Працював в 3 компаніях   6 років 4 місяці

IT, IT - консалтинг / Послуги / Виробництво устаткування, Послуги для населення - інше

Cyber security consultant - Freelance (one-off projects)

Germany Discontia GmbH - PRINTEGI

IT

1 місяць

10.2023 - 11.2023

Responsibilities:

*Cybersecurity risk assessment

*Developed a cybersecurity incident mitigation plan

*Developed a disaster recovery plan

*Developed Likelihood and Impact Risk Matrix

*Created an RBAC Matrix

*Created documentation about backup and passwords

*Conducted cloud environment security review

*Cybersecurity awareness trainings: phishing, smishing, social engineering etc.

*Provided advice on various cybersecurity issues:

- opening potentially malicious files and links in the virtual machine andsandbox(desktop and web versions),

- secure sending of email,
- email protection,
- DDoS prevention, etc.

Compliance manager Freelance (one-off projects)

NDA Denmark

IT - консалтинг / Послуги / Виробництво устаткування

3 місяці

07.2023 - 10.2023

Responsibilities:

*Developed ISO 27001 policies and procedures

*AWS - working with it, writing procedures

*Work with RACI responsibility matrix

*Consultation:

- procedures and policies;

- work with backup;

- assess and manage information security risks associated with suppliers (vendors) and third-party service providers

Team lead ( full-time )

Discover-Lv

Послуги для населення - інше

5 років 10 місяців

04.2016 - 02.2022

Responsibilities:

*Led the team: recruitment, selection and training of employees and mentoring

*search for clients

*communication with clients in ukrainian, english, polish, russian. In general, I was the one who could solve issues with the client at the highest level, especially when other managers could not do it

*sale of company services
My KPI was the highest among all other employees - outgrew the mentor very quickly - overall this is one of my strong achievements - later I led the team.

Ключова інформація

Familiarity with:

* OSI, TCP\IP network model

* DNS, TLS, SSL, IPv4, IPv6, FTP, WS, HTTPS, SNMP, SMTP, POP3, IMAP,ARP, NDP, ICMP, DHCP, RIP, OSPF, BGP, EIGRP, TCP, UDP, SSH etc - main network protocols understanding

* Main cyber threats understanding (Phishing (different types), DoS/DDoS,Pharming, Malware, MITM, Ransomware, Trojan etc )

* Sandbox, Sandboxie, Windows Sandbox, MS Defender Application Guard

* VMware, VirtualBox

* MITRE ATT&CK

* OWASP top 10

* SIEM, IDS/IPS, AV, EDR, XDR , Firewall, WAF, NGFW

* DMZ, Email Gateway (Email Security)

* VPN, Proxy, IPSec, OpenVPN

* IAM ( GCP - Google Cloud), AAA - Authentication, Authorization, Accounting

* Active Directory, LDAP, Kerberos, Diameter, RADIUS, CHAP, TACACS+

* RBAC, ABAC, DAC, MAC

* DLP ( GCP - Google Cloud)

* SDLC / SSDLC

* SaaS, PaaS, IaaS

* AWS - basic understanding of services

* GRC:

* Strong knowledge ISO 27001:2022 + ISO 27002:2022; ISO 27005

* ISO 19011: Guidelines for auditing management systems

* ISO 38500 IT. Governance of IT for the organization

* ISO 20000-1 IT. Service management

* GDPR, NIST CSF, COBIT 5, PCI DSS, NBU №95

* Writing Policies and Procedures

* Risk management

* Risk assessment

* Risk handling techniques

* Vendor \ third-party risk management lifecycle

* Testing employees for phishing attacks and other cybersecurity awarenessactivities. (www.knowbe4.com platform).

* Training for employees and consulting on information security

* Disaster recovery, RPO, RTO

* ACS - Access Control System \ СКУД

* FDAS - Fire Detection And Alarm System \ ОПС

* CCTV - Closed-circuit television\ Video monitoring \ СВН

* Agile, Scrum, Waterfall, Kanban

* Linux administration - in progress

Навчався в 1 закладі

Інститут права та психології ЛП

Юрист

2007, 2012

Володіє мовами

Англійська

вище середнього

Може проходити співбесіду на цій мові

Може проходити співбесіду на цій мові

Польська

середній

Може проходити співбесіду на цій мові

Може проходити співбесіду на цій мові

Російська

вільно

Українська

рідна

Може проходити співбесіду на цій мові

Може проходити співбесіду на цій мові

Курси, тренінги, сертифікати

Courses (Completed) ---------> Comptia CASP+ ( Governanace Risk and Compliance* )

2024

In progress: CISA, ISO 27001 Lead Auditor \ Lead Implementer

2024

Courses (finished )-----> Comptia Security+ Comptia CSA+ (Cybersecurity Analyst) Course CCNA - (Cisco Certified Network Associate (Netacad)) , Course SSCP ( Access Controls )

2023

Роман

Information security analyst, SOC, Cyber Security Analyst, інформаційна безпека, ІТ Аудит

Львів

34 роки

Активно шукає роботу

повна зайнятість, неповна зайнятість, проектна робота

Характер роботи: стажування / практика, віддалена робота, позмінна робота, гібридна, в офісі/на місці

Оновлено 2 тижні тому