Data Security services consists of cyber security experts who spent decades working for various corporations and eventually decided to start providing services on their own. We focus on providing high added value specific to the company we are working with.One of our main principles is knowledge transfer. We believe that by educating and developing stakeholders we create a constructive environment that continues to function and improve itself long after our engagement is completed.We have seen many large engagements and big projects fail as they took upon themselves an enormous task with myriads of changes. Our approach is different, we introduce strategic key changes in the organization and let organization itself naturally adjust. We cover areas like:1) Infrastructure/application security design and architecture2) Risk management3) Communication strategy(ies)4) Security implementation supervision5) Teams design, acquisition and retention

- Vulnerability management - takeover from project, adjusting it to operation's needs. Significantly improved scalability, reliability and accuracy. - Exception management – takeover from project, adjusting it to operation's needs, simplification and enhancement - Patch management – define the service as part of the project, documentation, identifying weak points and removing them, user education, takeover, running the service on daily basis- Team management – long term planning (strategy, budget, head count), hiring (defining roles, interviews), focus on effective use of resources, delivering high quality services and keeping all working as good teamAchievements - We setup a highly effective team of motivated professionals who enjoyed working in the team - With one developer and 2 SMEs we created a tool that was able to scale 20 000% in terms of processed findings in less than a year - we achieved high satisfaction rate from internal customers by providing quick and quality services- We developed unique assignment model that allows automatically assign finding to correct responsible team - done manually before - we setup the patch management process with significant security perception shift from “annoying bug” to “business as usual”- Significant speed up the patching: - Windows from irregular to quarterly to monthly patching. Today the standard patching is faster than the original emergency patching - *NIX: from irregular to regular multiple times per year - Oracle DB: from irregular to regular multiple times per year

- Security Officer for teams supporting external banking clients - ensuring security protocols and processes are followed, incident responses, audit support- Vulnerability assessments across Europe – organization, scanning the servers, reporting, findings remediation with responsible teams, escalation point for various application/OS issues, verification of implemented solutions, root cause analysis- Exception management – assessing the risk and preparing other materials for global approval board- Penetration testing worldwide – web applications and infrastructure using Linux and Windows tools, custom scripts (Python, bash), quick adoption of new technologies- Managing vulnerability management infrastructure – maintaining Windows servers, troubleshooting, patching, 3rd level support for McAfee MVM infrastructure- Design and configuration security reviews – identifying weak points and non-compliance, suggesting corrective actions, reporting- Developing and maintaining security processes – analyzing needs, automating steps, documentation development, training- People management – assigning work, time estimation, training, progress follow ups- Clients preparation for various audits (internal, ISO) Achievements- As a first member of the penetration testing team I helped choosing tools and training programs for the team- I developed processes and tools that helped teams to prepare for internal audits - they passed without major findings regularly - I had constant high satisfaction rate with customers (both internal and external)