Начальник підрозділу інформаційної безпеки/кіберзахисту - 5573

QUALIFICATION Professional with 25 years of experience in the field of information security (IS), cyber security:
15 years of experience in managing the unit (20 administrators / technologists), creating teams to protect IT resources.
Implementation of security protection, network protection perimeters, construction of multilevel anti-virus protection, including Sandbox, systems for counteracting the loss of confidential information, detection and analysis of vulnerabilities.
Implementation of international standards and recommendations for information security management (ISO / IEC 27001/27002, PCI DSS, SWIFT Customer Security Controls Framework), analysis of business process security.
Centralization of management of IS systems.
Construction of security systems, cyber defense in the corporate network, including means of TCI / CCI, KSZI, CSC.
MAIN TASKS- Analysis, control of cybersecurity and IS, analysis of IS incidents and events.
- Planning / control of the unit, cost estimates for IS, organization of IS training, control of work on KZI / TZI.
- Creation of technical tasks on development / implementation of new IT systems for providing KZI / TZI, coordination of schemes of data flows and access to resources of a computer network, control of segmentation of a network.
Support for IS policy and effective operation of cyber security systems.
- Implementation and maintenance of standards DSTU ISO / IEC 27001/27002 2015, PCI DSS, SWIFT CSCF.
Control of leakage of confidential information, participation in incident investigations.
ACHIEVEMENTS A multi-level centralized cyber security system has been implemented on Bitdefender, TrendMicro, Check Point products (cyber attack on June 27, 2017 "Petya" disabled only 9 computers out of 4500) in the central office, branches, offices.
Promptly in 2020 introduced a system of remote access to more than 2,200 employees on Check Point products.
Implemented and maintained by ISMS according to the standard DSTU ISO / IEC 27001/2:
2015, (all top-level ISMS documents created, training program developed).
The annual audit confirms compliance with the requirements of the PSI DSS standard (for 2020 version 3.
2.
1).
Constructed CSC using the standard x.
509 on RSA, and registered with the NBU Implemented system of collection and analysis of IS events:
SIEM ELK.
A single module for protection of branch and central office channels has been implemented (on-line antivirus protection of HTTP, HTTPS, FTP, e-mail, spam protection, DLP, Firewall has been implemented).
Implemented and supported by WAF for web servers, financial portals.
Regular auditing of servers and quarterly vulnerability scanning of active network devices, PEN test.
An audit of the scan results and the rights of users of different systems (SAB, OS).
Implemented IDS system.
Technical support of devices for authentication and storage of crypto keys USB Token, administration of HSM Thales and Safe Net, systems for documenting telephone conversations, systems for documenting the actions of administrators. Comprehensive measures have been developed to protect information from leakage of confidential information.