• Aug 2022 - Present

• Jan 2021 - Aug 2022

Chief Information Security Officer

• Aug 2018 - Dec 2021

CISO is responsible for the design, execution, and maintenance of a Security, Risk and Cyber-operations strategy at FORM.COM SaaS services and Enterprise Solutions portfolio. CISO oversees and directs security programs and efforts across the company to ensure security is an enabler to the company’s mission. This includes developing and maintaining a security management program that governs the creation, administration, and oversight of enterprise-wide information security activities. As part of the information security program, the CISO also is responsible for the development, implementation, and management of areas including enterprise information security services, cyber resilience, information security governance, and information security risk management. Defined and executed company strategy for attaining ISO 27001:2013 certification. Show less

Security Expert

• Jul 2017 - Apr 2019

Responsible for forensic investigation as part of a world-wide global team, main focus private sector investigations in cyber domain North America, Europe, and Asia region. - Help analyze findings in investigative matters and develop fact-based technical reports detailing events over specified periods of time; - Prepare reports and documents case details, development, and outcome; - Knowledge of proper forensic investigation techniques when working with compromised system images or files; - Global mindset for working with different cultures and backgrounds; - Compliance requirements (ISO, PCI, HIPAA, NIST, SOX, GDPR). Show less

CISO

• Feb 2015 - Aug 2018

Member of the leadership team at largest Private Cloud SaaS software, responsible for all IT data protection for 200M+ individuals’ private information leading InfoSec team (employees + contractors). Governing all elements of IT Service Delivery including infrastructure (servers/storage/network), architecture, and software engineering. Driving strategy for availability (business continuity and disaster recovery), cloud security (private/hybrid/public), Security Information and Event Management(SIEM), and information security. - Advised Senior Management and Board of Directors quarterly on information security program health and industry threat landscape; - Adapted information risk management practices into company-wide adoption of Agile; - Defined and executed robust and flexible security models, extend Software Engineering with DevSecOps; - Defined and evolved enterprise crisis response playbook, leading cross-functional tabletop exercises; - Defined and executed company strategy for attaining ISO 27001:2013 certification; - Influenced strong, company-wide security culture through “just-in-time” awareness program; - Build and tune custom cases, dashboards, searches, reports on SIEM platform based on cybersecurity and business needs; - Working with the engineering and IT functional teams to conduct Security Architecture reviews and building up the application security program. Show less

Head of IT Security

• Apr 2012 - Jan 2015

Lead the security incident response process, including the ongoing monitoring of threats and vulnerabilities, and respond to major security events. Deploying a risk-based approach to project consulting, focusing the team on solutioning security based on risk. Oversees training and development of partners directly and indirectly managed and makes effective staffing decisions. Assist with developing and establishing strategic and long-range goals and direction for the Network Security area of IT Operations. Show less

Chief Specialist of IT Security

• Aug 2010 - Apr 2012

Participation in development projects in the field of information technology; Participation in the plan development, implementation, and support of new technical solutions and automate the complex system of data protection of the bank, implementing and accompaniment the software to protect against escaping of information with restricted access outside of the bank; Monitoring the protection of corporate networks, workstations and servers. Monitoring compliance with the implementation of security policies based on the AD bank policies and information security standards, regulations and other regulatory documents of the bank; Ensuring the main complex of works on protection of banking information; Ensure stability and reliability of the whole information system of the bank; Preservation of information resources and their protection against unauthorized access. Execution work by: • Implementation and maintenance of security systems of information exchange between departments of the bank, branches and subsidiaries; • Actively monitoring the state of security of computer networks of the bank; • Controlled over the use and administration of network resources; • Controlled over using the media; • Controlled of users and administrators with the banking system and AD; • Monitoring the functioning of anti-virus protection for workstations and servers; • Monitoring the timely update of system and application software for workstations and servers; • Monitoring of firewalls and proxy servers that control the use of Internet resources; • Implementation of routine operations associated with the operation of components; • Complex systems of information protection. Performing other functions relevant to the main position and following from the disposition of the work, including the current legislation of Ukraine, the NBU regulations, legal documents on labor protection. Show less

Head of IT Dept.

• Mar 2008 - May 2010

Head of IT Department Head of IT Department