Candidates 16
$7500 / mo
≈ $90000 / year net
Cybersecurity Manager, CISO, SOC Manager, Threat Research, Detection Engineering
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 May · In passive search
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 May · In passive search
SOC Prime Sep 2019 - Now
Threat Research/Detection Engineering/Team Lead
Eurotelecom LLC Jan 2019 - Sep 2019
Cybersecurity Engineer/Analyst
DTEK Dec 2017 - Jan 2019
Cybersecurity Manager
StarlightMedia Jun 2017 - Dec 2017
Information Security Officer
PE Korsun 2014 - 2017
Senior Cybersecurity Analyst/Threat Research
Universalbank 2014
Information Security Officer
Piraeusbank 2008 - 2014
Information Security Officer
$500 / mo
≈ $6000 / year net
Системний адміністратор
Ukraine · Kyiv · No experience · Advanced/Fluent ·Published 29 April
Ukraine · Kyiv · No experience · Advanced/Fluent ·Published 29 April
$1500 / mo
≈ $18000 / year net
Penetration Tester
Ukraine · Kyiv · 6 months · Advanced/Fluent ·Published 23 April
Ukraine · Kyiv · 6 months · Advanced/Fluent ·Published 23 April
Git basic knowledge, Linux, Kali Linux, Bash basics
Experience in performing: Accessibility Testing,
Acceptance Testing, Black Box Testing, End to End Testing, Functional Testing, Performance Testing, Regression Testing, Sanity Testing, Smoke Testing, API testing
Tools: Jira, Confluence, Lambatest, Azure DevOps
Acunetix, Chrome dev tools, TestRail, JMeter, axe Dev tools, TestLodge, Lighthouse, Browserstack, SauceLabs,
TestFlight, Postman, Insomnia, Katalon Studio, Figma, Zeplin, Kibana, iMazing2, Android Studio,
VMware Workstation, Stripe, Mouseflow, Bugsnag, Nmap
Soft skills: excellent communication skills, stress resistance along with high workability, reliable, result-driven, teamwork, and interpersonal skills, ready to cope with multitasking and tough deadlines, experience in mentoring and onboarding new members of the team
Have experience in different projects types such as e-commerce, gambling, blockchain
Managed and onboarded a team of 3 QA within 1 month
$3000 / mo
≈ $36000 / year net
System Administrator
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 19 April
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 19 April
$3500 / mo
≈ $42000 / year net
SOC Analyst/Engineer SIEM/SOAR Engineer
Ukraine · Kyiv · 5 years of experience · Advanced/Fluent ·Published 15 April
Ukraine · Kyiv · 5 years of experience · Advanced/Fluent ·Published 15 April
- Microsoft 365 Security incident response and investigation, custom detection rules creation(Defender for Endpoint, Defender for Identity, Defender for O365);
- L1 Analysts mentoring;
- Incident response, reporting and mitigation activities development;
- Ariel Query Language knowledge, capable of writing complex logic/rules, content for API requests or automation via SOAR;
- Kusto Query Language knowledge for advanced investigations in MS 365 Security, Threat Hunting, API requests or SOAR automation;
- Manual Playbooks creation for routine tasks performed by L1 Analysts;
- Automated Playbooks creation for SOAR (SIEMplify).
- created 4 automated playbooks that significantly reduce alert processing time
- coded 5 integrations to collect/send information from/to SOAR
- assisted in development of 30+ playbooks for different tasks/systems/automation levels
- managed connectors and integrations, debugged errors
SIEM experience:
- created 30+ rules of different complexity
- created automated SLA analytics reporting
- edited parsers and created parsing patterns for non-standard log sources
- assisted in creation and optimization of 40+ rules
- created custom AQL querries for reporting and fast information gathering
Incident Response experience:
- took part in more than 20+ incidents as part of incident responce team or the only incident responder
- provided instructions to mitigate malware infections, web site breach, DDoS
- took part in mitigation of unsactioned access, brute forces/password spraying, as part of the team
SOC analyst:
- took part in 100+ incidents investigations
- provided detailed reports for major incidents
- provided mitigation instructions to prevent similar incidents
Mentoring:
- mentored 3 SOC Analysts on all SOC-related work directly
- teached 10 SOC Analysts on speceific topics with mini-lectures with practical tasks
Earned certificates:
- CompTIA Security+
- SC-900
- AZ-900
- IBM Qradar Certified Analyst
- SIEM/SOAR content creation and debugging;
- Incidents investigation via SIEM or other systems with logging (MS 365 Security suite etc.);
- Query writing (AQL, KQL) for complex rules/logic, API requests or SOAR automation;
- Education (courses for used instruments and general security courses);
- Trainees/L1 Analysts mentoring;
- SOAR Playbooks creation and using other means for automation.
What I do NOT want:
- night shifts
- work in an international sponsor of war company (Raiffeisen Bank, Metro etc.)
- any work that requires speaking or writing in russian language.
$600 / mo
≈ $7200 / year net
Penetration Tester
Ukraine · Kyiv · No experience · Advanced/Fluent ·Published 12 April
Ukraine · Kyiv · No experience · Advanced/Fluent ·Published 12 April
Utilized Active & Passive reconnaissance methods, including OSINT
Performed Penetration Tests on Web, Network (Internal & External), operating systems, and Wi-Fi
Hands-on experience with vulnerability scanning tools such as OWASP ZAP, Acunetix, Metasploit, Nessus
Conducted Vulnerability Assessments using Metasploit and manual vulnerability exploitation tools like BurpSuite
Implemented Lateral Movement and Privilege Escalation Methods on Windows and Linux systems
Executed Windows Buffer Overflows
Applied Password Cracking techniques
CompTIA Pentest+ and Security+ certified
AWS Certified Cloud Practitioner
PEN 100 certification from Offensive Security
Completed HTB Pro Labs: Dante
Achieved "Hacker" rank on Hack The Box
$6000 / mo
≈ $72000 / year net
Information Security and Compliance Manager
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 8 April · In passive search
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 8 April · In passive search
My experience entails 5 certified companies by ISO27001, HIPAA and SOCv2.
I am strong in information seсecurity risk management, building IT and cybersecurity processes like access manageement, incident management, vulnerability management etc.
Also effective communication to top-management regarding communication information security risks that alligned with a company risks.
$4500 / mo
≈ $54000 / year net
CIO, CISO, IT and cybersecurity consultant
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 April · In passive search
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 April · In passive search
Experience in the field of information security - 16 years (of which 12 years - managerial positions, in particular, five years - as CISO). Managed and supervised a team of 60+ information security specialists and engineers.
Five years of CIO experience. Managed and supervised a team of 100+ information technology specialists and engineers.
Ph.D. in Physical and Mathematical Sciences. Two master's degrees (in cybernetics and banking).
The main functions performed as CIO and CISO:
Strategic planning and management of goals, teams, and projects;
Developing and enforcing regulations and policies to be followed within the organization;
Building the organization's infrastructure and ensuring the correct set of tools and resources;
Planning, deployment, and maintenance of systems and operations;
Planning, managing, and overseeing the budget and procurement of equipment and services;
Managing relationships with stakeholders, suppliers, contractors, and service providers;
Governance, Risk management, and Compliance;
Providing the necessary skills for employees;
Knowledge of security threats/risks, building a security system in such a way that it can quickly respond, recover and be resistant to cyber threats.
Transformation of information technologies and information security departments;
Formation of a project portfolio and management of information technology and information security projects;
Implementation of new and modernization of existing information systems and information security systems;
Provision of backup and migration information systems to cloud service (Amazon Web Services);
Organization of the Information Security Management System implementation process by standards line ISO/IEC 270**;
Implementation of information security and event management system (SIEM, IBM QRadar)
Implementation of a system for detecting and preventing network attacks (IPS, IBM Proventia, NextGen IPS, Host IPS);
Implementation of a system for detecting and preventing network attacks for wireless networks (WIPS, Aruba Networks);
Implementation of a system for analyzing and filtering the content of Internet users (secure web gateway, Websense Web Security);
Implementation of a firewall system (Cisco ASA, ACS, Firepower) and secure email gateway (Cisco SEG);
Implementation of remote administrative access control and audit system (Balabit CSB);
Implementation of a Key Certificate Authority (PKI).
$4500 / mo
≈ $54000 / year net
Security Engineer
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 April · In passive search
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 3 April · In passive search
• Integrations and automations
• Data analysis, correlation and enrichment
• Guides, KB articles, security trainings
• Threat modelling
• Consultancy services, technical trainings, workshops
$8500 / mo
≈ $102000 / year net
Information Security Director/CISO/Program/Delivery Manager
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 2 April · In passive search
Ukraine · Kyiv · More than 10 years of experience · Advanced/Fluent ·Published 2 April · In passive search
I am also experienced in managing a large team of security subject matter experts and engineers, who conduct vulnerability assessments, penetration testing, code review, and software composition analysis for the company's web and mobile applications, using tools such as Microfocus Fortify and WebInspect.
As a subject matter expert and a certified CISM, I am passionate about helping companies build strong and comprehensive cybersecurity strategies that anticipate and prevent potential threats and damage to their businesses. I also have a strong background in modern technologies, which enables me to understand and address the complex and evolving security challenges in different production industries.
• Plan, establish, and manage cyber security processes, methods, approaches, and activities needed for all aspects of the organisation’s cyber security and safety.
• Conduct information security audits and ensure compliance with regulatory requirements and security standards such as GDPR, ISO 27001, and others.
• Develop and implement security policies and procedures, provide employee training, and raise awareness about Security practices.
• Creating and Managing the Application Security Program from scratch and implemented throughout the enterprise;
• Formulating and implementing monitoring, policies, procedures and standards relating to application security;
• In-House Fortify SSC and WebInspect Enterprise Infrastructure deployment for POC and PRODUCTION environments;
• Integrating Fortify SSC (SAST) and Fortify WebInspect Enterprise (DAST) into CI/CD pipeline;
• Operationalizing the SAST and DAST tooling – performing SAST and DAST assessments on the regular basis;
• Performing Vulnerability Validation / False Positive Analysis on automated tools findings and working with developers to remediate them;
• Documenting the Secure Coding Guidelines and Misuse Cases / Checklist for Manual Penetration Testing;
• Cloud infrastructure (Azure, AWS) security – conducting the cloud infrastructure security assessments on the basis;
• Implementing SOC 2 Type II requirements and obtaining the SOC 2 Type I and II audit certificate for the organization;
• Implementation of the Non-Financial Risk Management Framework & Information Security Management System (ISMS) in accordance to ISO 27000:2017 and ISO 31000 Standards;
• Company Certification according to ISO 27001:2017;
• The implementation the Crisis & Business Continuity Management Framework according to ISO 22301 Standard;
• The implementation of Personal Data protection processes in line with GDPR, Privacy Shield and CCPA regulation;
• Kubernetes cluster core security concept initial defining and implementation;
- 1(current)
- 2