Post Job Free
Sign in

Management Security, IT Security

Location:
Lewisville, TX
Salary:
negotiable
Posted:
June 22, 2016

Contact this candidate

Resume:

Denis Shilkin

Authorization to work in US: Permanent resident of US (Green card holder)

Contact information:

Address: **** ***** ******** *** *** Apt.#231 Lewisville, TX 75067

Phone:

Cell: +1-929-***-****

Other: +1-315-***-****

Skype: den.shilkin

e-mail: ***********@*****.***

Linkedin profile: https://www.linkedin.com/in/denshilkin

Work experience:

10.2012 – 06.2016, VTB Capital, Moscow, Russia

Head of Security Engineering and Architecture (Associate Director)

Responsibilities:

Engineering and Architecture team management.

Team budget management.

Security expertise in IT-projects.

Continuous market research for new tools and technologies.

Audit issues follow up.

Security policies, procedures and benchmarks creation.

Vulnerability scans and followed actions (Nessus and Qualys).

Monitoring of Security community for new vulnerabilities, threats, etc.

Database Access Monitoring system: Imperva DAM

Security tools implementation (design, budgeting, set up and support if needed).

Security tools support Dell Intrust, Dell ChangeAuditor, iSecurity for iSeries.

Endpoint Management system (Full Disk Encryption for Laptops, control removable media on desktops and laptops).

Manage access control system for network devices access.

Anti-virus systems support including embedded firewall management (Symantec Endpoint Protection)

Compliance System support (including building custom technical checks, create Bash scripts to verify various system paramenters)

Log management systems (Dell Intrust, Dell ChangeAuditor (for Active Directory, File Servers, Exchange, vmWare), Splunk).

Internet usage logs and reporting (Bluecoat Reporter)

User actions recording systems support (Beyondtrust Powerbroker for Linux (RHEL), ObserveIT).

Ad-hoc logs investigation.

Issues tracking with Jira.

Projects:

Control Compliance project based on Symantec CCS product including writing custom checks for Windows, *nix, databases (MS SQL, Oracle) and vmWare.

Log centralization project based on Splunk.

Special situations processing:

VTB Capital plc (VTB Capital UK branch) won a prize for Most Effective Recovery at the 2016 Business Continuity Institute Awards. SEA team was trained to handle DR events and all supported systems work well from DR Datacenter.

11.2011 – 10.2012, Societe Generale Group - Rosbank - GTS Russia

Moscow, Russia

Regional Technical Security Officer - Deputy Head of IT-infrastructure security unit

Security expertise in IT-projects.

Audit recommendations follow-up.

Security tools implementation.

09.2010 – 11.2011, JSCB MInB (Moscow Industrial Bank)

Moscow, Russia

Head of Information Security Division

The organization of works in the field of information security (IS): developing policies and procedures of IS, participation in audits. Preparation and participation in audits on conformity to requirements PCI DSS. Negotiating with integrators.

Support of protected document circulation systems.

The organization of access of users in a network the Internet (Squid). Administration of the anti-virus software (server, endpoints, gateway to block spam, phishing, viruses).

Audit of protection of external perimeter, audit of safety of an internal network (revealing vulnerabilities). Adjustment and operation of intrusion prevention systems (Cisco IPS). Adjustment and operation of hardware gateway screens Cisco PIX/ASA. Adjustment and operation of system of monitoring of IS events (ArcSight). Adjustment and operation of vulnerability management software (MaxPatrol).

Achievements: May 2011 - PCI DSS Certification with Compliance status.

Projects:

Created corporate Certification Authority for Internal DocFlow system.

Created a team for support of Certification Authority for Internet Banking system (Certification Authority is based on Russian GOST algorithms).

Managed PCI compliance project that includes following systems and tools: ArcSight ESM for managing logs and events; Tripwire for regular check of critical system and applications files; Imperva for protecting external faced Web-sites from threats like SQL-injections, Cross-site Scripting and other.

09.2007 - 08.2010, JSCB MInB (Moscow Industrial Bank)

Moscow, Russia

Deputy Chief of Information Security division

The organization of works in the field of information security (IS): developing policies and procedures of IS, participation in audits. Preparation and participation in audits on conformity to requirements PCI DSS. Negotiating with integrators.

Support of protected document circulation systems.

The organization of access of users in a network the Internet (Squid). Administration of the anti-virus software (server, endpoints, gateway to block spam, phishing, viruses).

Audit of protection of external perimeter, audit of safety of an internal network. Adjustment and operation of intrusion prevention systems (Cisco IPS). Adjustment and operation of hardware gateway screens Cisco PIX/ASA. Adjustment and operation of system of monitoring of IS events (ArcSight). Adjustment and operation of vulnerability management software (MaxPatrol).

05.2003 - 09.2007, JSCB MInB (Moscow Industrial Bank)

Moscow, Russia

Main expert

Support of protected document circulation systems working with the Central Bank of Russian Federation, the SBERBANK (Savings Bank of the Russian Federation) and so on. Support of internal protected document circulation systems.

Support of the Internet access of internal users and systems trough Cisco PIX devices, Cisco Routers, Socks and Squid proxy servers on Linux OS. Administration DNS servers (Bind). Administration of QMail software (SMTP server) as a transport for Internal document processing system.

Administration of antivirus software.

Work with IT Security audit tools (nmap, Nessus).

09.2001 – 05.2003, Institute for Information Transmission Problems (IITP) of Russian Academy of Science, RadioNET group.

Moscow, Russia

Junior Science Worker

Support of mail system of IITP, WiFi base stations set up. Support of other institutes of Russian Academy of Science in scope of Internet access, e-mail server, modem pool access.

09.2000 – 09.2001, Russian Academy of Science, Technical Support Center.

Moscow, Russia

Support engineer.

Users support, network maintenance (connect computers to the network, basic configuration), basic support of e-mail services and Novell Netware directory services.

Education:

National Research Nuclear University MEPhI (Moscow Engineering Physics Institute)

Moscow, Russia

2003 Diploma in Computer Engineering (Bachelor’s degree) - Computers, complexes, systems and networks.

Diploma work: Development of program complex to stabilize WiFi-base station on an aerostat.

Advanced trainings / courses:

2010 VISA PCI Training seminar, Liquid Nexxus / Onformonics, Certificate of Attendance

2009 MIS Training Institute's "Making the transition from IT to IT Audit", Microinform, Certificate of Completion

2008 MIS Training Institute's Enterprise Information Security Management Curriculum, Microinform, Certificate of Completion

2007 DVS+: Design VPN Security (Cisco), Red Center, certificate

2007 SNPA: Securing Networks with PIX and ASA, Red Center, certificate

2006 New aspects in work on counteraction to legalization (washing up) of incomes received criminal by, and to financing of terrorism, Institute of a banking of Association of Russian banks, certificate num.13337

2006 TranzWare Fraud Analyzer Training Course, Compass Plus, certificate

2006 TranzWare OLAP Analyzer Training Course, Compass Plus, certificate

2005 ICND (Interconnecting Cisco Network Devices), Red Center, certificate

Skills

Imperva DAM

Symantec Endpoint Protection

Symantec Control Compliance Suite

Dell Intrust

Dell ChangeAuditor

Spunk

Powerbroker for Linux

ObserveIT

Microsoft Office Excel

Microsoft Office Suite (including Visio)

Cisco Secure ACS

McAfee Antivirus

Network Vulnerability Scanners

MaxPatrol

Database Access Monitoring

Antivirus solutions

Compliance solutions

Audit tools (Dell ChangeAuditor, iSecurity)

Privilege Access Monitoring (Powerbroker, ObserveIT)

Network Access tools (Cisco Secure ACS)

Windows and Linux OS security

PCI DSS

Web Application Firewalls

SIEM (ArcSight)

PKI (OpenSSL, PGP, GOST)

IT Security audit

Security policies and procedures

Intrusion Detection System

Web Access Control

Firewall Management

DNS servers (BIND)

Imperva WAF

Kaspersky antivirus

Networking/WIFI

Firewalls management

Team Management

Budgeting

Vendor Management

Nessus (Tenable) (Expert)

Rapid7 (Beginner)

JIRA (Intermediate)

Slackware Linux (9.1 & 10.1) (Intermediate)

RedHat Enterprise Linux (5.9, 6.0) (Intermediate)

Perl and Bash scripting for Linux



Contact this candidate