Bydgoski, Kujawsko-pomorskie, Poland
Certified and results-driven Senior Security Engineer with over 10 years of progressive experience in enterprise cybersecurity. I specialize in endpoint protection, infrastructure security, compliance, and threat mitigation across global environments. I design, implement, and manage robust security frameworks using tools such as Microsoft Defender, EDR, Intune, Microsoft XDR Portal, and Group Policy (GPO). Skilled in leading cross-functional incident response efforts and enforcing security policies, I ensure alignment with industry regulations and best practices. My expertise spans both on-premises and cloud security, with a strong focus on proactive vulnerability management, system hardening, and continuous security improvement. I’m known for my ability to perform under pressure, produce clear technical documentation, and engage stakeholders to drive strategic security initiatives forward.
In my role at BTC Software Systems, I focused on enhancing endpoint security through comprehensive solutions and policy enforcement. I successfully managed antivirus and anti-malware tools while educating users on best practices. My proactive approach led to a significant reduction in security incidents and improved compliance with industry standards.
As a Senior Security Engineer, I have successfully implemented and managed large-scale endpoint protection solutions, including antivirus software, Microsoft Defender, anti-malware tools, disk encryption, and attack surface reduction rules, ensuring security across over 10,000 endpoints. I have configured and managed endpoint and server security settings to maintain strict compliance with organizational policies and ISO standards. My role has involved contributing to the development and enforcement of endpoint security policies, educating end-users on security best practices, and collaborating with cross-functional teams such as IT operations, network security, compliance, and legal to align endpoint strategies with broader business goals. I have led investigations and responses to security incidents, conducted detailed root cause analyses, and implemented mitigation strategies to prevent future risks. Additionally, I have assessed the security architecture of systems, applications, and network infrastructure to identify vulnerabilities, participated in change management processes, coordinated incident responses across teams, and maintained detailed documentation, including infrastructure configurations, deployment procedures, troubleshooting guides, and best practices.
Delivered full lifecycle management of endpoint and server security solutions across global client networks, ensuring the hardening and protection of both Windows endpoints and servers, as well as Linux-based systems. Implemented and maintained security tools including Microsoft Defender, antivirus and anti-malware software, disk encryption, and attack surface reduction rules to secure hybrid IT environments. Played a key role in developing and enforcing endpoint security policies, updating internal controls, and managing change control processes across business units. Led incident response efforts-conducting log analysis, root cause investigations, and remediation planning. Supported patch management workflows, vulnerability remediation initiatives, and conducted security architecture reviews to proactively minimize exposure to threats. Collaborated closely with IT operations, network security, compliance, and legal teams to align security strategies with organizational goals. Additionally, delivered user awareness training on phishing threats, credential hygiene, and zero-trust principles. Maintained comprehensive documentation, including deployment guides, troubleshooting procedures, and infrastructure configurations to support secure and scalable operations.
Implemented security best practices and compliance policies across infrastructure, applications, and data environments to enhance the organization's overall security posture. Monitored and analyzed system logs and performance metrics to proactively detect anomalies, resolve issues, and optimize performance. Conducted detailed post-incident reviews to identify root causes, extract key insights, and implement lessons learned for continuous improvement. Led coordinated incident response efforts across technical teams, ensuring timely containment, resolution, and minimal business disruption. Performed routine vulnerability assessments to uncover weaknesses in systems and applications, and prioritized remediation efforts to mitigate exploitation risks. Managed comprehensive endpoint protection solutions-including Microsoft Defender, anti-malware platforms, disk encryption, and attack surface reduction (ASR) rules-ensuring consistent coverage and alignment with enterprise security standards. Handled daily security operations, reporting, and cross-functional communications, supporting efficient, well-documented, and compliant cybersecurity workflows.
As a Site Reliability Engineer (or DevOps Engineer, if more accurate), I was responsible for monitoring and maintaining Kubernetes and Docker container clusters to ensure high availability, performance, and system reliability. I scaled applications as needed, conducted deep log and metrics analysis to proactively identify and troubleshoot issues, and fine-tuned CI/CD pipeline performance. My role involved implementing security best practices across infrastructure, deployments, and data, while ensuring alignment with compliance policies. I actively contributed to post-incident reviews to identify root causes, document lessons learned, and drive continuous improvement. Additionally, I maintained detailed documentation for infrastructure setups, deployment procedures, troubleshooting protocols, and DevOps best practices, supporting smooth team operations and onboarding.
As a System Administrator, I managed end-to-end system operations with a strong focus on performance, security, and user management. I regularly monitored system logs, performance metrics, and dashboards to ensure stable operations and proactively identify anomalies. I handled user provisioning, access controls, and group memberships through Active Directory, maintaining security and compliance with organizational policies. My responsibilities included deploying system patches, software updates, and firmware upgrades to safeguard infrastructure against vulnerabilities. I diagnosed and resolved hardware, software, and network issues, escalating complex incidents when required. Additionally, I conducted regular security audits, implemented access control policies, and contributed to incident recovery efforts, ensuring business continuity and data integrity. I also documented audit results, system health reports, and best practices to support team efficiency and operational readiness.