System Administrator/AWS Administrator/Architect/IT Security Expert
Security-driven information security Architect/Professional with expertise in directing all aspects of highly technical multimillion dollar projects. With more than 7 years of expertise in a secure system implementation my skills oriented to accomplish tasks with the best security practices and rules. I am effective in defining breakthrough technology options based on organizational standards, security policy and strategic needs of the organization.
1. OS Administration:
- Unix-like expert - RedHat/CentOS/Fedora; Debian/Ubuntu; Linux embedded etc. Linux security: fw, ids, integrity, encryption, SElinux etc; security hardening according best practices; software and tools, needed for enumeration, penetration testing and monitoring of corporate security regulations. Experienced in troubleshooting.
- MS Windows expert - XP,7,8,Server 2003/2008/2012 - AD DS, AD CS, APP server, IIS, DNS, DHCP, Terminal Services, Print Services, File Services, Hyper-V. Windows security and performance. Experienced in troubleshooting.
2. Database administration:
- Oracle 11g, MySQL, MS SQL. Good knowledge of SQL.
3. Cloud Infrastructure:
- VMware Vsphere, ESX, ESXi; Rackspace, Amazon AWS expert.
- Knowledge of servers hardware and desktops.
4. Information security software and hardware:
- StoneGate FW/VPN, StoneGate IPS, StoneGate VPN/SSL.
- Checkpoint FW/VPN, Checkpoint IDS/IPS.
- Imperva WAF, Imperva DBS.
- Websense WSG, Websense WES (Email Security).
- Bluecoat SG+AV.
- Symantec EP, Mcafee ePolicy, Kaspersky and others.
- Cisco switches and routers (CCNA+p level).
- Vyatta FW/VPN.
- Splunk Enterprise, OSSEC, Nagios, MRTG, device lock and etc
- Python, Bash shell scripting, PHP. Windows batch scripting. Good knowledge of regular expressions.
6. PenTest ing (penetration testing, vulnerability assessment) and diagnosis.
- knowledge and practical experience in vulnerability/misconfiguration assessments of network devices and server setups. Experienced with many audit and vulnerability scanners. Network and security troubleshooting. Manual assessments and code review. Static code analysis.
- OWASP TOP 10 testing. Secure SDLC.
ISO/IEC 2700x, HIPAA, PCI DSS.
CIS, SANS best practices.
- MS Office (including MS Visio and MS Project).
- Different CRMs, CMSs, helpdesk systems (Wordpress, Drupal, Jira, etc)
Good knowledge in the areas: cloud security and system hardening; network and security design; data leakage and covert channels prevention; secure systems development life-cycle, business continuity; risk assessment; social engineering; ddos and malware disease mitigation; spam and AV protection.
Extensive experience in project implementation. Experience in scheduling, setting goals and objectives in the shortest possible time. Record keeping.
Tags, skills,technologies, services: linux, redhat, suse linux, debian, ubuntu, android, fedora, windows 8, windows 7, windows server 2003, windows server 2003 R2, windows server 2008, windows server 2008 R2, windows server 2012, windows server 2012 R2, active directory, group policy, terminal services, print services, certification authority, dns server, wins server, dhcp server, firewall, iptables, openvpn, strongswan, ipsec, ike, ikev1, ikev2, security association, network address translation, routing, cisco, cisco 2960, cisco 3750, crontab, aide, selinux, ossec, ids, ips, hids, intrusion detection system, intrusion prevention system, snort, nmap, vulnerability assessment, vulnerability scanning, penetration testing, pentesting, penetration test, owasp scanning, owasp assessment, secure SDLC, IIS, network file system, raid, hyper-v, mysql, postgre sql, VMware Vsphere, vmware esx, vshield, vmotion, rackspace, linode, godaddy, hetzner, burstnet, bluehost, leaseweb, aws, amazon web services, amazon ec2, amazon ebs, amazon rds, amazon vpc, amazon s3, amazon glacier, amazon route53, amazon elb, amazon elastic load balancer, amazon cloudwatch, amazon auto scaling, amazon workspaces, amazon efs, amazon cloudfront, amazon elastic file system, amazon cloudtrail, amazon iam, amazon directory service, amazon trusted advisor, amazon sqs, amazon ses, amazon sns, stonegate, stonesoft, checkpoint, imperva, websense, bluecoat, symantec endpoint protection, mcafee, mcafee epolicy, Vyatta firewall, vyatta vpn, Kaspersky, splunk, nagios, MRTG, bash shell scripting, ssl, tls, apache, haproxy, nginx, compliance, pci dss, saq d, saq d v3, cpanel, whmcs, whm, migration, replication, rsync, tcpdump, wireshark, stp, rstp, eigrp, ospf, nmap, kali linux, white hacking, backtrack, metasploit, whitehat, ethical hacking, certification, ceh, ccna, ccnp, oscp, security hardening, cis, sans, CISSP, google cloud, microsoft azure, google compute engine, l2tp, pptp, sstp, softether offensive security, owasp, burpsuite, sqlmap, static code analysis, code review, network planning, dmz, failover, load balancing, clustering, ddos mitigation, backup, data restore, monitoring, antivirus.