As a Senior IT Security manager, I am responsible for the implementation of a project on network infrastructure security and endpoint protection based on Palo Alto Networks solutions (Cortex XDR/NGFW):

work with vendor, pilot project implementation, implementation in production; maintenance of the implemented solution (troubleshooting, configuring and update); preparation of reports and recommendations on information security.

I am working on:

Security audit (analyzing firewall configurations, RBAC, network segmentation (L4/L7), security compliance).IT security documentation (policies, procedures, standards and guidelines).Conducting vulnerability scans.Conducting IT security awareness trainings with the company employees.Scanning of the company's network and production infrastructure. Interaction with vulnerability remediation teams.Implementing hardening standards based on Center for Internet Security (CIS) Benchmarks.Investigation of security incidents (phishing, malware etc.).

General responsibilities:

Evaluating internal security architecture including design assessment, risk assessment and threat modeling.Maintaining a comprehensive set of tools for cyber security monitoring and vulnerability scanning of network, systems and applications.Leading the information security team in effectively utilizing security systems to support the cyber security infrastructure, ensure network architecture compliance.Providing technical leadership regarding cyber security protocol related to desktop applications, web applications.Monitoring and contributing to the tracking, prioritizing and resolution of security incidents, issues and vulnerabilities.Conducting vulnerability assessment of applications, OS and networks.Researching and evaluating cyber security threats and perform root cause analysis.Responding immediately to cyber security-related incidents and provide a thorough post-event analysis.Investigating intrusion incidents and conduct forensic investigations.Conducting security research regarding threats, troubleshooting issues and manage upgrades on security platforms.Advising on data security issues, compliance and privacy requirements.

Practical use:

Tenable Nessus scanner, Open VAS, Kali Linux, OWASP ZAP, Palo Alto NGFW/Cortex XDR, Manage Engine Log Analyzer, Wazuh, Phishinsight Trendmicro;AWS WAF; Google workspace security.

As a SecOps, I monitored and supported security operations for malicious activity. I was responsible for determining appropriate response action(s) to an incident, following the agency standard techniques, tactics and procedures. In this role also responsible for the analysis and reporting of cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions, conducting vulnerability scans.

General responsibilities:

Frequently communicating with IT Ops, IT engineering, DBA, Network teams, SOC organizations.Monitoring and analyzing Security Information and Event Management SIEM to identify security issues for remediation.Triage IDS alerts, collecting related data from various network analysis systems, reviewing available open and closed source information on related threats & vulnerabilities, diagnosing observed activity for likelihood of system infection, compromise or unintended/high-risk exposure.Analyzing large volumes of network flow data for specific patterns/characteristics or general anomalies, to trend network activity and to correlate flow data with other types of data or reporting regarding enterprise-wide network activity.

Practical use: Palo Alto NGFW (security policies and profiles management), Palo Alto Cortex XDR, SIEM Exabeam UBA/AA.

Cyber Security Devision, Ministry of Defence of Ukraine

Position:

Deputy Head (2016 – 2019)

Position: Head of Information Systems Security division (2006 – 2016)

Position: System Engineer (2002 – 2006)

Position: Network Administrator (1998 – 2002)

General responsibilities:

Managing and leading a team of cyber security professionals (over 20 employees) while growing the department.Providing one-on-one end-user training as requested.Configuring WAN with VPN tunneling for connectivity between different sites.Removing virus and spyware on board spectrum of operating systems and hardware configuration.Managing one or more high profile/high impact projects considered to be of medium to high level complexity.Directing and monitoring activities of cross-functional project personnel, identifying resource needs, performing quality review, and escalating functional, quality, timeline issues appropriately to ensure project progresses on schedule and within budget.Interacting with senior management to manage and monitor project portfolio including, but not limited to, review of project proposals to determine goals, time frame, funding limitations, procedures for accomplishing project, staffing requirements, and allotment of resources.Facilitating project team meetings and monitoring creation of project communications plan to provide updates regarding the impact of project activities to project stakeholders.Preparing and controlling the performance specifications.Controlling software development.

Practical use: Penetration testing, Detecting fishing malware, Linux Administration