Ключова інформація
ПРОФЕССИОНАЛЬНЫЙ ПРОФИЛЬ
Профессионал в сфере кибербезопасности с многолетним стажем и обширным опытом в роли пентестера, архитектора безопасности и руководителя в области киберзащиты.
Я обладаю опытом работы в международных компаниях и являюсь владельцем многочисленных международных сертификатов по тестированию уязвимостей (пентесту) и обеспечения кибербезопасности. Готов рассмотреть возможность профильной работы в качестве Senior Pentester, Security Architect или Cybersecurity Manager в организациях, где смогу эффективно применить свои профессиональные навыки для обеспечения защиты информационных ресурсов.
УСЛУГИ И КОМПЕТЕНЦИИ
- Pentesting & Red Teaming: Проведение тестирования на проникновение для выявления уязвимостей в сетевой инфраструктуре и приложениях.
- Разработка Стратегий Информационной Безопасности: Создание и реализация архитектуры безопасности, включая проектирование защитных механизмов и политик безопасности.
- Управление Кибербезопасностью: Разработка стратегий управления рисками, координация мониторинга угроз, эффективное внедрение мер защиты и проведение обучения персонала по вопросам безопасности с целью обеспечения непрерывной защиты информационных активов и минимизации потенциальных уязвимостей.
- Аудит Информационной Безопасности: Проведение аудитов безопасности сетей и приложений, анализ уязвимостей и разработка рекомендаций по их устранению.
ТЕХНИЧЕСКИЕ НАВЫКИ
- Инструменты Пентестинга: Владение Kali Linux, Burp Suite, Metasploit, Nmap, Wireshark и другими "ручными" инструментами для тестирования безопасности.
- Знание Compliance и Security Standards: Опыт в соответствии с ISO 27001, NIST, PCI DSS и другими стандартами безопасности.
- Управление Уязвимостями: Опыт работы с инструментами управления уязвимостями, включая Vulnerability Scanners, SOAR, XDR, DLP, WAF и SIEM.
ОПЫТ РАБОТЫ
Security Architect в банковской и финансовой сфере: Разработка архитектуры безопасности, внедрение защитных механизмов, обучение сотрудников по безопасности.
Pentester в украинских и международных компаниях: Проведение тестирования на проникновение, анализ уязвимостей и разработка стратегий устранения дефектов безопасности.
Организация работы команд: Опытный лидер, который эффективно организовал работу команд по информационной безопасности, разрабатывая и внедряя стратегии и политики безопасности. Благодаря моему руководству, команды достигли высокого уровня слаженности и продуктивности, что позволило существенно улучшить защиту корпоративных данных и минимизировать риски.
СЕРТИФИКАЦИИ И ОБРАЗОВАНИЕ
- ISACA Certified Information Security Manager (CISM)
- EC-Council Certified Chief Information Security Officer (CCISO)
- EC-Council Licensed Penetration Tester (LPT)
- Certified Penetration Testing Professional (CPENT)
- Web application Penetration Tester eXtreme (eWPTXv2)
- Certified Ethical Hacker (Master)
- Certified Ethical Hacker (Practical)
- Certified Ethical Hacker (CEH v11)
- Cyberoam Certified Network & Security Professional (CCNSP)
- Certified SonicWALL Security Administrator (CSSA)
- Второе место в "Vulnerability Disclosure Program 2023" от РНБО Украины
- Участие в командно-штабных учениях по устойчивости критической инфраструктуры Critical Infrastructure Resilience Exercises (CIREX) 2024 от агентства по кибербезопасности и защите инфраструктуры США (CISA)
Навчався в 1 закладі
КПИ
ФЭЛ. Конструирование и производство ЭВМ
Киев, 2004
Володіє мовами
Англійська
вище середнього
Може проходити співбесіду на цій мові
Може проходити співбесіду на цій мові
Російська
рідна
Може проходити співбесіду на цій мові
Може проходити співбесіду на цій мові
Українська
рідна
Може проходити співбесіду на цій мові
Може проходити співбесіду на цій мові
Курси, тренінги, сертифікати
Certified Information Security Manager (CISM)
Certified Information Security Manager® (CISM®) affirms your ability to assess risks, implement effective governance, and proactively respond to incidents. With a highlight on emerging technologies such as AI and blockchain, it guarantees your skillset meets evolving security threats and industry requirements. By addressing top-of-mind concerns like data breaches and ransomware attacks, crucial for IT professionals, this certification ensures you are staying ahead of the pace of change.
Licensed Penetration Tester (LPT)
Licensed Penetration Tester Master (LPT) is an elite EC-Council certification. It is ideal for the pentesting professional who wants to demonstrate their advanced knowledge of thorough security assessments and penetration tests across diverse networks and applications. In the words of EC-Council, it differentiates “the experts from the novices in penetration testing.”
To earn LPT Master certification, you must pass with at least 90%. The exam is 24 hours long, during which you progress through intense challenges that require mastering advanced techniques, real-time critical thinking and knowledge of tools like SSH tunneling and multi-level pivoting.
Web application Penetration Tester eXtreme (eWPTXv2)
The eLearnSecurity Web Application Penetration Tester eXtreme (eWAPTX) is our most advanced web application pentesting certification. The eWPTX exam requires students to perform an expert-level penetration test that is then assessed by INE's cyber security instructors.
Certified Ethical Hacker (CEH v11)
A Certified Ethical Hacker is a specialist typically working in a red team environment, focused on attacking computer systems and gaining access to networks, applications, databases, and other critical data on secured systems. A CEH understands attack strategies, the use of creative attack vectors, and mimics the skills and creativity of malicious hackers. Unlike malicious hackers and actors, Certified Ethical Hackers operate with permission from the system owners and take all precautions to ensure the outcomes remain confidential. Bug bounty researchers are expert ethical hackers who use their attack skills to uncover vulnerabilities in the systems.
Certified Ethical Hacker (Practical)
C|EH Practical is a six-hour, rigorous exam that requires you to demonstrate the application of ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, web app hacking, etc. to solve a security audit challenge.
This is the next step after you have attained the highly acclaimed Certified Ethical Hacker certification.
Professionals that possess the C|EH credential will be able to sit for exam that will test them to their limits in unearthing vulnerabilities across major operating systems, databases, and networks.
Certified Ethical Hacker (Master)
It is the next evolution for the world-renowned Certified Ethical Hacker program, and a logical 'next step' for those holding this prestigious certification. CEH is meant to be the foundation for anyone seeking to be an Ethical Hacker. Earning the CEH Master designation is your way of saying, "I learned it, I know it, I proved it."
EC-Council Certified Chief Information Security Officer (CCISO)
EC-Council's CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as
authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program.
The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the
Cyberoam Certified Network & Security Professional (CCNSP)
The CCNSP Certification Course prepares individuals to recognize insider threats and user-targeted external threats while giving them expertise in networking and security fundamentals in addition to the deployment and configuration of Cyberoam identity-based UTM. The course is comprehensive, yet easy to follow, with real world scenarios, delivering practical value to aspirant security professionals.
Certified SonicWALL Security Administrator (CSSA)
Recommended for networking professionals responsible for the daily operation of one or more security appliances. Certified SonicWall Security Administrator (CSSA) course offerings:
- Network Security Basic Administration
- Secure Mobile Access Basic Administration
Aruba Certified Mobility Associate (ACMA)
With the Aruba Certified Mobility Associate (ACMA) certification you validate that you have the foundational knowledge of building Mobile First Network solutions. This certification validates you know how to contribute to the design, implementation and management of modern networking solutions for the enterprise.
This certification validates that you are able to:
- • Understand the Aruba Controller architecture
- • Configure security and ARM features
- • Configure integrated firewalls
- • Describe Controller and AP communications
- • Implement secure and guest networking solutions
- • Deploy remote access points
Анонімний пошукач
CISO / Security Specialist / Ethical Hacker
Київ
Працює, але відкритий для пропозицій
повна зайнятість, неповна зайнятість, проектна робота
Характер роботи: віддалена робота
Оновлено 22 години тому