Больше информации по резюме будет доступно после регистрации

Зарегистрироваться
Was yesterday at 18:12

Male, 42 years, born on 12 June 1983

Armenia, willing to relocate (Moscow), prepared for business trips

Senior Director of Security or equivalent leadership roles (e.g., CEO, CIO, or CISO)

Specializations:
  • Chief executive officer (CEO)
  • Chief information officer (CIO)
  • Information security specialist

Employment type: full time, part time, project work/one-time assignment

Work experience 19 years 6 months

January 2023currently
3 years 4 months
Krisp Technologies Inc.

Armenia, www.krisp.ai

IT, System Integration, Internet... Show more

Senior Director Of Security
• Spearheaded the development and implementation of comprehensive security policies, safeguarding organizational assets, products, and sensitive data. • Conducted regular risk assessments to proactively identify, evaluate, and mitigate security vulnerabilities across systems and infrastructure. • Architected and led a robust incident response program, ensuring swift, coordinated action and minimal impact during security events. • Ensured compliance with global data protection regulations, including GDPR and CCPA, strengthening the organization’s legal and operational posture. • Achieved and maintained SOC 2 Type II and PCI-DSS certifications; led the annual audit and recertification processes to uphold security standards. • Led the successful implementation of HIPAA compliance initiatives, ensuring the protection of electronic protected health information (ePHI) and alignment with regulatory requirements. • Arranged and managed third-party penetration testing to validate infrastructure and product security, and to proactively address potential vulnerabilities. • Collaborated closely with product development teams to integrate security best practices throughout the software development lifecycle. • Oversaw third-party vendor security management, reducing risk exposure through due diligence, monitoring, and contractual safeguards.
July 2020currently
5 years 10 months
Krisp Technologies Inc.

Armenia, www.krisp.ai

IT, System Integration, Internet... Show more

Director of Security
• Led the organization through successful SOC 2 Type II certification, ensuring continuous compliance from 2021 to 2024 through strategic oversight and cross-functional coordination. • Established and enforced comprehensive security policies and governance frameworks, aligning with industry standards and business objectives. • Implemented structured background check protocols and initiated annual security assessments for third-party sub-processors, strengthening vendor risk management and supply chain security. • Directed the integration of security into the Software Development Life Cycle (SDLC) by operationalizing SAST and DAST tools, fostering a shift-left security culture across engineering teams. • Deployed enterprise-level security solutions, including Cloud Directory and Endpoint Detection and Response (EDR), significantly enhancing identity management and endpoint protection capabilities. • Oversaw recurring penetration testing and third-party audits, proactively identifying and mitigating security vulnerabilities to ensure a robust threat defense posture.
August 2019July 2020
1 year
SCHNEIDER GROUP

Moscow, schneider-group.com/ru/

Financial Sector... Show more

Corporate Security Manager
• Deployed advanced Data Loss Prevention (DLP) solutions to proactively protect sensitive information and mitigate the risk of unauthorized data disclosure across endpoints and cloud environments. • Directed the implementation and governance of enterprise Identity Management (IDM) systems, strengthening user authentication protocols and enforcing scalable, policy-driven access controls. • Ensured cross-border data privacy compliance, aligning security operations with international and regional regulations, including the EU General Data Protection Regulation (GDPR) and Russia’s Federal Law on Personal Data (FZ-152). • Led organization-wide vulnerability management initiatives, including routine scanning, prioritization, and remediation efforts to reduce exposure to known and emerging threats. • Architected and enforced role-based access control (RBAC) frameworks, minimizing data access risks by aligning privileges with job responsibilities and regulatory requirements. • Developed and facilitated ongoing security awareness and training programs, fostering a security-first culture and equipping employees to recognize and respond to cyber threats. • Provided strategic security consulting to enterprise customers, identifying risks, designing tailored mitigation plans, and supporting their compliance with SOC 2, ISO 27001, and other relevant standards.
November 2017December 2018
1 year 2 months
ForexTime

Cyprus, www.forextime.com/

Financial Sector... Show more

Head of Internal Security
• Directed the development and execution of a comprehensive enterprise security strategy, integrating both IT and physical security measures to safeguard organizational assets and ensure business continuity. • Led and mentored a high-performing cybersecurity team, cultivating a culture of excellence, accountability, and continuous professional development. • Conducted enterprise-level risk assessments, identifying critical vulnerabilities and implementing strategic mitigation plans to reduce the organization’s threat exposure. • Designed and deployed advanced Data Loss Prevention (DLP) solutions, reinforcing the confidentiality, integrity, and availability of sensitive information across digital assets. • Established and maintained a robust incident response program, enabling coordinated and timely responses to security events while minimizing operational disruption. • Ensured compliance with international and regional data protection frameworks, including GDPR and CCPA, aligning internal practices with legal and regulatory obligations. • Implemented scalable Identity and Access Management (IAM) solutions, supporting secure authentication, authorization, and lifecycle management across user populations. • Oversaw real-time threat detection and response operations, utilizing advanced security analytics and monitoring tools to proactively address risks and anomalies. • Authored and enforced enterprise-wide security policies and procedures, embedding security governance into organizational workflows and ensuring alignment with best practices. • Managed third-party risk, leading comprehensive security assessments of vendors and ensuring contractual adherence to cybersecurity and compliance requirements.
November 2016November 2017
1 year 1 month
InecoBank

Armenia, www.inecobank.am/en

Financial Sector... Show more

Head of Administration & Supervision Department
.• Successfully led the ISO 27001:2005 certification initiative, managing the full lifecycle of implementation and later driving the upgrade to the 2013 standard, significantly strengthening the organization’s information security management system (ISMS). • Founded and scaled the Information Security Division, recruiting, developing, and leading a high-performing team aligned with business objectives and regulatory requirements. • Directed end-to-end physical and operational security across the corporate headquarters and 14 branch offices, overseeing the implementation of CCTV systems, alarm infrastructure, and on-site security personnel. • Managed corporate fleet security, deploying GPS tracking and monitoring systems to enhance vehicle oversight, logistics safety, and incident response capabilities. • Acted as a strategic security business partner to internal development teams, embedding OWASP SDLC principles to ensure secure software design, code review, and release management processes.
May 2008November 2016
8 years 7 months
InecoBank

Armenia, www.inecobank.am/en

Financial Sector... Show more

Head Of Information Security Management Division
• Designed and executed end-to-end security strategies to protect banking products and prevent fraud, reinforcing the integrity and reliability of financial operations. • Performed regular penetration testing and vulnerability assessments, proactively identifying and remediating security weaknesses to maintain a strong security posture. • Ensured compliance with leading security frameworks, including PCI-DSS, ISO 17799, and ISO 27001, aligning security operations with regulatory standards and industry best practices. • Maintained continuous compliance with banking sector regulatory requirements, aligning internal controls and documentation with supervisory expectations and audit standards. • Implemented periodic access control reviews, ensuring least-privilege access and minimizing the risk of unauthorized access to sensitive financial systems and data assets. • Led proactive threat modeling initiatives, identifying potential attack vectors and designing layered security controls to address evolving risks. • Conducted comprehensive, data-driven risk assessments, quantifying threat exposure and prioritizing risk areas to guide executive decision-making. • Developed and operationalized strategic mitigation plans, addressing identified risks with timely, effective, and measurable security controls.
April 2006May 2008
2 years 2 months
HSBC Bank Armenia

Armenia, www.hsbc.am/en-am/

Financial Sector... Show more

IT Security Supervisor
• Designed and enforced comprehensive security policies to protect IT infrastructure and enterprise systems, ensuring alignment with industry standards (e.g., ISO 27001) and internal business objectives. • Led the end-to-end management of security incidents, coordinating rapid investigation, containment, and resolution efforts to minimize business impact and support incident response readiness. • Oversaw the administration of network infrastructure and antivirus platforms, maintaining the security, integrity, and operational continuity of the IT environment. • Managed mission-critical banking systems, including AS/400 and Lotus Domino servers, ensuring high availability, data protection, and compliance with security and operational benchmarks. • Provided strategic security counsel to executive leadership, delivering actionable insights on risk exposure, incident trends, and policy alignment to support informed, risk-aware decision-making.

Skills

Skill proficiency levels
Advanced level
Управление рисками
Leadership Skills
Level not specified
IPS
IDS
DLP
ISO 27001
GDPR
PCI-DSS
BurpSuite Pro
JumpCloud
OKTA
SOC 2 Type II
Rapid7
Logz.io
Coverity
SDLC
SAST
DAST
HIPAA
Security Risk Management
Vulnerability Management
Physical Security
SSDLC
Аудит безопасности
Внутренний контроль
Руководство коллективом
Управление командой
Технические средства информационной защиты
Анализ рисков
SIEM

Driving experience

Own car

Driver's license category B, C

About me

With 20+ years of experience in information security and risk management, I specialize in building secure, resilient, and compliant organizations that enable business growth. My career spans hands-on IT and security operations through senior leadership, where I’ve designed and led enterprise-wide programs that protect people, assets, and data while aligning security initiatives with strategic business objectives. I bring expertise in cybersecurity strategy, regulatory compliance, risk management, and converged security operations, with a proven track record of: • Developing and executing enterprise security strategies that reduce risk exposure and strengthen organizational resilience • Leading compliance and audit programs, achieving certifications and passing audits across ISO 27001, SOC 2, PCI-DSS, GDPR, CCPA, and FZ-152 • Directing Application Security and DevSecOps programs, embedding security into SDLC and CI/CD pipelines, and managing responsible disclosure programs • Overseeing security operations spanning endpoint protection, DLP, identity management, incident response, and physical security • Building and scaling high-performing teams, fostering cross-functional collaboration, and delivering executive-level reporting to boards and stakeholders • Driving security awareness and training programs, improving employee compliance and reducing human-related incidents I am known for a risk-based, business-aligned approach to security, balancing protection, compliance, and operational agility while enabling informed decision-making at the executive level. Specialties: Enterprise Security Strategy, Risk Management, Regulatory Compliance, Cybersecurity Operations, Application Security (AppSec), DevSecOps, Secure SDLC, Security Awareness & Training, Incident Response, ISMS (ISO 27001), SOC 2, PCI-DSS, GDPR, CCPA, Physical & IT Security Convergence, Team Leadership.

Higher education

2008
Higher education
National Polytechnic University of Armenia
Computer Systems, Complexes and Networks, Engineer

Languages

Armenian — Native

English — C2 — Proficiency

Russian — C2 — Proficiency

Citizenship, travel time to work

Citizenship: Armenia

Permission to work: Armenia, Russia

Desired travel time to work: Doesn't matter