Security Engineer

Senior

Azerbaijan

Skills

API Testing

Cybersecurity

mobile testing

red team

web testing

penetration testing

Languages

English B1

Available for hire from

2750

Professional Summary

Candidate brings a valuable blend of experience, with a robust 5-year background as a system administrator, specializing in Linux/Unix server management and network security. Following this foundational period, they have dedicated the past 3.5 years to the dynamic and ever-evolving field of cybersecurity. During their tenure as a system administrator, the candidate demonstrated expertise in the critical domains of Linux and Unix server administration. The combination of their system administration background and their transition to cybersecurity positions them as a well-rounded professional with a comprehensive understanding of both infrastructure management and the intricacies of securing digital environments. This dual expertise can contribute significantly to addressing the increasingly sophisticated challenges in the realm of cybersecurity.

Education

Kyiv Polytechnic Institute / Bachelor's degree - Computer Science

2013 – 2017

Kyiv, Ukraine

Certifications:

PEN-300: Advanced Evasion Techniques and Breaching
CRTP - Certified Red Team Professional
eWPTXv2 Web application Penetration Tester eXtreme
eCPTXv2 eLearnSecurity Certified Penetration Tester eXtreme
Certified Ethical Hacker (Practical)
Red Hat Certified System Administrator (EX200)

Experience

Cyber Security Engineer / PASHA TECHNOLOGY Cloud Provider

November 2022 – Present

Baku, Azerbaijan

Red Team assessment, Purple Team improving
Malware analysis, Reverse engineering, Cyber Threat Intelligence, Attack simulation
Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks.
Troubleshooting security and network problems.
Responding to all system and/or network security breaches.
Ensuring that the organization's data and infrastructure are protected by enabling the appropriate security controls.
Participating in the change management process.
Testing and identifying network and system vulnerabilities.
Daily administrative tasks, reporting, and communication with the relevant departments in the organization

Senior Penetration Tester / Deloitte CIS

January 2022 – November 2022

Moscow

Work with external vendors to perform penetration tests on network devices, operating systems, databases, and Applications as necessary
Create and hold workshops illustrating the state of the art of various technologies and assessment strategies
Work on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets
Communicate technical vulnerabilities and remediation steps to developers and management
Be responsible for performing manual penetration testing and communicating your findings to both Business and Developers
Provides assistance to system users relative to information systems security matters
Work with application developers to validate, assess, understand root cause and mitigate vulnerabilities
Perform web application, mobile application and network penetration tests
Develop processes and implement tools and techniques to perform ongoing security assessments of the environment
Analyze security test results, draw conclusions from results and develop targeted testing as deemed necessary
Providing technical consultation on Security Tools and Technical Controls
+ Development of ‘rules of engagement’ with partners
Develop security standards, policies, automation scripts
Perform security reviews of application designs and source code review

Security Auditor | Penetration Tester / The State Agency on Mandatory Health Insurance

June 2020 – January 2022