Jan 2024 – Present · 2 yrs 4 mos · St Petersburg City, Russia · Remote

• In 2023, there was an incident in the company where I played a key role in mitigating the consequences and leading a team of people, as my knowledge and experience were very useful in this situation. Officially, I did not work for Helix and interacted indirectly before this, mainly on issues of secure software development. In January, a mutually beneficial collaboration was concluded, and I was officially employed by the second company part-time.
• Initially, the tasks were similar to Medlinx, but with the emphasis that this was not a startup but a large company operating in different countries.
• Key and additional distinctions:
• Substituted for the CISO while a new one was being sought.
• Tasks included SOC1, SOC2, incident response, and the development of a risk mitigation strategy with extended parameters: people risk management, phishing sites, and monitoring corporate leaks (using both my own solutions and solutions developed jointly with partners at passleak.com)
• Direct interaction with the business, conveying and implementing ideas that impact the company's security.

Feb 2022 – Present · 4 yrs 3 mos · St Petersburg City, Russia

• Implementing from scratch DevSecOps/AppSec practices, including software and hardware complexes and tools for medicine. Collaborate with part of projects from helix.ru, medlinx.ru, helzy.ru for partial code review, implementation of security methodologies and regulations, actively participate in improving incident response plan practices. (SOC).
• SSDLC process in micro-service and legacy monolithic architecture (Risk assessment,ASPM, vulnerability management, Supply Chain Attacks security, leveraging automated security analysis integrated within our development workflow and working to improve the accuracy and coverage of these tools like refining and tuning rules for SAST, QualityGate, SAST,DAST,SCA,IAST) focusing on TTM.
• Interacting with a DevOps team, project managers and product owners on programming teams to include security practices in their workflows, considering TTM. Implementation and improvement processes of containers and k8s security
• Analysis, SAST,DAST pentest of mobile applications for vulnerabilities (iOS, Android), include API tests, backend logic.
• Pentests (Web, API, ACL, Auth, Clouds, architecture logic), developing new automation and tooling to improve our detection and prevention capabilities of attacks.
• Automation of routine work processes (python, bash)
• Threat modeling, risk management, forming requirements and security recommendations as a
• subject matter expert for dev teams during all phases of development
• Developing secure code practices, documentation, based on workflow and provide hands-on training
• to developers and quality engineers. Building a security champions program in Dev teams.
• Incremental implementation of ZeroTrust security model and ShiftLeft Security based on best from
• BSIMM and SAMM assurance programmes.
• Technology Stack: C#, C++, .NET, Scala, Python, asm, Swift, Kotlin, ML

Apr 2021 – Feb 2022 · 10 mos · St Petersburg City, Russia

• company now has moved to Cyprus
• Managed the Secure Software Development Life Cycle (SSDLC) process within a microservice architecture, including code review with security reports, QualityGate implementation, and CI/CD integration of various security scanners such as DAST (Acunetix, ZAP, Burp Suite), SAST (Checkmarx with rule refinement, Fortify, SonarQube, Coverity), SCA (JFrog Xray, Snyk), and software fuzz testing, along with penetration tests.
• Analysis of mobile applications for vulnerabilities (MASTG) (iOS, Android), integrated within CI/CD pipelines for seamless security testing.
• Automated routine processes to improve efficiency and productivity.
• Utilized threat modeling techniques and crafted Software Requirements Specifications to provide security recommendations as a subject matter expert for development teams throughout all phases of development.
• Bug Bounty support to enhance the overall security posture of the company.
• My main achievement is creation and support of an employee awareness program, focusing not only on HiTech specialists, but for any employee. In this case, my extensive experience in running IT channels aimed at a general audience came in handy. The program proved to be highly effective and as a result improved the company's safety related to the human factor.
• And another achievement was optimization of security scanners process, which has saved for business tens of thousands dollars per year.
• And as a separate point, I would like to highlight that as an active user of Checkmarx products, I have found a significant number of bugs in their functionality(cx-flow), which I consistently reported to the company through my teamlead. Critical bugs that had a significant impact on development, I resolved myself, as it took quite some time for Checkmarx to address them.

Jan 2020 – Apr 2022 · 2 yrs 3 mos · Moscow, Moscow City, Russia

• My main task was to research for zero day vulnerabilities in software and then writing articles (after 90 days vulnerability disclosure policies) to improve company reputation. I also engaged in research activities in the field of business process development and increasing company revenues.
• Conducted security audits for web, API, cloud, and mobile applications. Took part in code audits and penetration tests of large projects in Israel as a Elementor, Moovit, Capital Motors
• Automated routine tasks and performed penetration testing using Python, Selenium, Acunetix API, ZennoPoster, and ZennoDroid.
• Technical writer (ENG, RU)- wrote professional reports for our clients based on conducted audits, provided recommendations for vulnerability remediation and monitored the implementation of these recommendations
• Led cyber threat investigations to identify root causes of incidents and address unauthorized access, including remediation of websites from backdoors and viruses.
• I deployed and maintained security solutions from scratch, including DAST, SAST, IAST. Additionally, I authored custom rules for Checkmarx, developed custom extensions for Burp, and integrated the Acunetix API.
• Vulnerability research engineer include reverse engineering
• My notable achievement includes developing a fully automated process to discover zero-day vulnerabilities in popular CMS platforms and their plugins, including Joomla, WordPress, Drupal, and osCommerce.

Sep 2019 – Jun 2022 · 2 yrs 9 mos

• Roundsec and CobWeb are two companies with two co-founders (Amil and Semjon) who are friends with each other. Since I am very familiar with the founders and also friends with them, I actively participated in the development of these companies not as an ordinary employee, but as a full-fledged partner. Currently, these two companies have merged into one.
• Similar to roundsec.io with priority on customer security consulting (subcontracting).
• Leadership skills helps me take charge during projects in order to meet all important deadlines.

Sep 2019 – Jun 2022 · 2 yrs 9 mos

Mar 2018 – Aug 2019 · 1 yr 5 mos · Saudi Arabia

• My main task was to establish a new department, similar to the department in the USA, with expanded responsibilities Under my leadership, I oversaw a team of individuals and carried out the following tasks:
• Management and training of subordinates, task delegation in the development of anti-fraud measures, database enrichment for leak monitoring (similar to Have I Been Pwned, leakcheck, http://hudsonrock.com only include CreditCarts fraud).
• Comprehensive code audits and penetration testing for government entities in Dubai and Singapore.
• Automation of data collection, analysis and parsing BigData from various sources.
• Open Source Intelligence (OSINT), social engineering, development and refinement of software for criminal identification (including participation in HiTech incident investigations). Research activity in the field of 0day vulnerabilities and methods of de-anonymizing criminals (darknet, drugsellers, credit-carts fraud). I have significantly improved my skills in searching for information, creating honeypots, trap-bots, and methods of deanonymizing criminals, including those using Tor.
• After successfully completing the tasks assigned to me, my contract ended, and thus our successful collaboration concluded. During my time at the company, I significantly developed skills in social engineering and analysis of large volumes of data in various formats.

Jan 1999 – Present · 27 yrs 4 mos

• Before my official employment in companies, I spent a significant part of my life working on personal projects or as a contractor. The scope of my work was quite extensive, ranging from software reverse engineering to auditing government websites. Some of these projects were done in collaboration with the antichat team at https://rebz.net/ and government contracts from https://ic-cs.ru/ (see recommendation letters)
• Thanks to this, I have extensive practical experience, which enables me to establish mutually beneficial partnerships with collaborators to solve the majority of tasks.