Ukraine's #1 job site
- File
Роман
Cyber security specialist (GRC ISO27001, інформаційна безпека, ІТ-аудитор)
- Age:
- 29 years
- City:
- Lviv
Contact information
The job seeker has entered a phone number and email.
Name, contacts and photo are only available to registered employers. To access the candidates' personal information, log in as an employer or sign up.
You can get this candidate's contact information from https://www.work.ua/resumes/13033861/
Uploaded file
Quick view
version
This resume is posted as a file. The quick view option may be worse than the original resume.
Cyber security specialist (GRC)
Roman Osint
mobile phone: [open contact info ](look above in the "contact info" section) (Telegram, Viber - you can also contact me on saturday
and sunday )
e-mail: [open contact info ](look above in the "contact info" section)
linkedin: [open contact info ](look above in the "contact info" section)
Experience
ISMS Manager
Ukraine - NDA
10/24 – Present - Full-time
Responsibilities:
● Implementing ISO 27001 from scratch for a critical infrastructure object
(ISMS)
● Developing information security policies and procedures
● Conducting risk assessments and implementing mitigation strategies
● Monitoring compliance and conducting audits
● Implementing security controls
● Conducting employee training and awareness programs
● Planning disaster recovery strategies
GRC Team Lead
Ukraine - NDA
5/24 – 10/24- Full-time
Responsibilities:
● Leading and mentoring the GRC team
● Ensuring regulatory compliance
● Conducting audits
● Developing information security policies and procedures
● Performing risk assessments and implementing mitigation strategies
Cybersecurity Consultant
Germany, Discontia GmbH – PRINTEGI
10/23 – 11/23 - Freelance (one-time project)
Responsibilities:
● Cybersecurity risk management
● Developing an incident response plan
● Creating a disaster recovery plan
● Creating a RACI matrix
● Creating documentation about backup and passwords
● Conducting a cloud environment security review
● Conducting cybersecurity awareness training (phishing, smishing, etc.)
● Providing cybersecurity consultancy, including:
- Opening potentially malicious files and links in virtual machines and
sandboxes (desktop and web versions)
- secure sending of email, email protection, DDoS prevention, etc.
GRC Consultant
Denmark - NDA
7/23 – 10/23 - Freelance (one-time project)
Responsibilities:
● Developing ISO 27001 policies and procedures
● Working with AWS and writing procedures
● Creating and managing a RACI responsibility matrix
Providing consultations on:
- procedures and policies;
- work with backup
Sales - Team Lead
Ukraine - Discover LV
4/16 – 02/22 Full-time
Responsibilities:
● Leading the sales team: recruitment, selection, training, and mentoring of
employees
● Searching for and engaging new clients
● Communicating with clients in Ukrainian, English, Polish, and Russian
● Handling complex client issues, especially those unresolved by other managers
● Selling company services
My KPI was the highest among all other employees - outgrew the mentor very quickly -
overall this is one of my strong achievements - later I led the team.
Familiarity with
● OSI, TCP\IP network model
● DNS, TLS, SSL, IPv4, IPv6, FTP, WS, HTTPS, SNMP, SMTP, POP3, IMAP,
ARP, NDP, ICMP, DHCP, RIP, OSPF, BGP, EIGRP, TCP, UDP, SSH etc - main
network protocols understanding
● Main cyber threats understanding (Phishing (different types), DoS/DDoS,
Pharming, Malware, MITM, Ransomware, Trojan etc )
● GRC:
● Strong knowledge ISO 27001:2022 + ISO 27002:2022; ISO 27005
● ISO 27017:2015, ISO 27018:2019
● ISO 9001:2015
● ISO 19011: Guidelines for auditing management systems
● ISO 38500 IT. Governance of IT for the organization
● ISO 20000-1 IT. Service management
● GDPR, NIST CSF, COBIT 5, PCI DSS, NBU №95, DORA
● Writing Policies and Procedures
● Risk management
● Vendor \ third-party risk management lifecycle
● Testing employees for phishing attacks and other cybersecurity awareness
activities. (www.knowbe4.com platform).
● Training for employees and consulting on information security
● Disaster recovery, RPO, RTO
● ACS - Access Control System \ СКУД
● FDAS - Fire Detection And Alarm System \ ОПС
● CCTV - Closed-circuit television\ Video monitoring \ СВН
Completed courses
● Security+
● SSCP ( Access Controls* )
● CSA+ ( Cybersecurity Analyst )
● CASP+ ( Governance Risk and Compliance* )
● CCNA ( Cisco Certified Network Associate (Netacad))
● Google Cybersecurity ( Professional Certificate - 8 course series )
● CISA (Certified Information Systems Auditor) - in progress
● ISO 27001 Lead Auditor - in progress
● ISO 27001 Lead Implementer - in progress
● CCSP - Certified Cloud Security Professional - in progress
Languages:
● Ukrainian - native
● English - B2 (Upper-Intermediate)
● Polish- B1
About Me: I like jazz, radioelectronics, chess, sports and creative photography.
Roman Osint
mobile phone: [
and sunday )
e-mail: [
linkedin: [
Experience
ISMS Manager
Ukraine - NDA
10/24 – Present - Full-time
Responsibilities:
● Implementing ISO 27001 from scratch for a critical infrastructure object
(ISMS)
● Developing information security policies and procedures
● Conducting risk assessments and implementing mitigation strategies
● Monitoring compliance and conducting audits
● Implementing security controls
● Conducting employee training and awareness programs
● Planning disaster recovery strategies
GRC Team Lead
Ukraine - NDA
5/24 – 10/24- Full-time
Responsibilities:
● Leading and mentoring the GRC team
● Ensuring regulatory compliance
● Conducting audits
● Developing information security policies and procedures
● Performing risk assessments and implementing mitigation strategies
Cybersecurity Consultant
Germany, Discontia GmbH – PRINTEGI
10/23 – 11/23 - Freelance (one-time project)
Responsibilities:
● Cybersecurity risk management
● Developing an incident response plan
● Creating a disaster recovery plan
● Creating a RACI matrix
● Creating documentation about backup and passwords
● Conducting a cloud environment security review
● Conducting cybersecurity awareness training (phishing, smishing, etc.)
● Providing cybersecurity consultancy, including:
- Opening potentially malicious files and links in virtual machines and
sandboxes (desktop and web versions)
- secure sending of email, email protection, DDoS prevention, etc.
GRC Consultant
Denmark - NDA
7/23 – 10/23 - Freelance (one-time project)
Responsibilities:
● Developing ISO 27001 policies and procedures
● Working with AWS and writing procedures
● Creating and managing a RACI responsibility matrix
Providing consultations on:
- procedures and policies;
- work with backup
Sales - Team Lead
Ukraine - Discover LV
4/16 – 02/22 Full-time
Responsibilities:
● Leading the sales team: recruitment, selection, training, and mentoring of
employees
● Searching for and engaging new clients
● Communicating with clients in Ukrainian, English, Polish, and Russian
● Handling complex client issues, especially those unresolved by other managers
● Selling company services
My KPI was the highest among all other employees - outgrew the mentor very quickly -
overall this is one of my strong achievements - later I led the team.
Familiarity with
● OSI, TCP\IP network model
● DNS, TLS, SSL, IPv4, IPv6, FTP, WS, HTTPS, SNMP, SMTP, POP3, IMAP,
ARP, NDP, ICMP, DHCP, RIP, OSPF, BGP, EIGRP, TCP, UDP, SSH etc - main
network protocols understanding
● Main cyber threats understanding (Phishing (different types), DoS/DDoS,
Pharming, Malware, MITM, Ransomware, Trojan etc )
● GRC:
● Strong knowledge ISO 27001:2022 + ISO 27002:2022; ISO 27005
● ISO 27017:2015, ISO 27018:2019
● ISO 9001:2015
● ISO 19011: Guidelines for auditing management systems
● ISO 38500 IT. Governance of IT for the organization
● ISO 20000-1 IT. Service management
● GDPR, NIST CSF, COBIT 5, PCI DSS, NBU №95, DORA
● Writing Policies and Procedures
● Risk management
● Vendor \ third-party risk management lifecycle
● Testing employees for phishing attacks and other cybersecurity awareness
activities. (www.knowbe4.com platform).
● Training for employees and consulting on information security
● Disaster recovery, RPO, RTO
● ACS - Access Control System \ СКУД
● FDAS - Fire Detection And Alarm System \ ОПС
● CCTV - Closed-circuit television\ Video monitoring \ СВН
Completed courses
● Security+
● SSCP ( Access Controls* )
● CSA+ ( Cybersecurity Analyst )
● CASP+ ( Governance Risk and Compliance* )
● CCNA ( Cisco Certified Network Associate (Netacad))
● Google Cybersecurity ( Professional Certificate - 8 course series )
● CISA (Certified Information Systems Auditor) - in progress
● ISO 27001 Lead Auditor - in progress
● ISO 27001 Lead Implementer - in progress
● CCSP - Certified Cloud Security Professional - in progress
Languages:
● Ukrainian - native
● English - B2 (Upper-Intermediate)
● Polish- B1
About Me: I like jazz, radioelectronics, chess, sports and creative photography.
Similar candidates
-
Адміністратор з IT-безпеки
Lviv -
Cyber security specialist
Lviv -
Cyber security specialist
Lviv -
Керівник IT-відділу
Lviv, Kyiv, Odesa -
Фахівець з кібербезпеки
25000 UAH, Lviv
Compare your requirements and salary with other companies' jobs:
The candidate's resume is posted at https://www.work.ua/resumes/13033861/