Amsterdam, North Holland, Netherlands
• A cyber security professional with 10+ years of experience in the field • Strong believer in Agile Security and DevSecOps • Speaker and trainer on security conferences – BlackHat, DevSecCon • Valuable experience in software and web development as well as system and network administration • Proved adaptability in small companies and big corporate environment • Personal goal is to further advance his knowledge and contribute back to the global world of cyber security Specialized in: Penetration Testing, Secure Design, SSDLC, Threat Modelling, Source Code Review, Security Research, Vulnerability Management, Security automation, (D)DoS
Zero Science Lab is a Macedonian Information Security Research and Development laboratory that specializes in information security hardening, consulting, network security, vulnerability research, software and hardware assessment, penetration testing, forensics and much more... From its existence, Zero Science Lab has found vulnerabilities and weaknesses in a large number of world famous software packages and web applications which are widely used for accomplishing everyday computer activities. My responsibilities are: - Planning and execution of black-, grey-, white-box penetration tests - Mobile application security assessments - Source Code reviews - Vulnerability Research - Exploit development - Red Team and Social Engineering engagements - Incident Response - Malware analysis
- Leading Security Testing services - Setting up Application Security practice in a DevOps - Setup or migration to public cloud – Azure and AWS - Design and development of anti-phishing solution – PHINIX
IT.com.mk is a Macedonian web portal for information technology offering various content and services ranging from latest industry news, educational materials and white papers, web forums, IT blogs, IT TV (coming soon) and etc. IT.com.mk's mission is to educate, promote and support the Macedonian IT potential and help the development of this industry in the country.
- Managing a team of ~20 Security Engineers and Penetration Testers - Responsible of WoW, processes, Secure SDLC services - Providing security services to hundreds of DevOps teams in Agile environment - Define and maintain security requirements o Threat Modelling - Secure Design and Architecture review - Penetration Testing - Secure Source Code Reviews - Security automation in CI/CD pipeline(s) - Security Champions program and Security Maturity program - Developing internal security standards - SSDLC and Secure coding trainings for developers - Security Champions program and the Security Maturity program
Part of the CIO Security squad with primary responsibility to provide: - Application penetration testing - Infrastructure and Network penetration testing - Source Code review - Threat modeling - Secure Design reviews and advisory - Define domain wide security requirements - Build and implement Security testing automation (in a CI/CD pipeline) - SSDLC and Secure coding trainings - Red team and social engineering engagements The biggest challenge we are facing is providing these services to hundreds of devops teams in an Agile environment. Additionally I am responsible for the intakes/technical intakes, development of security solutions and services, leveraging a robust technology portfolio, to address complex industry recognized information security trends and challenges faced by our respective clients. I also provide assistance with the delivery of pre-sales and post-sales support of the technical security solutions and services.