Candidates 81
$3000 / mo
≈ $36000 / year net
Information Security Auditor
Germany · 8 years of experience · Intermediate ·Published today
Germany · 8 years of experience · Intermediate ·Published today
Ensured compliance with regulatory requirements and industry standards
Skilled in deploying and auditing ISO 27001 compliant Information Security Management Systems to ensure robust data protection policies and controls are in place.
Knowledgeable in vulnerability assessment methodologies and tools (Nessus, Qualys, OpenVAS) to identify and remediate security weaknesses.
Strong technical expertise in diverse areas of information security coupled with ability to communicate cyber risks and mitigation strategies clearly to executives and users.
Conducted comprehensive compliance audits and risk assessments, identifying potential vulnerabilities and attack vectors. Based on the findings, proposed effective risk mitigation measures.
$5500 / mo
≈ $66000 / year net
Senior Cybersecurity Сonsultant, Penetration Tester, Read Team Leader
Thailand · More than 10 years of experience · Advanced/Fluent ·Published today
Thailand · More than 10 years of experience · Advanced/Fluent ·Published today
I'm a high-qualified Cybersecurity expert with extensive work experience and excellent skills for solving different kinds of Cyber- and Information Security issues, preferably Penetration Testing, Project Management, Web Application security audit, educating staff and Open Source Intelligence (OSINT), .
My extra professional benefits are in the effective communication area, including marketing and writing. This rare combination of skills lets me not only effectively work in the technical cybersecurity domain but also easily explain complicated cybersecurity issues to a wide audience; promote company products and strengthen company positions on the market.
You also may know me as the author of the educational video courses "Cybersecurity attacks (Red Team Activity)", "Cybersecurity: Methods of Protection (Blue Team Activity)" released by Packt Publishing House in 2018, "The Secrets of OSINT. Become James Bond of the Internet and Find Out Everything About Anyone" (2019), "How to Outwit a Social Engineer" (2020).
My main principles and approach for the work totally correspond with the fundamentals of cybersecurity: Confidentiality, Integrity, Availability.
$5000 / mo
≈ $60000 / year net
Cybersecurity Specialist
Azerbaijan · 5 years of experience · Upper-Intermediate ·Published yesterday
Azerbaijan · 5 years of experience · Upper-Intermediate ·Published yesterday
I am proud to be one of the leaders of OWASP Baku chapter, where I help build a strong community of cybersecurity professionals and share my knowledge with others. Through this role, I have had a significant impact on the development of the chapter and its members. I also serve as a member of the Synack Red Team, a community of like-minded security enthusiasts who share my commitment to staying ahead of the latest threats and technologies.
$7450 / mo
≈ $89400 / year net
Information Security/Cybersecurity Analyst/Engineer/Manager
United States · More than 10 years of experience · Advanced/Fluent ·Published yesterday
United States · More than 10 years of experience · Advanced/Fluent ·Published yesterday
Cybersecurity lead working with IT leadership and key stakeholders across the university. Addressed risk management and information security compliance concerns including maintaining security plans and providing contract guidance. Provided direction, technical development, and implementation for securing the University’s data infrastructure through information security policies, regulatory standards, and assessments.
• Managed effective regulatory Governance, Risk, and Compliance (GRC) programs acting as a liaison with university departments with industry standards and frameworks including NIST, ISO, CMMC 2.0, DFARS, PCI-DSS, and HIPAA. Utilized HITRUST and GRC tools.
• Identified security vulnerabilities and applied solutions to mitigate risks. Team lead for incident response including detailed forensic analysis (EnCase).
• Developed and updated university system security plans (SSPs) and policies while managing their technical controls and security assessments based on regulatory requirements.
• Documented, created policies, procedures, and managed UConn’s Secured Research Infrastructure (SRI) maintaining NIST 800-171 security controls for safeguarding Controlled Unclassified Information (CUI) data. Quarterly university assessment utilizing NIST CSF.
• Researched, evaluated, and recommended information security solutions, government and industry standards, and procedures to protect technology assets including protecting legacy systems and adapting to changing and emerging technologies.
• Improved UConn’s security posture by following government regulations, requirements, and compliance initiatives including establishing security standards, auditing, performing periodic benchmark assessments, comparing against industry best practices, and testing of security controls for compliancy review and remediation.
• Assisted the CISO with long term information security planning while providing institutional assessments around technical security initiatives.
• Provided IT Security risk assessments and audits as needed. Managed vendor cloud risk management questionnaires and assessments. Experience with firewalls and VPNs.
• Redesigned and implemented technical information security procedures and practices where necessary in collaboration with ITS staff. Utilization of Jira ticketing system.
• Provided direction and training of cybersecurity awareness programs to the technical and non-technical audiences.
$1000 / mo
≈ $12000 / year net
information protection engineer
Ukraine · Kharkiv · 6 years of experience · Pre-Intermediate ·Published yesterday
Ukraine · Kharkiv · 6 years of experience · Pre-Intermediate ·Published yesterday
Rapid7 InsightVM, Rapid7 Metasploit PRO, Zabbix, Tenable, Netwrix Auditor, IP Telephony
(UNIFY) systems, GPO, AD.
$8000 / mo
≈ $96000 / year net
Information Security Officer, Head of Security, CISO,CSO
Ukraine · More than 10 years of experience · Advanced/Fluent ·Published 3 May · In passive search
Ukraine · More than 10 years of experience · Advanced/Fluent ·Published 3 May · In passive search
Experienced team lead in infrastructure and security.
Managed up to 25 senior engineers in remote/distributed team (US/Europe/India)
Hands-on experience with ISO27001, SOC2, GDPR audit/compliance, vulnerabilities testing, penetration test, writing security policies/roadmap and building control/evidence collection process
Ability to interact with all levels of stakeholders (from C-level or customers to operations team)
Led and implemented multi-millions dollars projects (data center design, cloud migration, worldwide WAN/SDWAN implementation)
Fluent English and French
Improved 3rd party security rating from 841 to 941 (out of 950)
First to obtain an Assurance Report on GDPR related controls from KPMG (in 2019, right after GDPR become mandatory)
I'm enjoying to work with a multicultural team in a remote working environment.
I'm not interested in relocating outside of Ukraine. Nor to work fulltime from an office.
$7500 / mo
≈ $90000 / year net
Cybersecurity Manager, CISO, SOC Manager, Threat Research, Detection Engineering
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 May · In passive search
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 May · In passive search
SOC Prime Sep 2019 - Now
Threat Research/Detection Engineering/Team Lead
Eurotelecom LLC Jan 2019 - Sep 2019
Cybersecurity Engineer/Analyst
DTEK Dec 2017 - Jan 2019
Cybersecurity Manager
StarlightMedia Jun 2017 - Dec 2017
Information Security Officer
PE Korsun 2014 - 2017
Senior Cybersecurity Analyst/Threat Research
Universalbank 2014
Information Security Officer
Piraeusbank 2008 - 2014
Information Security Officer
$5000 / mo
≈ $60000 / year net
Information Security Professional
Azerbaijan · 7 years of experience · Upper-Intermediate ·Published 2 May
Azerbaijan · 7 years of experience · Upper-Intermediate ·Published 2 May
“Azerbaijan Railways” CJSC
2023-Present
- Developing and executing information strategy, including threat modeling and
network security.
- Leading and mentoring cybersecurity team in advanced security measures
implementation including EDR/XDR, WAF, TI, SIEM, PAM, Mail Security and etc.
- Providing strategic direction in cybersecurity technologies, including cloud
security and IAM.
- Managing incident response, SOC operations, and malware detection.
- Implementing cutting-edge creative security solutions.
- Collaborating with IT for secure configuration management and patching.
- Conducting risk assessments, pentests and vulnerability scans, implementing
remediation.
- Ensuring compliance with regulations like ISO27001.
- Delivering cybersecurity training covering phishing and secure coding.
- Managing vendor relationships and cybersecurity budget.
- Staying updated on emerging threats and technologies.
CISO
“Expressbank” OJSC
2021-2023
- Developing and executing information security strategy aligned with regulatory
requirements.
- Leading and mentoring cybersecurity team to ensure effective performance.
- Establishing incident response procedures for prompt resolution of
cybersecurity incidents.
- Overseeing SOC for continuous threat monitoring and response.
- Engaging with technical teams to enhance existing security controls.
- Conducting regular risk assessments, pentests and ensure regulatory
compliance.
- Delivering cybersecurity awareness training to promote a security-conscious
culture.
- Managing vendor relationships and cybersecurity budget effectively.
- Staying informed about emerging threats and drive continuous improvement
initiatives.
Leading specialist of Information Security Division
“Expressbank” OJSC
2018-2021
- Leading the management of SIEM, EDR/XDR, Mail Security, WAF, PAM,
- Vulnerability Management systems, and other cybersecurity technologies.
- Configuring, optimizing, and m
Technical solutions specialist
Avirtel (Internet Provider)
2018 - 2018
- Configuring and installing various
network devices and services
(switches, routers, firewalls);
- Performing network maintenance
and system upgrades including
service packs, patches, hot fixes
and security configurations.
IT Specialist (Help Desk)
International Bank of Azerbaijan
2017-2018
- Performing remote troubleshooting
through diagnostic techniques and
pertinent questions;
- Troubleshooting PC (hardware and
software), network connectivity and
peripheral equipment.
$5300 / mo
≈ $63600 / year net
System Engineer (IT Infrastructure + Networks + Network Security), CCNP, CCNA
Ukraine · More than 10 years of experience · Upper-Intermediate ·Published 2 May
Ukraine · More than 10 years of experience · Upper-Intermediate ·Published 2 May
Virtualization (VMware and Microsoft Hyper-V), Public (AWS, Mail.ru) and Private Clouds, SDN (Software Defined Networking: VMware NSX 6.2, Cisco) NVF virtual appliances, High-availability HA-clustering, Hi-Load systems, Load Balancers, SAN (Storage Area Networks) Fault-tolerant storages, Backup/Restore, Disaster Recovery Planning, SNMP Monitoring systems, Inventorying systems, Ansible, Python, etc…
Networks, Telecommunications, Datacenter networking, Unified Communications
all interconnections: Datacenters + company’ offices + remote personnel, intra-Datacenter networking,
Software Defined Networks, Data networks, Storage Area networks, etc…
IP, IPv6, RIP LIR, ISR/ASR, dynamic routing protocols (BGP, OSPF, ISIS, etc), VRF,
Layer2 and Layer3 Switches, Virtual Extensible LAN (VXLAN), MPLS, FrameRelay, MetroEthernet,
WiFi Wireless Controllers + Access Points, Quality of Service, Multicasts,
IP-telephony (Cisco and Asterisk), Audio+Video conferences, Video surveillance, etc …
(Multiple vendors + OpenSource solutions)
Cyber Security
NextGeneration Firewalls and NextGeneration Intrusion Detection/Protection systems IDS/IPS (HA-clusters),
all types of VPNs, IPSec, Tunneling,
Network Security Systems, Cloud antiDDoS Filtering Systems, Adaptive Security Appliances,
Email Security systems, WEB Security systems, HAproxy, Balancers,
Endpoint Protection Systems, Antivirus systems,
Access Control Systems, Authentication Authorization Accounting (AAA) systems,
Public Key Infrastructure PKI, Certificate Authority,
Microsoft Windows Server Enterprise CA, Microsoft Active Directory, etc …
(Multiple vendors + OpenSource)
Engineering systems of Datacenters
uninterrupted power supply, structured cabling systems (Optical and Copper), monitoring systems,
access control systems, video surveillance, air conditioning, ventilation, firefighting systems, illumination, etc …
IT management, Project management, Personnel management: ITIL / ITSM, COBIT, PMBoK
CCIE Enterprise Infrastructure #19571 (Cisco Certified InterNetwork Expert)
CCIE Routing&Switching (Cisco Certified InterNetwork Expert)
CCNP SECURITY - Cisco Certified Network Professional Security
CCNP VOICE Cisco Certified Network Professional VOICE
Cisco Certified Specialist - Security Core
Cisco Certified Specialist - Network Security Firepower
Cisco Certified Specialist - Network Security VPN
Implementation
Cisco Certified Specialist - Security Identity Management Implementation
Cisco Certified Specialist - Web Content Security
HUAWEI certifications:
HUAWEI Certified Routing and Switching Solutions Specialist
SAGEM certifications:
SAGEM Expert
$5000 / mo
≈ $60000 / year net
Application Security, Offensive Security
Ukraine · 8 years of experience · Upper-Intermediate ·Published 1 May
Ukraine · 8 years of experience · Upper-Intermediate ·Published 1 May
- Development and implementation of security and anti-reverse-egineering mechanisms.
- Building and support of cross-vendor security infrastructure.
- Close collaboration with procurement including but not limited to cost analysis, resource
allocation, software purchasing and scaling.
- Building SSDLC, process implementation and support.
- Penetration testing for web and mobile assets.
Security Engineer
- Analyzing and streamlining the company's needs for the security infrastructure.
- Building the security infrastructure from scratch.
- Building the SSO infrastructure for the company including the procurement flow and downstream to individual users.
- Setup of DAST/SAST for websites and solidity code including process automation.
- VPN infrastructure setup.
- E2E penetration testing with the main focus on the web assets.
- Phishing attack simulation setup including statistics analysis, dedicated tool setup (Gophish)
and personnel training.
Offensive Security Engineer
- Direct report to Major Security Application Lead. Dotted line report to the Head of the Mobile division.
- Building the communication framework for cross-vendor security analysis.
- UK office support for the compliance including ISO 27001, adjustment for GDPR and
building the company-level processes to ensure the certification.
- Building the vulnerability management process. Scaling and supporting the process for
mobile teams.
- Creating and supporting the documentation for security mechanisms implementation.
- Setup of auto-code scanner - SAST based on fortify scan
Mobile Penetration Tester
- Security Analysis, Security Testing, Penetration testing.
- iOS/Android apps and server-side black box Security Audit.
- Domains: crypto-based solutions, gambling, educational solutions, fintech