.
 They use birthdays, family names, or travel updates.

  Recruiters check your digital footprint.
❌ One careless post can cost you trust.

 🎭 Scammers build fake profiles from your data.
 💳 They exploit it for fraud and identity theft.

🗑️ Deleting won’t erase your mistakes.
📸 Screenshots live longer than your post.

✅ Share knowledge, wins, and your story.
❌ Don’t share private or sensitive info.

Your reputation is your lifelong resume.
 Your privacy is your strongest shield.
 Your choices today protect your tomorrow.

✨ Think before you share. Always.

👉 Follow Marcel Velica for more cybersecurity + social media insights.
 🔁 Repost to protect others from online risks.

Marcel Velica

Senior Security Program Manager | Leading Cybersecurity Initiatives | Driving Strategic Security Solutions | Cybersecurity Excellence | Cloud Security

Cybersecurity Tools by Category

What keeps your digital assets safe?

It’s simpler than most think. 
Cybersecurity isn’t just firewalls it’s using the right tools at the right time.

❌ Patching once a year isn’t enough
❌ One password policy won’t save you
❌ Hoping hackers won’t scan your network is risky

1/ Info Gathering

 → Spot exposed assets early
 → Tools: Nmap, Shodan, Maltego, TheHarvester, Amass

2/ Wireless Security

 → Test Wi-Fi strength
 → Tools: Aircrack-NG, Wifite, Kismet, Reaver

3/ Exploitation & Web Apps

 → Find vulnerabilities fast
 → Tools: Burp Suite, Metasploit, ZAP, SQL Map

4/ Password Cracking

 → Check credential strength
 → Tools: Hashcat, John The Ripper, Medusa

5/ Vulnerability Scanning

 → Identify system weaknesses
 → Tools: Nessus, OpenVAS, LYNIS

6/ Forensics

 → Investigate incidents
 → Tools: Sleuthkit, Autopsy, Volatility, Wireshark

Cybersecurity isn’t just tech.
 It’s strategy + vigilance + the right tools.

 Which of these tools do you use or want to master first?

👉 Follow Marcel Velica for more insights 

Reshare this to help your network stay secure.

😂 When Phishing Gets Too Confident

📩 Email: "Phishing Attack"
 👤 User: “Lol, can’t fool me.”
 🖱 clicks anyway
 💀 Hacker: “Thanks for the password, legend.”

Stay Safe:

 🔹 If an email looks shady and laughs at you, it’s not a friend
 🔹 Go to the official site, not “https://lnkd.in/dKZA4-8S”
 🔹 Curiosity doesn’t just kill cats… it drains bank accounts 

👉 Follow Marcel Velica for more cyber laughs and safety tips!

🔥 99% of cyberattacks follow the same script.

But only a few teams know the playbook attackers are using against them.

That playbook is called: MITRE ATT&CK
Every successful breach from phishing emails to ransomware can be mapped step-by-step using MITRE ATT&CK tactics.

If you understand this table, you understand the enemy.

 The scary part?
 Most attackers don’t need “new” techniques.
 They simply recycle the old ones that companies still fail to detect.

 MITRE ATT&CK breaks an attack into 14 clear stages:

1️⃣ Reconnaissance 
→ Attacker finds open ports + LinkedIn staff emails

2️⃣ Resource Development
 → Registers fake domains like “paypall.com”

 3️⃣ Initial Access 
→ Sends phishing login page

 4️⃣ Execution 
→ Malicious Excel macro runs PowerShell

 5️⃣ Persistence 
→ Malware hides in registry keys

 6️⃣ Privilege Escalation
 → Local exploit gains SYSTEM access

 7️⃣ Defense Evasion 
→ Scripts hidden in Base64

 8️⃣ Credential Access 
→ LSASS memory dump for passwords

 9️⃣ Discovery 
→ Queries AD to list all accounts

 🔟 Lateral Movement 
→ RDP with stolen NTLM hash

 1️⃣1️⃣ Collection 
→ Screenshots every 30s
 1️⃣2️⃣ Command & Control 
→ Beaconing to attacker server

 1️⃣3️⃣ Exfiltration 
→ Sensitive data uploaded to Dropbox

 1️⃣4️⃣ Impact 
→ Files encrypted + ransom note appears

This is the attacker’s journey.

 And your SIEM/EDR logs can catch every single step if you know what to look for.

 Cybersecurity isn’t about stopping one attack.
 It’s about recognizing the patterns attackers never stop using.

👉 Follow Marcel Velica for more simplified breakdowns of complex cybersecurity frameworks.

Taplio

Marcel Velica's Linkedin Analytics

's Best Posts (last 30 days)

Want to drive more opportunities from LinkedIn?

Taplio

.css-1jgreyo{background-image:linear-gradient(284deg, rgba(39,43,72,1) 0%, rgba(33,47,183,1) 100%);color:transparent;-webkit-background-clip:text;background-clip:text;}Marcel Velica's Linkedin Analytics

's Best Posts .css-qqfgvy{font-size:var(--chakra-fontSizes-md);}(last 30 days)

Want to drive more opportunities from LinkedIn?

Marcel Velica's Linkedin Analytics

's Best Posts (last 30 days)