Navigation überspringen

Sergey Lapin

Bis 2017, Security Service Owner, Booxware Software Entwicklungs-GmbH
Karlsruhe, Deutschland

Fähigkeiten und Kenntnisse

Network Security
Penetration Testing
IT-Security
Linux
Security Management
Analysis
Virus protection
Intrusion Detection System
Failover
Networking
Server hardening
Unix
Python
PHP
MySQL
C/C++
IDA Pro
Reverse Engineering
OWASP
ISO27001
Vulnerability Assessment
Static code analysis
Ethical Hacking
Risk Assessment
PCI DSS
Systemadministration
BurpSuite
nmap
Metasploit
BeEF
Nessus
PowerSploit
sqlmap
WireShark
Kali linux
VMware
FreeBSD
AWS
Bash (Shell)

Werdegang

Berufserfahrung von Sergey Lapin

  • 2 Jahre und 6 Monate, Dez. 2017 - Mai 2020

    Security Service Owner

    Tipico Technology Services GmbH

  • 1 Jahr, Jan. 2017 - Dez. 2017

    Security Service Owner

    Booxware Software Entwicklungs-GmbH

    • Managing of security team (I have conducted security meetings and established security awareness program across Tipico Group) • Ethnic hacking, conducted manual external and internal penetration testing • Detected big amount of critical vulnerabilities in several products. Proposed remediation strategies, changes to SDLC and particular fixes for applications • Enterprise cybersecurity threats I have mitigated and documented with written procedures (according to ISO 27001)

  • 3 Monate, Okt. 2016 - Dez. 2016

    IT Risk & Security Specialist

    Booxware Software Entwicklungs-GmbH

    • Regular vulnerability assessments, produced advisory reports regarding 0-day exploits, CVE vulnerabilities, current network issues • Conducted security event monitoring for corporate wide in-scope applications • Performed risk assessments to ensure corporate compliance, maintenance external audits (ISO, PCI DSS)

  • 5 Jahre und 7 Monate, März 2011 - Sep. 2016

    IT-Security Consultant

    Abitec Group, Ukraine, Zaporozhe

    • Identify potential risk, consult on correcting or reducing risk, report if uncorrected • Perform Vulnerability assessments on projects • Ethnic hacking and Penetration Testing on projects or existing infrastructure • Consult Security Operations Team on security events • Establishes and maintains a framework to ensure that information security policies, technologies and processes are aligned with the business regulations of the organization

  • 8 Monate, Mai 2015 - Dez. 2015

    IT-Security Engineer

    SecurityScorecard Inc. (USA, NY) (Start-up)

    Remote position in start-up. • Information gathering and perform scans • Penetration Testing and Vulnerability assessments on projects • Risk assessment • Ruby and bash scripting

  • 4 Jahre und 11 Monate, Apr. 2006 - Feb. 2011

    Chief Information Security Officer (CISO)

    Global Spirits holding, Ukraine, Russia and USA

    • Provided direct technical and business leadership to a growing team of Security Analysts, IT security engineers and network engineers. • Coordinated vulnerability identification and assessment activities from end to end, including collection of requirements, writing of specifications, driving schedules, managing execution. • Well-versed in regulations and standards related to risk management and security, security policy development and compliance (according to ISO 27001).

  • 4 Monate, Jan. 2006 - Apr. 2006

    Linux/Unix System Administrator

    DuPoint Corporation, USA Company (Kiev branch)

    • System Administration high-advantage Linux RedHat, Debian, SUSE, Linux HA servers. • IT-Security audit of servers and Penetration testing of services during SDLC. • Clustering - Postfix/CourierIMAP/MySQL • Load Balancing VOIP (Asterisk+OpenSer [Kamailio]) • Configuring authentication (FreeRadius+OpenLDAP) • Unix programming C/C++ • H.323, SIP video conferencing web-based software

  • 1 Jahr und 2 Monate, Nov. 2004 - Dez. 2005

    Chief Information Officer (CIO)

    JSC (ISP) CN Link Ukraine, Zaporozhe

    Network design Organization of cabining User support organization Involved in development a Business Plan and Tariffs Billing system and related software (for user side) development (C/C++, HTML, PHP, Visual C) Servers administration (DNS, Proxy (Squid), Webservers (Apache), RDBMS (PostgreSQL, MySQL) )

  • 1 Jahr und 4 Monate, Okt. 2003 - Jan. 2005

    FreeBSD/Linux System Administrator

    Conkurent LLC, Ukraine, Zaporozhe

    Remote position in software development company.

  • 1 Jahr und 1 Monat, Nov. 2003 - Nov. 2004

    Project manager and Team Lead

    AbiTec Development LLC, Ukraine, Zaporozhe

    IT-Security consulting on projects and clients Organization of work teams around the required tasks Ethnic hacking, Penetration testing during SDLC Hands-on development some parts of projects (PHP, Perl, Python, C/C++, Visual C, Delphi/Kylix, ASM, MySQL, PostgreSQL, MSSQL)

  • 9 Monate, Okt. 2003 - Juni 2004

    UNIX System Administrator

    Zaporozhe Institute of the State and Municipal Management

    Remote position in University.

  • 10 Monate, Sep. 2003 - Juni 2004

    IT-Security Analyst

    Cybernet Software Systems Inc., USA and Singapore

    Ethnic hacking and Penetration Testing on projects

  • 3 Jahre, Okt. 2000 - Sep. 2003

    Unix/Linux/Windows System Administrator, Network Engineer

    Zaporozhe State Engineering Academy, Ukraine, Zaporozhe

    Multiply positions in different departments within university. (Also Deplhi/C/C++ Programmer)

Ausbildung von Sergey Lapin

  • 11 Monate, Sep. 2004 - Juli 2005

    Faculty of Automation Technology Processes

    Zaporozhe State Engineering Academy

  • 4 Jahre und 11 Monate, Sep. 1999 - Juli 2004

    Faculty of Automation Technology Processes

    Zaporozhe State Engineering Academy

  • 1 Jahr und 10 Monate, Sep. 1997 - Juni 1999

    Computer Science

    Multidisciplinary school N16

Sprachen

  • Englisch

    Gut

  • Russisch

    Muttersprache

XING – Das Jobs-Netzwerk

  • Über eine Million Jobs

    Entdecke mit XING genau den Job, der wirklich zu Dir passt.

  • Persönliche Job-Angebote

    Lass Dich finden von Arbeitgebern und über 20.000 Recruiter·innen.

  • 22 Mio. Mitglieder

    Knüpf neue Kontakte und erhalte Impulse für ein besseres Job-Leben.

  • Kostenlos profitieren

    Schon als Basis-Mitglied kannst Du Deine Job-Suche deutlich optimieren.

21 Mio. XING Mitglieder, von A bis Z