Пожалуйста, войдите, чтобы скачать резюме.
Experience level:
1-3 years
Education level:
Higher
Languages:
Russian: Native
English: B1
I manage server infrastructure, monitor, troubleshoot, and respond to incidents. I’m planning to relocate to Serbia. My current priority is developing my hard skills. I’m willing to learn and immerse myself in new technologies. I strive to automate routine tasks to improve workflow efficiency. I participate in CTFs.
– Administered and maintained enterprise-grade security solutions, including SIEM (PT MaxPatrol and ELK), antivirus platform (Kaspersky Security Center for ~2000 hosts), web filtering system (Solar webProxy with two filtering nodes and a management server), and vulnerability scanner (PT MaxPatrol 8).
– Configured and optimized SIEM policies, correlation rules, normalization, aggregation, and classification logic; onboarded diverse log sources (OS, network devices, security tools); and developed standardized reporting templates for security events.
– Monitored and analyzed security logs from OS, AV, SWG, and vulnerability scanners to detect and investigate incidents; managed full incident lifecycle via ticketing system (registration, triage, escalation, resolution, closure).
– Performed end-to-end migration of Solar webProxy infrastructure from CentOS to Astra Linux, including migration of ClickHouse and Cassandra databases, ensuring zero downtime and policy continuity.
– Automated SOC operations by developing a messenger-based bot for KSC: enabled real-time alerts on agent failures, automated report generation (events/incidents/operations), and notifications on suspicious host activities – reducing manual effort by 5+ hours/week.
– Administered Windows and Linux servers across VMware, Hyper-V, and Proxmox virtualization platforms; managed access controls at network, system, and application levels, including regular access audits and compliance checks aligned with internal ISMS requirements.
Core technical skills: – SIEM administration & engineering (PT MaxPatrol, ELK/Elastic Stack): log source integration, correlation rule development, alert tuning, dashboard creation, incident detection logic. – Security infrastructure: endpoint protection (Kaspersky Security Center), web filtering (Solar webProxy), vulnerability management (MaxPatrol 8), Active Directory/LDAP. – OS & virtualization: advanced administration of Linux (CentOS, Astra Linux, Ubuntu) and Windows Server; hands-on experience with VMware, Hyper-V, Proxmox (VM deployment, networking, backup). – Incident response: full-cycle handling via ticketing systems, log analysis (OS, AV, SWG, IdP), root cause investigation, reporting. – Automation & scripting: Bash/Python for operational automation (e.g., KSC alerting bot, report generation, system checks). – Network & access controls: MikroTik, VLANs, VPN, DNS, TCP/IP; role-based access governance, audit of user accounts and privileges. – Compliance & hardening: security policy development, configuration audits, alignment with internal ISMS requirements.