Candidates 15
$8000 / mo
≈ $96000 / year net
Information Security Officer, Head of Security, CISO,CSO
Ukraine · More than 10 years of experience · Advanced/Fluent ·Published 3 May · In passive search
Ukraine · More than 10 years of experience · Advanced/Fluent ·Published 3 May · In passive search
Experienced team lead in infrastructure and security.
Managed up to 25 senior engineers in remote/distributed team (US/Europe/India)
Hands-on experience with ISO27001, SOC2, GDPR audit/compliance, vulnerabilities testing, penetration test, writing security policies/roadmap and building control/evidence collection process
Ability to interact with all levels of stakeholders (from C-level or customers to operations team)
Led and implemented multi-millions dollars projects (data center design, cloud migration, worldwide WAN/SDWAN implementation)
Fluent English and French
Improved 3rd party security rating from 841 to 941 (out of 950)
First to obtain an Assurance Report on GDPR related controls from KPMG (in 2019, right after GDPR become mandatory)
I'm enjoying to work with a multicultural team in a remote working environment.
I'm not interested in relocating outside of Ukraine. Nor to work fulltime from an office.
$7500 / mo
≈ $90000 / year net
Cybersecurity Manager, CISO, SOC Manager, Threat Research, Detection Engineering
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 May · In passive search
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 May · In passive search
SOC Prime Sep 2019 - Now
Threat Research/Detection Engineering/Team Lead
Eurotelecom LLC Jan 2019 - Sep 2019
Cybersecurity Engineer/Analyst
DTEK Dec 2017 - Jan 2019
Cybersecurity Manager
StarlightMedia Jun 2017 - Dec 2017
Information Security Officer
PE Korsun 2014 - 2017
Senior Cybersecurity Analyst/Threat Research
Universalbank 2014
Information Security Officer
Piraeusbank 2008 - 2014
Information Security Officer
$3000 / mo
≈ $36000 / year net
System Administrator
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 19 April
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 19 April
$3500 / mo
≈ $42000 / year net
SOC Analyst/Engineer SIEM/SOAR Engineer
Ukraine · Kyiv · 5 years of experience · Advanced/Fluent ·Published 15 April
Ukraine · Kyiv · 5 years of experience · Advanced/Fluent ·Published 15 April
- Microsoft 365 Security incident response and investigation, custom detection rules creation(Defender for Endpoint, Defender for Identity, Defender for O365);
- L1 Analysts mentoring;
- Incident response, reporting and mitigation activities development;
- Ariel Query Language knowledge, capable of writing complex logic/rules, content for API requests or automation via SOAR;
- Kusto Query Language knowledge for advanced investigations in MS 365 Security, Threat Hunting, API requests or SOAR automation;
- Manual Playbooks creation for routine tasks performed by L1 Analysts;
- Automated Playbooks creation for SOAR (SIEMplify).
- created 4 automated playbooks that significantly reduce alert processing time
- coded 5 integrations to collect/send information from/to SOAR
- assisted in development of 30+ playbooks for different tasks/systems/automation levels
- managed connectors and integrations, debugged errors
SIEM experience:
- created 30+ rules of different complexity
- created automated SLA analytics reporting
- edited parsers and created parsing patterns for non-standard log sources
- assisted in creation and optimization of 40+ rules
- created custom AQL querries for reporting and fast information gathering
Incident Response experience:
- took part in more than 20+ incidents as part of incident responce team or the only incident responder
- provided instructions to mitigate malware infections, web site breach, DDoS
- took part in mitigation of unsactioned access, brute forces/password spraying, as part of the team
SOC analyst:
- took part in 100+ incidents investigations
- provided detailed reports for major incidents
- provided mitigation instructions to prevent similar incidents
Mentoring:
- mentored 3 SOC Analysts on all SOC-related work directly
- teached 10 SOC Analysts on speceific topics with mini-lectures with practical tasks
Earned certificates:
- CompTIA Security+
- SC-900
- AZ-900
- IBM Qradar Certified Analyst
- SIEM/SOAR content creation and debugging;
- Incidents investigation via SIEM or other systems with logging (MS 365 Security suite etc.);
- Query writing (AQL, KQL) for complex rules/logic, API requests or SOAR automation;
- Education (courses for used instruments and general security courses);
- Trainees/L1 Analysts mentoring;
- SOAR Playbooks creation and using other means for automation.
What I do NOT want:
- night shifts
- work in an international sponsor of war company (Raiffeisen Bank, Metro etc.)
- any work that requires speaking or writing in russian language.
$6000 / mo
≈ $72000 / year net
Information Security and Compliance Manager
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 8 April · In passive search
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 8 April · In passive search
My experience entails 5 certified companies by ISO27001, HIPAA and SOCv2.
I am strong in information seсecurity risk management, building IT and cybersecurity processes like access manageement, incident management, vulnerability management etc.
Also effective communication to top-management regarding communication information security risks that alligned with a company risks.
$10000 / mo
≈ $120000 / year net
Senior Security Consultant, Head of Security, Chief Information Security Officer (CISO)
Canada · More than 10 years of experience · Advanced/Fluent ·Published 8 April · In passive search
Canada · More than 10 years of experience · Advanced/Fluent ·Published 8 April · In passive search
• Information Systems and Technologies (20+ years)
Systems, network and security administration
IT General Controls design and implementation
System Policy and Group Policy Object design, implementation and support
• IT Audit, Security, Compliance and Governance (15+ years)
Information security audit (including ISO 27001 surveillance and certification audits)
Security/Threat Risk Assessment
Security incidents response
Firewall policies design, assessment and implementation
Vulnerability management
Business continuity and disaster recovery planning and implementation
Security awareness development and delivery
• Frameworks/Regulations (10+ years):
PIPEDA, GDPR, PCI-DSS, NIST, ISO 9001.27001/27017/27701, IEC 62443, NERC-CIP, CSA N290.7-14
• Additional experience (10+ years):
MS Project, Visio; SRM: RedSeal, AlgoSec; Nexpose, Nessus, Retina; Forensics: EnCase, FTK; SIEM: ArcSight, QRadar; GRC: Archer; ISF IRAM; McAfee ePO, Websense Web Security; CyberArk, FireEye
Led and successfully completed several ISO 27001 and SOC2 certification projects for different companies from start to end, and brought the certification to the companies.
$4000 / mo
≈ $48000 / year net
Chief Information Security Officer | Information Security Expert | Team Leader
Ukraine · 10 years of experience · Advanced/Fluent ·Published 4 April · In passive search
Ukraine · 10 years of experience · Advanced/Fluent ·Published 4 April · In passive search
• Information Security Management
• ISO 27001 Internal / Certification audit
• PCI DSS internal audit and implementation
• ISMS implementation
• Cybersecurity awareness / Social engineering
• IS Risk management
• ISMS compliance management / IS documentation development
• Penetration testing (PM, Lead Penetration Tester)
• Vulnerability management
• Security process development and implementation
• Security systems implementation and administration
$4500 / mo
≈ $54000 / year net
CIO, CISO, IT and cybersecurity consultant
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 April · In passive search
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 April · In passive search
Experience in the field of information security - 16 years (of which 12 years - managerial positions, in particular, five years - as CISO). Managed and supervised a team of 60+ information security specialists and engineers.
Five years of CIO experience. Managed and supervised a team of 100+ information technology specialists and engineers.
Ph.D. in Physical and Mathematical Sciences. Two master's degrees (in cybernetics and banking).
The main functions performed as CIO and CISO:
Strategic planning and management of goals, teams, and projects;
Developing and enforcing regulations and policies to be followed within the organization;
Building the organization's infrastructure and ensuring the correct set of tools and resources;
Planning, deployment, and maintenance of systems and operations;
Planning, managing, and overseeing the budget and procurement of equipment and services;
Managing relationships with stakeholders, suppliers, contractors, and service providers;
Governance, Risk management, and Compliance;
Providing the necessary skills for employees;
Knowledge of security threats/risks, building a security system in such a way that it can quickly respond, recover and be resistant to cyber threats.
Transformation of information technologies and information security departments;
Formation of a project portfolio and management of information technology and information security projects;
Implementation of new and modernization of existing information systems and information security systems;
Provision of backup and migration information systems to cloud service (Amazon Web Services);
Organization of the Information Security Management System implementation process by standards line ISO/IEC 270**;
Implementation of information security and event management system (SIEM, IBM QRadar)
Implementation of a system for detecting and preventing network attacks (IPS, IBM Proventia, NextGen IPS, Host IPS);
Implementation of a system for detecting and preventing network attacks for wireless networks (WIPS, Aruba Networks);
Implementation of a system for analyzing and filtering the content of Internet users (secure web gateway, Websense Web Security);
Implementation of a firewall system (Cisco ASA, ACS, Firepower) and secure email gateway (Cisco SEG);
Implementation of remote administrative access control and audit system (Balabit CSB);
Implementation of a Key Certificate Authority (PKI).
$4500 / mo
≈ $54000 / year net
Security Engineer
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 April · In passive search
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 April · In passive search
• Integrations and automations
• Data analysis, correlation and enrichment
• Guides, KB articles, security trainings
• Threat modelling
• Consultancy services, technical trainings, workshops
$8500 / mo
≈ $102000 / year net
Information Security Director/CISO/Program/Delivery Manager
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 2 April · In passive search
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 2 April · In passive search
I am also experienced in managing a large team of security subject matter experts and engineers, who conduct vulnerability assessments, penetration testing, code review, and software composition analysis for the company's web and mobile applications, using tools such as Microfocus Fortify and WebInspect.
As a subject matter expert and a certified CISM, I am passionate about helping companies build strong and comprehensive cybersecurity strategies that anticipate and prevent potential threats and damage to their businesses. I also have a strong background in modern technologies, which enables me to understand and address the complex and evolving security challenges in different production industries.
• Plan, establish, and manage cyber security processes, methods, approaches, and activities needed for all aspects of the organisation’s cyber security and safety.
• Conduct information security audits and ensure compliance with regulatory requirements and security standards such as GDPR, ISO 27001, and others.
• Develop and implement security policies and procedures, provide employee training, and raise awareness about Security practices.
• Creating and Managing the Application Security Program from scratch and implemented throughout the enterprise;
• Formulating and implementing monitoring, policies, procedures and standards relating to application security;
• In-House Fortify SSC and WebInspect Enterprise Infrastructure deployment for POC and PRODUCTION environments;
• Integrating Fortify SSC (SAST) and Fortify WebInspect Enterprise (DAST) into CI/CD pipeline;
• Operationalizing the SAST and DAST tooling – performing SAST and DAST assessments on the regular basis;
• Performing Vulnerability Validation / False Positive Analysis on automated tools findings and working with developers to remediate them;
• Documenting the Secure Coding Guidelines and Misuse Cases / Checklist for Manual Penetration Testing;
• Cloud infrastructure (Azure, AWS) security – conducting the cloud infrastructure security assessments on the basis;
• Implementing SOC 2 Type II requirements and obtaining the SOC 2 Type I and II audit certificate for the organization;
• Implementation of the Non-Financial Risk Management Framework & Information Security Management System (ISMS) in accordance to ISO 27000:2017 and ISO 31000 Standards;
• Company Certification according to ISO 27001:2017;
• The implementation the Crisis & Business Continuity Management Framework according to ISO 22301 Standard;
• The implementation of Personal Data protection processes in line with GDPR, Privacy Shield and CCPA regulation;
• Kubernetes cluster core security concept initial defining and implementation;
- 1(current)
- 2