● Engage in a variety of offensive penetration testing assessments including system/network (internal and external), web application, red and purple team, physical, social engineering, including the development and execution of phishing campaigns.● Hands on experience in penetration testing of Windows and Linux environments, Active Directory, network monitoring, TCP/IP networks, and vulnerability and threat management tools (including network based scanners).● Hands on experience in MITRE ATT&CK framework/detailed knowledge of global cyber threats, threat actors, and the tactics, techniques, and procedures (TTP’s) used by cyber adversaries, specifically those targeting the financial services sector.● Establish and implement hardening security concepts and techniques for Unix/Windows/Linux. ● Coordinating and conducting multiple cloud security audits and identifying, reviewing, prioritizing vulnerabilities and remediation measures based on Azure Security Benchmark and NIST standards.● Supporting- in SOC/SIEM vendor selection processes and in the creation of strategic concepts for SOC/SIEM operating models.● Perform external, internal, physical, web, SOC, and malware assessments including evaluation and derivation of measures to improve detection capabilities.● Collaborate with other IT-Security teams to implement security best practices and interact with clients on high and technical levels to discuss findings and resolutions.● Performed Triage, Incident response, Vulnerability management, Threat intelligence and Cyber threat intelligence analysis.● Monitored, identified, investigated, and responded to threats in multi-cloud environments using tools Microsoft Sentinel, Microsoft Defender for the cloud, Microsoft 365 Defender and Third-party security solutions.● Worked closely with business stakeholders, architects, identity administrators, Azure administrators, and endpoint administrators to secure IT systems for the enterprise.

● Design, development, and evaluation of an open-source IDS, IPS and SIEM in an industrial environment and execution of various tests for multiple clients, ensuring seamless integration with existing security infrastructure.● Monitoring and analyzing security events to identify potential threats and breaches.● Investigating and triaging security incidents to determine their severity and impact.● Manage and update intrusion detection rules to detect and respond to specific types of suspicious activities.● Developing and maintaining security incident response processes to effectively respond to security incidents.● Developing and maintaining security policies, procedures, and standards to ensure compliance with industry regulations and best practices.● Adjust and fine-tune the IDS, IPS and SIEM configuration to reduce false positives and improve detection accuracy.● Ensure that the IDS, IPS and SIEM aligns with organizational policies and compliance requirements for security monitoring.● Collaborating with cross-functional teams to implement security controls and measures to mitigate risks proactively.● Optimizing security tools and technologies to improve the effectiveness and efficiency of the security operations.● Creating and presenting regular reports and analytics to stakeholders to communicate security posture, incidents, and risks.● Providing security awareness training to employees to enhance their security awareness and practices.● Participating in continuous learning and professional development to stay current with emerging trends and techniques in the security field.

● Lead and conduct penetration testing in industry environments to identify potential system/network vulnerabilities and apply appropriate patches across the organization to comply with NIST and ISO 2700x standards.● Preparation and implementation of a company-wide simulated phishing campaign with evaluation and documentation of the results.● Conduct and manage regular vulnerability scans across the organization's systems, including both internal and external networks to identify security weaknesses, misconfigurations, and potential threats.● Review and analyze scan results to prioritize vulnerabilities based on severity and potential impact on the organization.● Collaborate and work closely with IT teams to apply necessary patches and updates to address identified vulnerabilities.● Generate and deliver detailed reports to stakeholders, including IT administrators and security teams, outlining identified vulnerabilities and recommended actions.● Perform compliance scans to ensure systems meet specific security standards and regulatory requirements.● Incorporate threat intelligence data to enhance vulnerability assessment and identify emerging risks.