Сайт пошуку роботи №1 в Україні
- Файл
Роман
Cyber security specialist (GRC ISO27001, інформаційна безпека, ІТ-аудитор)
- Вік:
- 29 років
- Місто:
- Львів
Контактна інформація
Шукач вказав телефон та ел. пошту.
Прізвище, контакти та світлина доступні тільки для зареєстрованих роботодавців. Щоб отримати доступ до особистих даних кандидатів, увійдіть як роботодавець або зареєструйтеся.
Отримати контакти цього кандидата можна на сторінці https://www.work.ua/resumes/13033861/
Завантажений файл
Версія для швидкого
перегляду
Це резюме розміщено у вигляді файлу. Ця версія для швидкого перегляду може бути гіршою за оригінал резюме.
Cyber security specialist (GRC)
Roman Osint
mobile phone: [відкрити контакти ](див. вище в блоці «контактна інформація») (Telegram, Viber - you can also contact me on saturday
and sunday )
e-mail: [відкрити контакти ](див. вище в блоці «контактна інформація»)
linkedin: [відкрити контакти ](див. вище в блоці «контактна інформація»)
Experience
ISMS Manager
Ukraine - NDA
10/24 – Present - Full-time
Responsibilities:
● Implementing ISO 27001 from scratch for a critical infrastructure object
(ISMS)
● Developing information security policies and procedures
● Conducting risk assessments and implementing mitigation strategies
● Monitoring compliance and conducting audits
● Implementing security controls
● Conducting employee training and awareness programs
● Planning disaster recovery strategies
GRC Team Lead
Ukraine - NDA
5/24 – 10/24- Full-time
Responsibilities:
● Leading and mentoring the GRC team
● Ensuring regulatory compliance
● Conducting audits
● Developing information security policies and procedures
● Performing risk assessments and implementing mitigation strategies
Cybersecurity Consultant
Germany, Discontia GmbH – PRINTEGI
10/23 – 11/23 - Freelance (one-time project)
Responsibilities:
● Cybersecurity risk management
● Developing an incident response plan
● Creating a disaster recovery plan
● Creating a RACI matrix
● Creating documentation about backup and passwords
● Conducting a cloud environment security review
● Conducting cybersecurity awareness training (phishing, smishing, etc.)
● Providing cybersecurity consultancy, including:
- Opening potentially malicious files and links in virtual machines and
sandboxes (desktop and web versions)
- secure sending of email, email protection, DDoS prevention, etc.
GRC Consultant
Denmark - NDA
7/23 – 10/23 - Freelance (one-time project)
Responsibilities:
● Developing ISO 27001 policies and procedures
● Working with AWS and writing procedures
● Creating and managing a RACI responsibility matrix
Providing consultations on:
- procedures and policies;
- work with backup
Sales - Team Lead
Ukraine - Discover LV
4/16 – 02/22 Full-time
Responsibilities:
● Leading the sales team: recruitment, selection, training, and mentoring of
employees
● Searching for and engaging new clients
● Communicating with clients in Ukrainian, English, Polish, and Russian
● Handling complex client issues, especially those unresolved by other managers
● Selling company services
My KPI was the highest among all other employees - outgrew the mentor very quickly -
overall this is one of my strong achievements - later I led the team.
Familiarity with
● OSI, TCP\IP network model
● DNS, TLS, SSL, IPv4, IPv6, FTP, WS, HTTPS, SNMP, SMTP, POP3, IMAP,
ARP, NDP, ICMP, DHCP, RIP, OSPF, BGP, EIGRP, TCP, UDP, SSH etc - main
network protocols understanding
● Main cyber threats understanding (Phishing (different types), DoS/DDoS,
Pharming, Malware, MITM, Ransomware, Trojan etc )
● GRC:
● Strong knowledge ISO 27001:2022 + ISO 27002:2022; ISO 27005
● ISO 27017:2015, ISO 27018:2019
● ISO 9001:2015
● ISO 19011: Guidelines for auditing management systems
● ISO 38500 IT. Governance of IT for the organization
● ISO 20000-1 IT. Service management
● GDPR, NIST CSF, COBIT 5, PCI DSS, NBU №95, DORA
● Writing Policies and Procedures
● Risk management
● Vendor \ third-party risk management lifecycle
● Testing employees for phishing attacks and other cybersecurity awareness
activities. (www.knowbe4.com platform).
● Training for employees and consulting on information security
● Disaster recovery, RPO, RTO
● ACS - Access Control System \ СКУД
● FDAS - Fire Detection And Alarm System \ ОПС
● CCTV - Closed-circuit television\ Video monitoring \ СВН
Completed courses
● Security+
● SSCP ( Access Controls* )
● CSA+ ( Cybersecurity Analyst )
● CASP+ ( Governance Risk and Compliance* )
● CCNA ( Cisco Certified Network Associate (Netacad))
● Google Cybersecurity ( Professional Certificate - 8 course series )
● CISA (Certified Information Systems Auditor) - in progress
● ISO 27001 Lead Auditor - in progress
● ISO 27001 Lead Implementer - in progress
● CCSP - Certified Cloud Security Professional - in progress
Languages:
● Ukrainian - native
● English - B2 (Upper-Intermediate)
● Polish- B1
About Me: I like jazz, radioelectronics, chess, sports and creative photography.
Roman Osint
mobile phone: [
and sunday )
e-mail: [
linkedin: [
Experience
ISMS Manager
Ukraine - NDA
10/24 – Present - Full-time
Responsibilities:
● Implementing ISO 27001 from scratch for a critical infrastructure object
(ISMS)
● Developing information security policies and procedures
● Conducting risk assessments and implementing mitigation strategies
● Monitoring compliance and conducting audits
● Implementing security controls
● Conducting employee training and awareness programs
● Planning disaster recovery strategies
GRC Team Lead
Ukraine - NDA
5/24 – 10/24- Full-time
Responsibilities:
● Leading and mentoring the GRC team
● Ensuring regulatory compliance
● Conducting audits
● Developing information security policies and procedures
● Performing risk assessments and implementing mitigation strategies
Cybersecurity Consultant
Germany, Discontia GmbH – PRINTEGI
10/23 – 11/23 - Freelance (one-time project)
Responsibilities:
● Cybersecurity risk management
● Developing an incident response plan
● Creating a disaster recovery plan
● Creating a RACI matrix
● Creating documentation about backup and passwords
● Conducting a cloud environment security review
● Conducting cybersecurity awareness training (phishing, smishing, etc.)
● Providing cybersecurity consultancy, including:
- Opening potentially malicious files and links in virtual machines and
sandboxes (desktop and web versions)
- secure sending of email, email protection, DDoS prevention, etc.
GRC Consultant
Denmark - NDA
7/23 – 10/23 - Freelance (one-time project)
Responsibilities:
● Developing ISO 27001 policies and procedures
● Working with AWS and writing procedures
● Creating and managing a RACI responsibility matrix
Providing consultations on:
- procedures and policies;
- work with backup
Sales - Team Lead
Ukraine - Discover LV
4/16 – 02/22 Full-time
Responsibilities:
● Leading the sales team: recruitment, selection, training, and mentoring of
employees
● Searching for and engaging new clients
● Communicating with clients in Ukrainian, English, Polish, and Russian
● Handling complex client issues, especially those unresolved by other managers
● Selling company services
My KPI was the highest among all other employees - outgrew the mentor very quickly -
overall this is one of my strong achievements - later I led the team.
Familiarity with
● OSI, TCP\IP network model
● DNS, TLS, SSL, IPv4, IPv6, FTP, WS, HTTPS, SNMP, SMTP, POP3, IMAP,
ARP, NDP, ICMP, DHCP, RIP, OSPF, BGP, EIGRP, TCP, UDP, SSH etc - main
network protocols understanding
● Main cyber threats understanding (Phishing (different types), DoS/DDoS,
Pharming, Malware, MITM, Ransomware, Trojan etc )
● GRC:
● Strong knowledge ISO 27001:2022 + ISO 27002:2022; ISO 27005
● ISO 27017:2015, ISO 27018:2019
● ISO 9001:2015
● ISO 19011: Guidelines for auditing management systems
● ISO 38500 IT. Governance of IT for the organization
● ISO 20000-1 IT. Service management
● GDPR, NIST CSF, COBIT 5, PCI DSS, NBU №95, DORA
● Writing Policies and Procedures
● Risk management
● Vendor \ third-party risk management lifecycle
● Testing employees for phishing attacks and other cybersecurity awareness
activities. (www.knowbe4.com platform).
● Training for employees and consulting on information security
● Disaster recovery, RPO, RTO
● ACS - Access Control System \ СКУД
● FDAS - Fire Detection And Alarm System \ ОПС
● CCTV - Closed-circuit television\ Video monitoring \ СВН
Completed courses
● Security+
● SSCP ( Access Controls* )
● CSA+ ( Cybersecurity Analyst )
● CASP+ ( Governance Risk and Compliance* )
● CCNA ( Cisco Certified Network Associate (Netacad))
● Google Cybersecurity ( Professional Certificate - 8 course series )
● CISA (Certified Information Systems Auditor) - in progress
● ISO 27001 Lead Auditor - in progress
● ISO 27001 Lead Implementer - in progress
● CCSP - Certified Cloud Security Professional - in progress
Languages:
● Ukrainian - native
● English - B2 (Upper-Intermediate)
● Polish- B1
About Me: I like jazz, radioelectronics, chess, sports and creative photography.
Схожі кандидати
-
Адміністратор з IT-безпеки
Львів -
Cyber security specialist
Львів -
Cyber security specialist
Львів -
Керівник IT-відділу
Львів, Київ, Одеса -
Фахівець з кібербезпеки
25000 грн, Львів
Порівняйте свої вимоги та зарплату з вакансіями інших підприємств:
Резюме кандидата розміщено за адресою: https://www.work.ua/resumes/13033861/