Security Engineer

Candidate brings a valuable blend of experience, with a robust 5-year background as a system administrator, specializing in Linux/Unix server management and network security. Following this foundational period, they have dedicated the past 3.5 years to the dynamic and ever-evolving field of cybersecurity. During their tenure as a system administrator, the candidate demonstrated expertise in the critical domains of Linux and Unix server administration. The combination of their system administration background and their transition to cybersecurity positions them as a well-rounded professional with a comprehensive understanding of both infrastructure management and the intricacies of securing digital environments. This dual expertise can contribute significantly to addressing the increasingly sophisticated challenges in the realm of cybersecurity.

Kyiv Polytechnic Institute / Bachelor's degree - Computer Science

2013 – 2017 

Kyiv, Ukraine

Certifications:

• PEN-300: Advanced Evasion Techniques and Breaching

• CRTP - Certified Red Team Professional

• eWPTXv2 Web application Penetration Tester eXtreme

• eCPTXv2 eLearnSecurity Certified Penetration Tester eXtreme

• Certified Ethical Hacker (Practical)

• Red Hat Certified System Administrator (EX200)

Cyber Security Engineer / PASHA TECHNOLOGY Cloud Provider

November 2022 – Present

Baku, Azerbaijan

• Red Team assessment, Purple Team improving

• Malware analysis, Reverse engineering, Cyber Threat Intelligence, Attack simulation

• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks.

• Troubleshooting security and network problems.

• Responding to all system and/or network security breaches.

• Ensuring that the organization's data and infrastructure are protected by enabling the appropriate security controls.

• Participating in the change management process.

• Testing and identifying network and system vulnerabilities.

• Daily administrative tasks, reporting, and communication with the relevant departments in the organization

Senior Penetration Tester / Deloitte CIS

January 2022 – November 2022 

Moscow

• Work with external vendors to perform penetration tests on network devices, operating systems, databases, and Applications as necessary

• Create and hold workshops illustrating the state of the art of various technologies and assessment strategies

• Work on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets

• Communicate technical vulnerabilities and remediation steps to developers and management

• Be responsible for performing manual penetration testing and communicating your findings to both Business and Developers

• Provides assistance to system users relative to information systems security matters

• Work with application developers to validate, assess, understand root cause and mitigate vulnerabilities

• Perform web application, mobile application and network penetration tests

• Develop processes and implement tools and techniques to perform ongoing security assessments of the environment

• Analyze security test results, draw conclusions from results and develop targeted testing as deemed necessary

• Providing technical consultation on Security Tools and Technical Controls

• + Development of ‘rules of engagement’ with partners

• Develop security standards, policies, automation scripts

• Perform security reviews of application designs and source code review

Security Auditor | Penetration Tester / The State Agency on Mandatory Health Insurance

June 2020 – January 2022 

Baku, Azerbaijan

• First Security Auditor Penetration tester and Linux Administrator

• Perform web application, mobile application and network penetration tests

• Develop processes and implement tools and techniques to perform ongoing security assessments of the environment

• Analyze security test results, draw conclusions from results and develop targeted testing as deemed necessary

• Providing technical consultation on Security Tools and Technical Controls

• Develop security standards, policies, automation scripts

• Perform security reviews of application designs and source code review