Pawel Piotr Maksymiak available

Pawel Piotr Maksymiak

Big Data Engineer (SysOps/SecOps) / Security Engineer, Big Data Engineer (SysOps/SecOps) / Security

available
Profileimage by PawelPiotr Maksymiak Big Data Engineer (SysOps/SecOps) / Security Engineer, Big Data Engineer (SysOps/SecOps) / Security from London
  • E143HB London Freelancer in
  • Graduation: Masters of Science in IT Technology, Engineering Degree in Computing, Certification in Robotics
  • Hourly-/Daily rates: not provided
  • Languages: German (Elementary) | English (Native or Bilingual) | Polish (Native or Bilingual) | Ukrainian (Limited professional)
  • Last update: 30.06.2021
KEYWORDS
PROFILE PICTURE
Profileimage by PawelPiotr Maksymiak Big Data Engineer (SysOps/SecOps) / Security Engineer, Big Data Engineer (SysOps/SecOps) / Security from London
ATTACHMENTS
PAWEL_PIOTR_MAKSYMIAK_RESUME

You need an account to view this information.

SKILLS
IT Engineer with specialization in varied cyber defense systems and big data/cloud/distributed processing infrastructure – including system integration, reliability engineering, operations support, implementation, automation, and deployment. I have been designing, building, testing, auditing, and deploying variety of systems from quantum chemical data processing R&D research systems for European Chemicals Agency, Big Data processing systems for Deutsche Bank, NRB, Enstar and Cyber Defense Systems for G4S, Intel, PTSB, Deutsche Bank, EU Mission in Georgia, Tbilisi and National Grid. For the recent years I have been involved in projects within highly confidential and classified environments both for government and private sector.
For my recent clients – for Enstar (USA/UK) I have been responsible for supporting and deploying whole distributed infrastructure used for data engineering/processing together with code deployment and automation, for G4S (Private Security/Military Contractor) I have designed Decentralized Machine Assisted Rapid Response Security System used in infrastructure monitoring, cyber response and cloud security forensics, earlier for Intel Security I have been involved in Department of Defense Project: Sharkseer – threat detection platform and for National Grid I have been responsible for forensics analysis and neural network applications used in infrastructure threat automation and monitoring.
Technologies: Big data, Cloudera, Hadoop, Linux, system engineering, data engineering, architectural design, distributed systems, cyber security/defense, threat analysis, machine learning, neural networks, clusters, cloud, cryptography, GCP,BigQuery,Pub/Sub,DataFlow, AWS, SIEM, data engineering, bash, python, system automation, data mining, KNIME, Informatica, BigQuery, DevOps, SysOps, SecOps, Splunk, Docker, KAFKA,KUBERNETES, MITRE ATT&CK, CAPEC.
PROJECT HISTORY
  • 12/2020 - Present

    • NATIONAL GRID, London, UK
    • >10.000 employees
    • Energy, water and environment
  • CYBER DEFENSE DATA ANALYST
  • Position: Cyber Security Engineer / Cyber Security Data Analyst
    Project: Infrastructure security project (infrastructure logs from electric processing grid and other crucial national systems)
    • Design and implementation of neural network event alerting system in SPLUNK and other IT Security tools, performing forensic analysis from variety of logs and data including police security records and other confidential data sources. DMARC analysis and other cyber security tasks (log analysis from variety of tools (Tamium/Dragos) and investigations). General automation of threat discovery utilizing MITRE ATT&CK matrix and CAPEC, system configuration and security engineering (SIEM).
    Highlighted Accomplishment: Conversion of neural network model for automation of infrastructure threat monitoring and  alerting.

  • 11/2017 - Present

    • ENSTAR (PRIVATE CONSULTING), London, UK
    • >10.000 employees
    • Banks and financial services
  • Big Data System Engineer
  • Position: Big Data System Engineer (SysOps/SecOps) / Security System Engineer
    Project: Multiple Big Data platforms architecture design, engineering, operation reliability support and security.
    • Reliability engineering and infrastructure/operations support of multiple distributed/containerized systems/big data clusters (Cloudera/Hadoop/Kubernetes/Docker) together with data processing (Informatica/KNIME, ATTUNITY). Responsibility for cluster TLS/SSL configuration within existing PKI and Kerberos infrastructure on site, pen testing reports analysis, code and system auditing, service security configuration, architecture and encryption according to NCSC (Nationa l Cyber Security Centre) guidelines. Varied security implementations and engineering security policies and security audits, disaster recovery solution engineering, building new production ready environments on new machines. Linux (RedHat) system engineering and automation (BASH scripting, Ansible, Python) tasks including variety of test builds on AWS/GCP/AZURE. Supporting of approximately 150 operations that were synchronizing insurance data in USA and processing terabytes of data every day. Ongoing support of ETL/Data mergers deployment processes after company acquisitions.
    Highlighted Accomplishment: Additionally, to ongoing cluster and infrastructure engineering tasks I have managed to save client around 150k GBP per year on hardware upgrades by performing intensive code testing and tasks automation.

  • 08/2019 - 01/2020

    • G4S, London, UK
    • >10.000 employees
    • Other
  • Big Data System Engineer (Cyber Defense Project)
  • Position: Big Data Engineer (SecOps) / Security System Engineer
    Project: Hybrid Neural Network Machine Assisted / Network Cyber Defense Platform for Global Threat Monitoring (SIEM).
    • System, Data Engineering Design and implementation of machine assisted security analysis, response and monitoring platform utilizing variety of backend databases to visualize and analyze state of cyber security landscape globally, implementation of GCP based services and architecture of cyber security system that was utilized for auditing, threat discovery and cyber response. Injection of new dynamic data sources also outputs from security tools, parsing and engineering of security data backends (Vulnerability Scanners – Tenable/Nessus, Cisco Umbrella, Tamium, Dragos, Antivirus, firewalls - approx. 75 different logs and system information files), cloud security system engineering from concept to fully working product. Extracting new threat intelligence from logs and implementing them in the system using neural network algorithm.
    • Improving data, data mining approach, data injection pipelines, generating output from hundreds of security and business systems (100+ countries), cloud cost analysis – lowering price of query and tuning up data mining. Utilizing machine learning algorithms within risk profile engineering domain. Requirements analysis for cyber security system engineering within cloud and outside.
    Highlighted Accomplishment: Implementation of Hybrid AI - machine learning/algorithmic based system to monitor unsecure sites/devices from within the 150k devices available in whole organization. Sites were classified based on the various aspects like conflict region, military base or government site. Evaluation algorithm I have designed was being executed within total of 100-120 secs and extracted several TB of threat data from bigger datasets (DNS was almost 4 PTBS), extracting risk profiles from variety of datasets allowing organization to better respond to cyber threat (also automatically by controlling the machines from the cloud brain).

  • 05/2017 - 08/2017

    • Network Research Belgium, Liege, Belgium
    • >10.000 employees
    • Public service
  • Big Data System Engineer
  • Position: Big Data System Engineer (SysOps/SecOps) / Security Engineer
    Project: Big Data Platform for Multiple Clients – Security Audit testing, Secure Warehouse Engineering
    • Deployment and configuration of Big Data Warehousing solution used by Image Processing framework based on HADOOPservices. Design and automation of security and system integration validation tasks in bash automation framework (in total around 3500 automation security and authorization tests). Configuration and ongoing technical support of multiple Big Data services including security architecture analysis and design. Disaster Recovery and HA procedures engineering, system development and audit tests engineering and evaluation.
    Highlighted Accomplishment: I have designed and implemented whole system to structuralize user access across multi user data warehouse – together with auditing tasks to prove data security across whole environment.

  • 10/2016 - 05/2017

    • Deutsche Bank, Frankfurt, Germany
    • >10.000 employees
    • Banks and financial services
  • Big Data System Engineer
  • Position: Big Data System Engineer (DevOps/SecOps)
    Project: Cyber Security Big Data Data Analytics Platform Deployment based on Cloudera and additionally Splunk based Big Data
    solution for cyber defense machine data logs analysis (Secure Data Lake).
    Design, engineering, architecture evaluation and technical support of Big Data Hadoop cluster including integration and system
    automation using custom scripting and Talend workflows, platform security evaluation, cluster monitoring, setup and
    administration. Complete setup and security evaluation (Kerberos/PowerBroker/TLS/SSL) of whole data pipeline from architecture
    overview, to system engineering and deployment. Installation and troubleshooting of all relevant services of Hadoop stack like
    KAKFA, FLUME and other related services, building working distributed cluster on new machines (in Dev, UAT and Production
    environment) including packets and database installation and other support activities.
     Automation of configuration for relevant components of developed system, cluster automation (Ansible) assisting developers
    with data automation, system deployments and general technical support related to big data platform including components
    installation, machine commissioning and deployment and troubleshooting automation combined with log analysis using
    Splunk. Cluster deployments and configuration – testing and configuring Kerberos security, preparing systems for cluster
    deployments, developing bash/ python system automation scripts. System integration troubleshooting, configuration files
    deployment. Splunk based data processing framework deployment – machine logs Data Lake based on Splunk and HDFS
    integration, whole system deployment from architecture to the final state with additional documentation.
    Highlighted Accomplishment: Big Data Lake from Architectural concept to fully working secured environment combined with
    data injection pipelines and SPLUNK analysis framework engineered from scratch (business ready big data system that was
    pumping terabytes of data into the data lake used by threat analysts to secure the whole infrastructure of Deutsche Bank).

  • 07/2016 - 10/2016

    • Permament TSB, Cork, Ireland
    • 1000-5000 employees
    • Banks and financial services
  • Cyber Security Test Analyst
  • Position: Security Test Analyst / Security Engineer
    Project: Privileged Access Management System Deployment (first deployment in Ireland).
     Analysis and preparation of Privileged Access Management system together with security Use Cases analysis and system
    deployment configuration. Managing whole deployment and testing process including defining test approach, test plan, test
    cases development, security risk analysis, cluster management test, disaster, recovery and high availability evaluation, CA
    PAM features evaluation and configuration, complete configuration of the security appliance to be consistent with PTSB
    procedures.
    Highlighted Accomplishment: I have designed compliance tests and whole deployment system engineering approach (Privilege
    Access Management System).

  • 07/2015 - 12/2015

    • European Union Monitoring Mission , Tbilisi,Georgia
    • 5000-10.000 employees
    • Public service
  • CIS Officer
  • Position: CIS Officer
    Projects: Test and deployment of security software within organization infrastructure. Assessing GPO policies resulting in
    discovery of serious security breach related to satellite data leak (related to confidential classified information), configuration and
    scan of internal infrastructure using NESSUS/NETEXPOSE and other relevant software to discover hostile activity and any breach
    attempt. Analysis of security logs and deployment of PowerShell based automation scripts, testing infrastructure and cryptological
    equipment configuration (Globull AES encrypted hardware device for satellite and other highly confidential military data),
    confidential data management project and security systems deployment.
     Monitoring Mission’s requirements in terms of Communication and Information Systems with the aim to improve
    functionality, performance and security aspects through technical upgrades. Checking feasibility of technological upgrades
    through cost/benefit analyses in view of current and future requirements while visualizing their impact on the present
    infrastructure in terms of several technical and practical aspects including day to day management efforts.
     Configuration of military grade cryptographic devices (Globull), removing security information (satellite images and other
    highly confidential military grade data) using appropriate algorithms – DOD approved 5220.22-M and others relevant security
    procedures. Test and deployment of auditing software and other real time enterprise highly critical security software.
    Upgrading and configuration of networking equipment using security guidelines. Assessment of security issues and supporting
    server administrator with automation tasks and security policy development. Supporting of IT infrastructure including system
    installations, data migration, GIS and other software test and deployment, technical helpdesk and other engineering duties
    related to overall cyber. Performing hardware/software installation/maintenance tasks on server, network and security devices.
    Monitoring classified information handling and managing voice/data encryption devices, auditing data analysis.
    Highlighted Accomplishment: Involved in pioneering system auditing aimed to increase security within cyber landscape in
    relation to organization goals. I have been part of Defcon support team and discovered several important security issues within
    organizational network used to store satellite images of army movement in regions that separated from Georgia after war in 2008
    (Abkhazia and Southern Ossetia).

  • 05/2014 - 03/2015

    • Intel, Cork, Ireland
    • 5000-10.000 employees
    • Public service
  • Security System Test Engineer
  • Position: Security System Test Engineer / Big Data DevOps Engineer
    Projects: Intel Cyber Security Backend, EPO and Big Data Backend: Private Cloud Project for Intel Security (for federal agency
    client in USA – Project SHARKSEER – Zero Day Net Defense System for Department of Defense, USA). I was also member of
    DEFCON team responsible for critical patching activities during GHOST/HEARTBLEED/SSLPOODLE/SHELLSHOCK
    vulnerabilities discovery. Assuring that designed Cyber Defense Platform is able to work fully independent from the Internet, using
    complex machine learning algorithms for threat detection. Final system was transferring several trillions of security data records
    and was able to classify in real time threat from IDS logs.
     Analysis and deployment of multiple complex cyber defense system components (2 main cybersecurity systems containing
    15+ components each) based on Big Data and Private Cloud infrastructure, deployments and management of multi-layered
    cybersecurity systems, improvement/tuning up related to appropriate system functions, system automation engineering.
     Responsibility for performance tests of distributed security system combined with engineering diagrams preparation for
    development and lab. engineering department, pre-deployment of whole system for demo and technical support, client demo
    presentation and responsibility for system analysis. Additionally, during vulnerabilities discovery (Ghost, Shellshock and SSL
    Heartbleed) I have been involved in planet wide system patching for Intel cyber defense back end.
    Highlighted Accomplishment: Involved in Private Cloud initiative aimed to re-engineer existing solution into complete network
    independent system utilizing big data technologies that was being used by US Federal Government organizations (SHARKSEER
    Project, Department of Defense) to secure most crucial infrastructure related to national security.

  • 06/2011 - 01/2014

    • European Chemicals Agency, Helsinki, Finnland
    • 500-1000 employees
    • Public service
  • Scientific IT Engineer
  • Position: Test Engineer/IT Developer/Data Analyst/Scientific IT Engineer
    Projects: IUCLID and Reach EU projects, multiple additional Big Data mining projects, scientific data engineering projects for
    variety of organizations including EU Commission, Enforcement Agencies of EU Governments related to supporting fraud
    analysis. Designing and implementing main data mining and systems solutions based on multiple IT technologies used during data
    evaluation and scientific R&D. Supporting computational scientists with complex scientific projects.
     Supporting scientists with IT Engineering tasks in relation to chemical informatics and quantum chemical scientific data
    processing. Scientific software management and integration, computational algorithms development and testing, upgrades and
    integration of IT solutions based on varied technologies, automation of scientific data analysis, data mining of big data sets
    using variety of tools and techniques (Python, JAVA, KNIME), engineering support of processing infrastructure used in C3
    computational assessment, deployments of scientific databases, warehouses, servers, scientific software maintenance.
    Highlighted Accomplishment: Several system engineering projects in relation to ECHA initiatives – including IUCLID / REACH
    /CLP / BPR and PIC legislation – aimed to improve chemical safety within EU. I have been involved multiple Chemical
    Informatics projects (QSAR).

TIME AND SPATIAL FLEXIBILITY
I am interested in UK / USA / Europe or Worldwide if necessary
OTHER
Please evaluate my technical resume, I am very flexible considering location - basically worldwide if project is interesting. I am security cleared (it means 10 years of my life was screened by both EU and NATO relevant agencies - including transactions, internet activity and other relevant police records). I have been involved in green field projects in relation to cyber defense and created something similar to  Machine-Assisted Analytic Rapid-Repository System (MARS) (by DIA, US) - I have been utilizing neural networks to scan infrastructure and blue team automation engineering. 

Please do not hesistate to contact me in case of any queries.
GET IN TOUCH

Message:

Sender: