Lead cloud security team. Responsible for hiring of security engineers and SOC analyst. Development and implement company cloud security strategy. Advice the sales support team and customers about cloud security. Consult the internal software development team about security features implementations and security requirements for cloud services. Key achievements:  Completed security of first UAE public cloud project. Implement security strategy to support company business model in the region.  Manage the team of the security Engineers and Architects, report to the company’s CTO. Implement of the company security strategy using project based and personal KPIs.  Achieved range of security certifications: ISO 27001/17/18, HIPPA, CSA, PCI DSS certifications and SOC1/2/3 compliances.  Built 24/7 SOC team, including hiring of 30 analysts and implement the custom cloud native terabyte-scale SIEM solution for security data processing.

Architecture review of company systems and products, consult developers and DevOps teams about security features implementation. Advice and consult developers team about implementation details of security features. Key achievements:  The complete security architecture of on-premise company cloud platform, including security requirements and measures IPv6, Kubernetes, Jenkins, Calico.  Designed and implemented pipeline security architecture, with the integration of security tools into DevOps pipeline, containers orchestration, and automated networking.  Develop the first version of requirements and technical compliance for using public cloud infrastructure.

As part of the internal information security team, developed security requirements for IT and RnD systems and customer services, and performed an audit of implementation. I have worked with world-famous experts and SoC team in a company incident response and forensics process. Key achievements:  Changed way how system administrators perform day-to-day tasks within the Secure Infrastructure project, implemented a wide range of technical and organizational measures. The project was recognized company-wide as Project of the Year 2017 as a result of the independent penetration test.  Implemented a wide range of Active Directory specific security measures, like ESAE forest, Credentials guard, StepServers, CyberArk, and Microsoft PAM.  Migrated the company core data processing systems in the new DC of the company transparency center in Switzerland.  Reviewed procedure of provisioning company’s production systems on public clouds. As a result reduced payments for cloud providers and improved security and departments accountability.

Designed and build from scratch largest Russia IoT and automotive project, covering all federal highways and more than 1.5 million trucks. Handle all project management activity in related information security task during project development and implementation. Develop and organize the process of ongoing system support and transition of support process on the customer side, education and awareness of new hired support team. Key achievements:  Designed and build hyper-converged DC network, compute and storage solution, WAN network with few hundreds of endpoints as for data gather IoT devices as for branch offices and PoS terminals.  Network security system survived under 100Gbs DDoS, allowed to avoid SLA violation fine in $0.5M  Designed lightweight TLS-based protocol for secure communications with IoT devices over GSM channels. Protocol decreased power consumption and complexity of tracker hardware, and the end cost of every device reduced to 30%. Performed architecture for server-side encryption, to handle on over 2 million devices connections with one hardware encryption module per DC, three times reducing initial hardware cost.