Familiarity with:

* OSI, TCP\IP network model

* DNS, TLS, SSL, IPv4, IPv6, FTP, WS, HTTPS, SNMP, SMTP, POP3, IMAP,ARP, NDP, ICMP, DHCP, RIP, OSPF, BGP, EIGRP, TCP, UDP, SSH etc - main network protocols understanding

* Main cyber threats understanding (Phishing (different types), DoS/DDoS,Pharming, Malware, MITM, Ransomware, Trojan etc )

* Sandbox, Sandboxie, Windows Sandbox, MS Defender Application Guard

* VMware, VirtualBox

* MITRE ATT&CK

* OWASP top 10

* SIEM, IDS/IPS, AV, EDR, XDR , Firewall, WAF, NGFW

* DMZ, Email Gateway (Email Security)

* VPN, Proxy, IPSec, OpenVPN

* IAM ( GCP - Google Cloud), AAA - Authentication, Authorization, Accounting

* Active Directory, LDAP, Kerberos, Diameter, RADIUS, CHAP, TACACS+

* RBAC, ABAC, DAC, MAC

* DLP ( GCP - Google Cloud)

* SDLC / SSDLC

* SaaS, PaaS, IaaS

* AWS - basic understanding of services

* GRC:

* Strong knowledge ISO 27001:2022 + ISO 27002:2022; ISO 27005

* ISO 19011: Guidelines for auditing management systems

* ISO 38500 IT. Governance of IT for the organization

* ISO 20000-1 IT. Service management

* GDPR, NIST CSF, COBIT 5, PCI DSS, NBU №95

* Writing Policies and Procedures

* Risk management

* Risk assessment

* Risk handling techniques

* Vendor \ third-party risk management lifecycle

* Testing employees for phishing attacks and other cybersecurity awarenessactivities. (www.knowbe4.com platform).

* Training for employees and consulting on information security

* Disaster recovery, RPO, RTO

* ACS - Access Control System \ СКУД

* FDAS - Fire Detection And Alarm System \ ОПС

* CCTV - Closed-circuit television\ Video monitoring \ СВН

* Agile, Scrum, Waterfall, Kanban

* Linux administration - in progress