*Development of security architecture solutions for various information systems. * Architectural control of implemented and enhanced IS from the information security point of view.

As an expert in information security, my tasks include the following: - ensuring the safety of software development for stock trading, working in agile teams - setting up security controls around software development processes and integrations with external information systems and cloud services - developing and monitoring security requirements during architectural design of solutions - participating in the design of information flows, determining a secure infrastructure for projects - coordinating information security issues with the risk assessment committee - improving the safety of software assembly and deployment procedures - static testing of security products, conducting acceptance tests from the perspective of information security - coordinating role models in existing information systems

Development of a new area — information security audit for Rosneft company: * development of methodology (procedures, questionnaires, etc.) for the new activity area — information security audit; * selection, training and management of the working group of 4 specialists; * conducting information security audits at the facilities of Rosneft and its subsidiaries. Development of architecture and practical deployment of software verification service for compliance with information security requirements: * training of 3 specialists in conducting software testing for compliance with information security requirements; * practical testing of the service using a controlled software environment (sandboxing); * methodological support for the service operation. Participation in organizational and methodological support of information security incident response center (SOC) deployment. Results: * developed IT audit area, created process audit methodology, formed and trained a team; * created and implemented software verification service for compliance with information security requirements (sandboxing), trained specialists, which increased the level of security when implementing software for Rosneft.

• Maintain IS infrastructure • Detect and investigate security incidents • Design and implement security policies • Perform continuous vulnerability management process • Operate FW, IPS, VPN

• Implement DLP system in the Bank • Perform continuous vulnerability scanning • Perform security procedures design and implementation

•Perform SIEM administration •Perform continuous vulnerability scanning •Detect and investigate security incidents •Perform Assets management in SIEM

Participated in the security audit of the information systems of the Bank branches. Provides control to eliminate violations. Conducted a technical audit of information systems. provides training recommendations for elimination of violations identified during the audit. Provides design, commissioning and operation of the various subsystems of the information security infrastructure (~10 000 ws) Participated in the development of regulatory documents Participated in the Incident Response Team