Lead information security engineer
Loyalty service llc
Total des années d'expérience :5 years, 11 Mois
• Internal and external audit of IT infrastructure.
• Penetration testing, Incident analysis and response
• Installation, configuration of SIEM system, IDS/IPS etc.
• Develop, design and implement DevSecOps strategy and architecture
• Developing threat model using MITRE_ATT&CK framework
• Security awareness training for employees including social engineering
• Development, defining, implementation of regulatory documents in accordance with Federal Laws and ISO 27001, 27002, PCI DSS, MITRE, SANS, NIST, OWASP.
• Collaboration, signing agreements with vendors and clients
• Installation, configuration, troubleshooting and management of networking devices, servers, services, subsystems, Exchange servers, DHCP, AD, ACL etc.
• Installation, configuration, troubleshooting and management of Zabbix for enterprise IT infrastructure monitoring.
• Troubleshooting, maintaining and management of IoT devices.
• Implemented automation for information security processes.
• Participated in IT infrastructure development planning.
• Provided information security for remote offices through VPN.
• Conducted network troubleshooting and security analysis.
• Utilized PowerShell and Python for system administration tasks.
• Ensured smooth operation of local networks, servers, & network devices.
• Managed 300 workstations including MES workstations.
• Registered and managed user accounts and passwords.
• Implemented data copying, archiving, and backup processes.
• Provided technical and software support to users.
• Managed Active directory
• Identified and resolved network and program errors.
• Implemented measures for ensuring technological security.
• Performed all tasks and duties of system administrator such as managing 190 workstations including special medical equipment’s, troubleshooting network, servers, AD, ACL, DNS, DHCP, and network devices.
• Administered and secured hospital website.
• IT audit of the hospital
• Participated in information security system implementation projects.
• Assisted in infrastructure and network IT projects.
• Utilized and implemented virtualization using VMware.
• Maintained office equipment, prepared documentations and inventory.
• Worked with specials medical software and devices.
Vulnerability assessment, Penetration testing utilizing all open-source tools included in Kali Linux such as OpenVAS, Nmap, Nikto, Burpsuit, Nessus, SQLMap, Theharvester, sublist3r, Netcat, Google Dorks, Dirb, enum4linux, DNSRecon, Dig, Metasploit, John the Ripper, Wireshark, Ettercap, Hping3, Mimikatz etc.
Project: Use of machine learning technology in penetration testing: Focus on IDS evasion Project: Opensource software threats Practical project: Critical infrastructure security threats and solutions Paper: Secure DevOps practices scientific research on ML based IDS evasions using saliencyMapattack with cleverhans framework. creating/writing and training ML based python program to evade IDS and proposing defence mechanism.
Bachelor: Infocommunication Technologies and Communication Systems Specialization: Secure Systems and Networks University: Siberian State University of Telecommunications and Informatics, Novosibirsk