P

Petr Zuzanov

DevOps Engineer

Haifa, Israel15 yrs 8 mos experience
Highly Stable

Key Highlights

  • Expert in cloud-native security and adversary behavior analysis.
  • Led Red Team in high-stakes cyber competitions.
  • Developed open-source tools for cloud security assessment.
Stackforce AI infers this person is a Cybersecurity expert specializing in cloud-native security and incident response.

Contact

LinkedIn

Skills

Core Skills

Cloud-native SecurityAdversary Behavior AnalysisRed Team LeadershipSecops LeadershipSecops ManagementTrading Software EngineeringSecurity Engineering

Other Skills

SecurityCloud Detection & ResponseKubernetesDetection logicOpen-source developmentCloud securityRed TeamingCTFIncident responseSecOpsCloudOpsSecurity architectureTrading systemsSystem maintenanceCustomer training

About

As Principal Security Researcher at Stream.Security, I develop advanced detection logic and execute realistic attack simulations to strengthen the Cloud Detection & Response (CDR) product. My work focuses on analyzing malicious behavior in cloud and Kubernetes environments, ensuring effective detection mechanisms by leveraging real-world data from customer incidents. With over seven years of Blue and Red Team leadership experience and multiple industry-recognized certifications, including OSEP and OSCP, I specialize in cloud-native security, adversary behavior analysis, and enterprise security architecture. My mission is to enhance organizational resilience by transforming live threat intelligence into actionable security insights.

Experience

15 yrs 8 mos
Total Experience
4 yrs 11 mos
Average Tenure
10 mos
Current Experience

Stream.security

Principal Security Researcher

Jul 2025Present · 10 mos · Tel Aviv District, Israel

  • Lead research and development of advanced detection logic for malicious activity across cloud platforms and Kubernetes environments, directly contributing to the effectiveness of the Cloud Detection & Response (CDR) product.
  • Design and execute realistic attack simulations in cloud and containerized environments to emulate adversary behavior and collect high-fidelity telemetry for detection validation and improvement.
  • Continuously analyze live attack activity observed in customer environments, transforming real-world incident data into new detection rules, heuristics, and product enhancements.
  • Conduct threat research and adversary behavior analysis focused on cloud-native attack techniques, persistence mechanisms, lateral movement, and privilege escalation.
  • Support customers during active security incidents and threat hunting engagements, providing deep technical guidance across cloud and Kubernetes infrastructures.
  • Collaborate closely with detection engineering, product, and response teams to operationalize research findings into scalable, production-ready detections.
  • Evaluate detection coverage and blind spots across cloud workloads, control planes, and identities, with a focus on reducing false positives while improving attack fidelity.
  • Author and maintain CDRGoat, an open-source tool for assessing cloud security posture and detection readiness, published on GitHub and used to validate CDR capabilities in real-world scenarios.
SecurityCloud Detection & ResponseKubernetesAdversary behavior analysisDetection logicCloud-native security

Ringcentral

4 roles

SecOPS Architect

Promoted

Jul 2023Jun 2025 · 1 yr 11 mos

  • Technical leadership for SecOps, CloudOps, and SRE teams across a hybrid on-premises and cloud infrastructure.
  • Led incident response activities across SOC Tier 1/2/3, including executive reporting, enforcement of corporate incident response procedures, coordination of containment actions, and forensic analysis.
  • Designed and evolved enterprise security architecture across multiple layers, including on-premises and cloud networks, endpoints, AWS/GCP/Azure, Kubernetes, databases, and supporting platforms.
  • Defined and maintained a rolling 2-year security roadmap aligned with business and risk management objectives.
  • Sponsored and governed security initiatives, negotiating priorities and resource allocation with engineering and business stakeholders.
  • Supported external security and compliance audits, including SOC 2, C5, PCI DSS, FedRAMP, and HITRUST, acting as a technical subject matter expert during auditor interviews.
  • Led continuous improvement of SIEM capabilities, including development and tuning of custom correlation rules across hybrid environments.
  • Led network security hardening, vulnerability management, and exposure reduction programs spanning on-premises and cloud assets.
  • Delivered security training and onboarding for technical and non-technical staff.
SecOpsCloudOpsIncident responseSecurity architectureSecOps leadership

SecOPS Manager

Promoted

Jan 2022Jun 2023 · 1 yr 5 mos

  • Team- and Tech- leading for 20 engineers spread all over the world
  • Leading of response to security incidents on 1/2/3 SOC levels (reporting to management, control actions taken follow the corp security response plan, forensic analytics, etc)
  • Designing the corporate security on multiple levels (network, endpoints, databases, etc)
  • Keeping security roadmap updated for the next 2 years
  • Sponsoring security projects, negotiating the priorities
  • Assisting in Security audit interviews (SOC2, C5, PCI DSS, FedRAMP, HITRUST, etc)
  • Leading continuous development and upgrades for SIEM custom correlation rules
  • Leading Network protection and Vulnerability management projects
  • Staff training/onboarding
SecOpsIncident responseSecurity architectureSecOps management

SecOPS TeamLead

Promoted

Jan 2021Dec 2021 · 11 mos

Sr. Security Engineer

Aug 2019Dec 2020 · 1 yr 4 mos

Spbctf

RedTeam Leader

Feb 2019Present · 7 yrs 3 mos · Israel · Remote

  • Team Captain of a Red Team competing in “The Standoff”, a large-scale, multi-day attack–defense cyber range simulating a real city infrastructure.
  • Unlike traditional CTFs focused on flag capture, The Standoff requires teams to execute realistic offensive objectives, including:
  • Exfiltrating confidential data
  • Compromising Active Directory and Kubernetes clusters
  • Attacking cloud and enterprise infrastructures
  • Disrupting industrial and critical systems (e.g., power grids, manufacturing, SCADA environments)
  • The tournament runs continuously for 4 days, featuring:
  • 8 virtual companies representing different industries
  • 500+ hosts and services
  • 200+ attack objectives
  • ~20–30 Red Teams compete to maximize impact, while a dedicated Blue Team actively monitors, detects, and mitigates attacks; EDR and security controls are always enabled and updated, closely mirroring real-world conditions.
  • Team Results:
  • 2025 — 6th place
  • 🥉 2024 — 3rd place
  • 2023 — 5th place
  • 2022 — 5th place
  • 🥉 2021 — 3rd place
  • 2020 — 4th place
  • 2019 — 5th place
Red TeamingCTFIncident responseRed Team leadership

Itiviti

Trading software engineer

Jul 2018Aug 2019 · 1 yr 1 mo · Санкт-Петербург, Россия

  • Tbricks trading systems maintenance, installation, configuration, and troubleshooting/investigation, which includes:
  • discussing and planning required system setup (e.g. required hardware, network topology, system components layer)
  • cases analysis and prioritization
  • collecting of all required information to solve the problem/speed up issue-resolving and investigation
  • customer training and education on all aspects of the trading system (including trading system.
Trading systemsSystem maintenanceCustomer trainingTrading software engineering

Sberbank

4 roles

Sr. Security Engineer

Promoted

Apr 2016Jul 2018 · 2 yrs 3 mos

  • Assisting with team-leading
  • Acting as SOC 3 level on security incidents for the network part
  • Developing and continuously updating SIEM coloration rules
  • Leading the DDoS protection and Network IDS projects
  • Designing the network security of Production (Data Center) and Corp (Office) environments
  • Security network devices managing (Cisco, Huawei, CheckPoint, Arbor, Juniper)
  • Staff training/onboarding
Security engineeringSIEMNetwork security

Security Engineer

Jan 2011Mar 2016 · 5 yrs 2 mos

Junior Security Engineer

Mar 2010Dec 2010 · 9 mos

Intern IT engineer

Oct 2008Feb 2010 · 1 yr 4 mos

Education

Saint Petersburg University of Telecommunications

Master's degree — Information Technology

Sep 2005Jun 2010

Stackforce found 15 more professionals with Cloud-native Security & Adversary Behavior Analysis

Explore similar profiles based on matching skills and experience

Jon Zeolla

Jon Zeolla

Founder

at Zenable.io

Pittsburgh, USA16 yrs 10 mos exp
Taradutt Pant

Taradutt Pant

Principal Solutions Engineer I Container • Kubernetes • Cloud-Native • CNAPP

at Sysdig

India18 yrs 6 mos exp
Cloud SecurityCybersecurityDevSecOpsVulnerability ManagementRisk Assessment
Sourov Ghosh

Sourov Ghosh

Senior Security Engineer

at Microsoft

Hyderabad, India8 yrs 10 mos exp
Application SecurityNetwork SecurityPenetration TestingSecurity AutomationWeb Application Security
Harsha Koushik

Harsha Koushik

Senior Product Manager

at Netenrich, Inc.

Hyderabad, India6 yrs exp
Cloud SecurityDetection EngineeringDevSecOpsNetwork SecurityProduct Strategy
Rory McCune

Rory McCune

Senior Security Researcher & Advocate

at Datadog

Cupar, United Kingdom31 yrs 3 mos exp
Cloud SecurityContainerizationApplication Security
Chandrapal Badshah

Chandrapal Badshah

Cloud Security Consultant

at Freelance

Bengaluru, India9 yrs 10 mos exp
Cloud SecurityAWS SecuritySecurity ResearchTeam ManagementProduct Security
YG

Yasir Gilani

Digital and Security Transformation

at attackthe.cloud

London, United Kingdom17 yrs 6 mos exp
Cloud SecurityArchitectureStorageBackup
PD

Pradip Das

Solution Engineer - Security

at Microsoft

Dubai, United Arab Emirates10 yrs 9 mos exp
Cloud Security ArchitectureKubernetes SecurityMicrosoft SentinelSIEMPre-Sales Consulting