Працював в 2 компаніях   5 років 5 місяців

IT, Банки

Senior IT security manager

Назву компанії приховано

IT

3 роки 3 місяці

09.2021 - до теперішнього часу

As a Senior IT Security manager, I am responsible for the implementation of a project on network infrastructure security and endpoint protection based on Palo Alto Networks solutions (Cortex XDR/NGFW):

work with vendor, pilot project implementation, implementation in production; maintenance of the implemented solution (troubleshooting, configuring and update); preparation of reports and recommendations on information security.

I am working on:

Security audit (analyzing firewall configurations, RBAC, network segmentation (L4/L7), security compliance).IT security documentation (policies, procedures, standards and guidelines).Conducting vulnerability scans.Conducting IT security awareness trainings with the company employees.Scanning of the company's network and production infrastructure. Interaction with vulnerability remediation teams.Implementing hardening standards based on Center for Internet Security (CIS) Benchmarks.Investigation of security incidents (phishing, malware etc.).

General responsibilities:

Evaluating internal security architecture including design assessment, risk assessment and threat modeling.Maintaining a comprehensive set of tools for cyber security monitoring and vulnerability scanning of network, systems and applications.Leading the information security team in effectively utilizing security systems to support the cyber security infrastructure, ensure network architecture compliance.Providing technical leadership regarding cyber security protocol related to desktop applications, web applications.Monitoring and contributing to the tracking, prioritizing and resolution of security incidents, issues and vulnerabilities.Conducting vulnerability assessment of applications, OS and networks.Researching and evaluating cyber security threats and perform root cause analysis.Responding immediately to cyber security-related incidents and provide a thorough post-event analysis.Investigating intrusion incidents and conduct forensic investigations.Conducting security research regarding threats, troubleshooting issues and manage upgrades on security platforms.Advising on data security issues, compliance and privacy requirements.

Practical use:

Tenable Nessus scanner, Open VAS, Kali Linux, OWASP ZAP, Palo Alto NGFW/Cortex XDR, Manage Engine Log Analyzer, Wazuh, Phishinsight Trendmicro;AWS WAF; Google workspace security.

SecOps

Назву компанії приховано

Банки

2 роки 1 місяць

08.2019 - 09.2021

As a SecOps, I monitored and supported security operations for malicious activity. I was responsible for determining appropriate response action(s) to an incident, following the agency standard techniques, tactics and procedures. In this role also responsible for the analysis and reporting of cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions, conducting vulnerability scans.

General responsibilities:

Frequently communicating with IT Ops, IT engineering, DBA, Network teams, SOC organizations.Monitoring and analyzing Security Information and Event Management SIEM to identify security issues for remediation.Triage IDS alerts, collecting related data from various network analysis systems, reviewing available open and closed source information on related threats & vulnerabilities, diagnosing observed activity for likelihood of system infection, compromise or unintended/high-risk exposure.Analyzing large volumes of network flow data for specific patterns/characteristics or general anomalies, to trend network activity and to correlate flow data with other types of data or reporting regarding enterprise-wide network activity.

Practical use: Palo Alto NGFW (security policies and profiles management), Palo Alto Cortex XDR, SIEM Exabeam UBA/AA.

Ключова інформація

• Уважність до деталей
• Лідерські якості
• Організованість
• Креативність

Навчався в 1 закладі

Київський військовий інститут управління та зв?язку

Інформатики та обчислювальної техніки/Комп'ютерна інженерія

Київ, 1998

Володіє мовами

Англійська

вище середнього

Може проходити співбесіду на цій мові

Може проходити співбесіду на цій мові

Курси, тренінги, сертифікати

Conference “Hack in Paris 2018”Training “Hacking and Securing Windows Infrastructure”2018 Paris

Paris, 2018

Education Center Softprom Solutions GmbH EC-Council Authorized course “Certified Security Analyst v10”

Kyiv, 2018

Education Center Softprom Solutions GmbHEC-Council Authorized course “Certified Security Analyst v10”2018 Kyiv, UkraineConference

“TeleStrategies. ISS World 2017”“Training Internet investigation”

Dubai, 2017

“TeleStrategies. ISS World 2017”“Training Internet investigation”2017 UAE, Dubai

Education Center ISSP Ukraine EC-Council Authorized course “CEH | Certified Ethical Hacker v8”

Kyiv, 2015

Education Center ISSP UkraineEC-Council Authorized course “CEH | Certified Ethical Hacker v8”

UkraineEducation Center Network TechnologiesTraining “NT-VOIP. Open source VoIP (Asterisk)”

Kyiv, 2013

UkraineEducation Center Network TechnologiesTraining “NT-VOIP. Open source VoIP (Asterisk)”

UkraineEducation Center “INKOM”Training “Penetration Test”

Kyiv, 2011

UkraineEducation Center “INKOM”Training “Penetration Test”2011 Kyiv, Ukraine

Додаткова інформація

Водійське посвідчення

B

Анонімний пошукач

IT Security Specialist, SecOps, IT security advisor

Київ

4 500 $

48 років

повна зайнятість

Характер роботи: віддалена робота

Оновлено 1 місяць тому