Tashkent, Uzbekistan
I focus on cybersecurity operations with a strong emphasis on vulnerability and risk management, incident response, and security research. My background combines hands-on technical expertise with process ownership: from vulnerability assessment and prioritization to incident investigation and coordination across technical and business teams. I have deep experience in application and web security, including reverse engineering (primarily Windows-based software), malware analysis, and handling complex security cases that require in-depth technical analysis. I help organizations reduce cyber risk by identifying critical security weaknesses early, improving response capabilities, and strengthening overall cyber resilience.
— Leads enterprise-level cybersecurity operations with a focus on vulnerability management, risk-based prioritization, and incident response. — Owns the vulnerability management program, including continuous scanning, findings validation, remediation tracking, and stakeholder coordination. — Manages response to complex security incidents, including technical investigations of applications, scripts, and web services. — Coordinates incident response efforts across security, IT, engineering, and business teams. — Integrates security into IT and digital transformation projects through risk assessments and secure architecture reviews. — Oversees application-layer and endpoint security controls, including web security protections and security event monitoring. — Conducts security assessments of web applications and services, delivering actionable remediation guidance. — Manages third-party penetration testing engagements, including scoping, requirements definition, and results evaluation. — Prepares executive-level security risk reports and communicates security posture to senior leadership. — Engages with regulators and external auditors in regulated financial environments.
Providing cybersecurity consulting, malware analysis, penetration testing, and secure web development for businesses and individuals. Focusing on website security, vulnerability assessment, and threat mitigation. Web Security & Penetration Testing — Conducted vulnerability assessments and penetration tests for web applications, identifying and mitigating security flaws. — Analyzed malicious injections and exploits on PHP-based websites, cleaning and hardening compromised systems. Secure Web Development & Optimization — Developed secure, high-performance websites with built-in security measures to prevent SQL injection, XSS, and other web vulnerabilities. — Implemented SSL/TLS encryption, security headers, and authentication mechanisms for data protection. — Created custom WordPress plugins and web solutions, ensuring security, scalability, and SEO optimization. Reverse Engineering & Malware Analysis — Reverse-engineered suspicious software and malware, identifying attack vectors and persistence mechanisms. — Investigated obfuscated JavaScript payloads and advanced packing techniques used in web-based malware. Custom Security & Development Solutions — Developed custom security scanners, activity monitoring tools, and automated parsers using PHP, Python, and Delphi (why not?). — Created anti-bot and fraud detection mechanisms to protect online platforms. — Consulted businesses on best security practices, providing hands-on training for IT teams. Cybersecurity Consulting & Incident Response — Assisted clients in responding to security incidents, data breaches, and unauthorized access cases. — Provided security awareness training for website owners and employees to prevent phishing and fraud attacks. Technologies & Tools: — Malware Analysis & Reverse Engineering: IDA Pro, x64dbg, OllyDbg, Wireshark — Web Security & Pentesting: Burp Suite, Nmap, OWASP ZAP — Web Development: PHP, WordPress, JavaScript, MySQL, Custom Plugins, Custom Scripts/parsers
Led cybersecurity operations and incident response for a major telecom provider, focusing on threat detection, forensic investigations, and malware research. Incident Response & Digital Forensics — Investigate phishing, ransomware, and unauthorized access incidents, minimizing business impact. — Analyzed log data, memory dumps, and network traffic to identify attack vectors and intrusion methods. — Conducted post-incident forensics, preserving digital evidence and assisting in legal proceedings. — Developed and refined incident response playbooks for consistent security operations. Threat Hunting & Malware Research — Reverse-engineered malware and suspicious binaries, identifying indicators of compromise (IOCs). — Evaluated new software for security vulnerabilities, testing for exploitable flaws and backdoors. — Collaborated with SOC teams to detect and analyze security alerts, ensuring proactive risk mitigation. — Integrated threat intelligence into security workflows, improving early attack detection. Network & Infrastructure Security — Conducted penetration testing and security assessments, exposing vulnerabilities in corporate IT and cloud systems. — Implemented firewall rules, IDS/IPS policies, and endpoint security controls to harden defenses. Audited third-party vendors for compliance with corporate security standards. Security Operations & Risk Management — Led security awareness programs, training employees to identify and respond to cyber threats. — Built partnerships with law enforcement and security vendors to enhance investigation capabilities. — Reported cyber incident analysis and security recommendations to senior management. Technologies & Tools: Forensics & Malware Analysis: IDA Pro, OllyDbg, Wireshark, Volatility Threat Intelligence & SIEM: Splunk Network & Cloud Security: Windows Server, Firewalls, little bit AWS Security Security Automation & Scripting: Python, Bash
Developed custom websites and optimized SEO strategies for businesses, focusing on performance, usability, and search engine rankings. Website Development & Optimization — Built responsive, user-friendly websites with a focus on business goals and user experience. — Optimized website performance for faster load times, better accessibility, and mobile responsiveness. — Developed solutions using PHP, WordPress, JavaScript, jQuery, CSS, and MySQL. SEO & Digital Growth Strategies — Executed on-page and off-page SEO techniques, improving organic search rankings. — Conducted keyword research, content optimization, and link-building campaigns. — Integrated Google Analytics for performance tracking and user behavior analysis. Security & Maintenance — Hardened WordPress installations against common vulnerabilities. — Audited and cleaned compromised websites affected by malware injections and defacements. — Implemented automated backups, security patches, and firewall configurations. Client Consulting & Project Management — Worked with small businesses and entrepreneurs, providing custom digital solutions. — Managed projects from concept to deployment, ensuring clear client communication. Technologies & Tools: Web Development: PHP, JavaScript, jQuery, CSS, MySQL, WordPress SEO & Analytics: Google Analytics, Search Console, Keyword Research Security & Optimization: WordPress Hardening, Malware Removal, Performance Tuning
Led cybersecurity initiatives in one of the largest banks in Russia, focusing on incident response, malware analysis, penetration testing, and threat hunting. Incident Response & Threat Hunting — Investigated APTs, banking malware, and targeted attacks, ensuring rapid detection and remediation. — Conducted post-incident forensics, analyzing network traffic, memory dumps, and log data to determine attack vectors. — Integrated threat intelligence feeds to improve proactive threat detection and mitigation strategies. Malware Analysis & Reverse Engineering — Reverse-engineered malware, including financial trojans, ransomware, and obfuscated droppers, identifying persistence mechanisms and IOCs. — Analyzed exploit payloads and developed detection rules (YARA, Suricata) for SOC teams. Used IDA Pro, OllyDbg, Wireshark, and custom debugging tools to dissect malicious binaries. Penetration Testing & Security Audits — Conducted penetration testing of corporate infrastructure, uncovering critical vulnerabilities in banking applications. — Led security audits and risk assessments, helping the bank comply with financial security regulations. — Implemented automated security monitoring tools and custom log analysis scripts for real-time threat detection. Team Leadership & Security Operations — Managed a team of cybersecurity analysts, providing technical guidance and training. — Collaborated with law enforcement and external cybersecurity vendors to investigate fraud and cybercrime cases. — Developed incident response playbooks and SOC procedures, standardizing security operations. Technologies & Tools: Malware Analysis: IDA Pro, OllyDbg, Wireshark Threat Intelligence & SIEM: Splunk, custom log parsers Penetration Testing: Burp Suite, Nmap, custom exploit scripts Security Scripting & Automation: Python