Працював в 1 компанії   5 років 4 місяці

IT - консалтинг / Послуги / Виробництво устаткування

Cybersecurity Specialist

KR. Laboratories

IT - консалтинг / Послуги / Виробництво устаткування

5 років 3 місяці

03.2019 - до теперішнього часу

  • CISO: Was involved as personal vCISO for 50+ customers. Prevented potential personal data leaks and breaches. Collaborated with developers, managers, SOC and Blue teams to help remediate the impact of identified attacks, vulnerabilities and potential risks. Was a mentor for newcomers and conducted training for interns. Contributed to the programmers for enhancement of secure coding practices. Conducted security training, consultations and presentations for employees. Prepared 80+ detailed instructions on operational and information security, which led to a 40% reduction in overall security incidents.
  • Web Application Penetration Testing: Internal/External, Black-Box/Grey-Box/White-Box. Utilizing such tools as: Burp Suite, Metasploit, NMAP, SQLmap, Wireshark, Acunetix, Nessus, OpenVAS, OWASP Zap, WPScan, Joomscan, Cobalt Strike etc. Including such phases as: Information Gathering, Reconnaissance, Fuzzing, Enumeration, Fingerprinting, Bypassing, Spoofing, Exploitation, Post-Exploitation, Privilege Escalation, Reporting.
  • Security Audits and Vulnerability Assessment: Manual/Automated, including DAST/SAST/IAST instruments. Prepared more than 20 detailed reports with recommendations, according to different methodologies: OWASP Top 10, OWASP WSTG, OWASP ASVS, SANS Top 25, MITRE ATTACK, OSSTMM, PTES, BSI, ISSAF, WASC, PTF, DISA STIG.
  • Web Application Security, Endpoint Security: Protecting web applications and preventing security risks for IT-systems, using WAF, NGFW, IPS/IDS, DLP. Mitigated 100 attacks, blocked over 400 threats. Improved security for 100 WordPress customers websites. Mitigated more than 50 attacks of various types: DDOS, Brute Force, APT, SQL/XSS/PHPi, CSRF/SSRF, LFI/RFI/RCE.
  • Cyber Threat Intelligence: Conducted 5 OSINT Investigations, which revealed malicious domains, suspicious operations and deanonymize intruders.Was involved as vCISO for 5 customers. Prevented potential 10 data leaks. Created more than 10 training documents and materials on cybersecurity.

Ключова інформація

  • Scripting/Programming languages: Python, JavaScript, Bash, PowerShell, PHP,HTML/CSS, XML, YAML, JSON.
  • Offensive Security tools: Burp Suite, Metasploit, NMAP, OWASP Amass, OWASPNettacker, OWASP Zap, SQLmap, Cobalt Strike, Wireshark, Hashcat, THC Hydra,John the Reaper, Aircrack NG, Intercepter-NG, BeeF, XSStriker, FFUF, Dirb, Dirbuster,Dirhunt, Photon, Maigret, Sherlock etc.
  • OSINT tools: Maltego, Shodan, Censys, DNSdumpster, Nuclei, Nikto, Metagoofil,exiftool, theHarvester, SecurityTrails, SimilarTech, Wappalyzer, BuiltWidth, Netcraft,DNSlytics, PublicWWW, OPSWAT, GHUNT, SpiderFoot, IBM QRadar etc.
  • Soft Skills: Critical Thinking, Analytical Thinking, Planning, Reporting, Auditing, Troubleshooting, Responsibility, Management.

Навчався в 1 закладі

European University

IT Engineering

Kyiv, 2008

Володіє мовами

Англійська

вище середнього

Українська

рідна

Може проходити співбесіду на цій мові

Може проходити співбесіду на цій мові

Курси, тренінги, сертифікати

Certified Ethical Hacker (C|EH)

2020

Link: https://mega.nz/file/NIYHyI5Q#5jOXpDbLce5Ttc4zfboBPc9mKpgZzFkKCDOaZWaYxPg

Додаткова інформація

Summary

Highly motivated IT Security Professional with 3+ years of experience. Focused on Web Application Security, Penetration Testing (White/Grey/Black box), Vulnerability Assessment, Information Security. Has deep technical background in Ethical Hacking. Understanding business objectives and needs for cybersecurity.

  • My articles: https://kr-labs.com.ua/author/konrad-ravenstone/
  • Some clarifications:
    My English - only technical.
    Jobs, which I'm considering - only remote.
    I do not respond to irrelevant offers.

Konrad

Chief Information Security Officer (CISO)

Львів

Готовий переїхати: Київ, Одеса, Дніпро, Вінниця, Запоріжжя, Івано-Франківськ, Рівне, Харків, Хмельницький, Чернівці, Ужгород, Мукачево, Дрогобич, Стрий, Трускавець, Червоноград, Кам'янець-Подільський

36 років

Працює, але відкритий для пропозицій

повна зайнятість, неповна зайнятість, проектна робота

Характер роботи: віддалена робота

Оновлено 2 дні тому