cv

Founder, Freelancer

CyberTwierdza

Lead Cyber Security Specialist

Finteco

Ongoing project: establishing and leading SOC department - SOC processes (L1+L2); - Service portfolio for SOC team (KPI, SLA, documentation); - Training and skill management; - Improving Cloud security posture for AWS and Azure tenants; - Reporting to senior management; Technology stack: Azure Sentinel, ELK, Azure Defender products, Power Automate + Logic Apps, MITRE ATT&CK, Use Case management (MaGMa UCF), Tenable Nessus, Netsparker (Invicti), AWS, Azure, CIS: Controls+RAM+CSAT. Main Responsibilities Security Framework: - initiate process for multiple companies in Group; - establish audit process for IT dept in scope of security (CIS CSAT tooling) Risk assessment: - CIS RAM v2, risk assessment process, review risk registry, policy development; Vulnerability management: - establish process; - policy development (in scope of PCI DSS and ISO27k); - technical controls (Tenable scans, Netsparker, SonarQube); PCI DSS: - Internal Audit: -- (Cybersecurity assessments, compliance with PCI DSS v3.2.1); -- Firewall review audits; -- Development configuration standards; - SAQ-D for merchants; - ASV (work with reports, remediation plan); - Internal Vulnerability scans; - work activities with QSA auditor (External audit for PCI DSS Level 1); - Support all related to compliance activities; IAM: - Azure IAM; - Conditional Rules in Azure for multiple companies; - MFA implementation; - documentation (guidelines and policies); - education for Management and IT depts;

Senior System Administrator

Finteco

Azure: - IAM, - RBAC, - PAM, - SSO configurations, - Conditional Access rules (MFA, rules, architecture); IAM for different services in group company (solutions for Attlassian products, developer tools, etc..); Compliance issues (PCI DSS and ISO27k1 (+ISO 9001): activities, policies\procedures\guidelines\security standards); Microsoft365 products support, Sharepoint automatizations (PowerAutomate), MS Teams configuration; Risk management activities; Security Baseline (project management, support, develop documentation approach, hardening devices); Support different activities in group of companies (IT operations and devops support); Vuln management (for Project and Infrastructure): configure scanning, work with reports \ audits, ASV scans (specific of PCI DSS);

Lead System Administrator

Finteco

Responsibilities: - general admin issues Current projects: - Implementation of company monitoring system (Zabbix + PostgreSQL + specific python scripts + SMS Gateway); - IDS\IPS (Suricata IDS, Elasticsearch, Kibana); Wazuh HIDS, SCA\OpenSCAP profiling, Vulnerability scanning (OpenVAS, Nessus, metasploit scripting) - Some internal project issues (Docker servers, deployment new servers.); - Automatization of backup process with Bacula + python scripts. - Ansible, Chef automatization;

System Administrator

CTDev

Responsibilities: configuring, maintaining, troubleshooting servers\network devices, support users. Some completed large issues\projects in last 2 years. For company needs: implemented VoIP, large network issues(upgrade router devices, upgrade L2 switches to high-perfomance hardware from Avaya, installed\configured Cisco wireless controller, implemented VLANs, migrated iptables firewall rules to cisco ZBFW, a lot of tasks with rellocation company to another office (some planning tasks, support project, communication with builders, preparation network), preparing steps to get status "Microsoft Silver Partner:Application Development" (non-full support of the project) - registration company, passed special exams, worked with invoices from Microsoft. For EcoPayz (internal company project): migrated project servers of TEST\DEV\STAGING Environments from Windows Server 2003 to Windows Server 2016 (preparation IIS configuration, MsSQL servers), configured failover clusters (for SQL roles, Availbality SQL groups), installed Network Balancers for App-servers (based on Windows NLB services).

System Administrator

CTXM

Responsibilities: configuring, maintaining, troubleshooting Linux servers infrastructure (SQUID, BIND, iptables, postfix\dovecot, SVN, openVZ, bacula, etc), Windows servers 2008\2012(IIS,SQL Servers,Exchange 2003,AD,DNS), configuring network devices (L2 switches, L3 cisco routers, wireless APs). User supporting, purchasing any IT hardware, maintaining another office devices (printers\faxes\phone lines). Some completed large issues\projects: upgraded servers to a new hardware (to rack IBM servers), migrated all physical project servers to Vmware infrastructure (included configuration\tunning VCenter), implemented centralized backup solution for servers\workstation, finished large "Security project" (installation\configuration access control system Kantech, configured server room monitoring using DSC controller and sensors, implemented video surveillance system).

Cisco network academy

Engineer's degree

Belarusian State University of Informatics and Radioelectronics

Information Technology