Profileimage by Anonymous profile, Security Engineer

Last update: 11.09.2022

Security Engineer

Company: Rommaan LLC
Graduation: Masters Degree
Hourly-/Daily rates: show
Languages: German (Limited professional) | English (Limited professional) | Russian (Limited professional) | Spanish (Limited professional)




SIEMs, cloud, TOGAF, SABSA, penetration testing, WAF, IPS/IDS, firewalls, proxies, DLP, gateways, IAM, SIEMs and encryption, privacy, HIPAA, PCI DSS, ISO27000, NIST, NERC, FedRAMP, COBIT, SCADA, IoT, AWS, Azure, GCP DevOps and DevSecOps, HTML, CSS, JavaScript, React, Angular, NET Core, Python, Java, C#, C++, Node, Express, Swift, Bash, PowerShell, Docker, Kubernetes, OpenShift, Git, GitLab, GitHub, BitBucket, Jenkins, CircleCI, Terraform, data analysis, machine learning, Jira, ServiceNow, Confluence, Slack, Google, Active Directory, Bloodhound, Neo4j, database, Bash script, GitLab CI, FireEye, Tanium, Cisco ASA, PaloAlto firewalls, Aruba Airware, BlueCoat Proxies, McAfee ePO, BigID, Ping ID SSO, Splunk, syslog, Datadog, SDLC, application security, Java/React/PostgreSQL applications, APIs, Postgres, encryption, SIEM, data collection, DevOps, backend, open source, Slingr chaos-engineering testing toolkit, SSO, Logic, Symantec, Cloudformation, UI, mainframe, mobile application, C++, Objective C, PHP, JS, FISMA, Fortify, Checkmarx, Veracode, Coverity, IBM, open-source, CheckPoint firewalls, SourceFire, BlueCoat Proxy, ATA, analytics, web apps, PCI, FIPS, firmware, embedded security framework, ERP, ArcSight, Splunk clusters, virtual network, API, IT audit

Project history

06/2021 - 07/2022
Senior DevSecOps Engineer
Lending Club - Designed and implemented crucial elements of DevSecOps pipeline. Implemented Modelbased
Shift-Left procedures. Designed, installed, and tested Active Directory security evaluation solution in
AWS based on Bloodhound tool and Neo4j database. Automated the deployment with Terraform, and the tests
with a Bash script. Performed application architecture security assessment, SAST, DAST and penetration
testing of several corporate banking applications. Reviewed and improved security policies and standards for
BYOD strategy.
Evaluated security of the data analysis solutions like Databricks and Snowflake.

Highmark Health - Recommended and implemented optimal security approaches, methods, and tools to
secure enterprise business applications. Secured infrastructure and applications running on OpenShift
platforms and GitLab CI/CD. Improved security-related phases of the cycle. Maintained, analyzed, and
interpreted a threat intel database along with the best remediations. Ensured continuous security and quality of
software development through education and workshops. Implemented the latest DevSecOps tools and
processes for static, dynamic, container security and software composition analysis. Set-up and fine-tuned
vulnerability scans as well as the remediation procedures.

Equifax - Integrated WhiteHat Sentinel DAST platform in the CI/CD pipeline on CircleCI. Migrated critical
security solutions to the Google cloud, including FireEye, Tanium, Cisco ASA, PaloAlto firewalls, Aruba
Airware, BlueCoat Proxies, McAfee ePO, BigID, Ping ID SSO. Created operations documentation and
runbooks. Prioritized and onboarded information sources in Splunk. Performed synthetic testing of numerous
Splunk indices. Setup intermediary syslog collector server. Coordinated integration of Splunk capabilities into
the SOC's runbooks and escalation procedures. Updated FireEye HX agents on thousands of corporate
servers around the world with Tanium. Enhanced the change management process. Created health and
performance alerts and dashboards in Datadog on network and application level.

Lead a project of onboarding critical system credentials to CyberArk vaults. Automated detection of user
entitlement approvals in SailPoint.

05/2020 - 05/2021
Senior DevSecOps Engineer
Established and ran a full SDLC application security program and DevSecOps including the assessment of
requirements, architecture evaluation, SAST, IAST and pentesting of Java/React/PostgreSQL applications and
APIs. Trained analysts and documented reporting and remediation procedures and escalation steps.
Conducted a vendor selection and implemented security solutions in a CircleCI, GitHub and AWS setting.
Designed and implemented an information protection program for data at rest, in transit and in processing
including sensitive data discovery, classification, source correlation, Postgres database configuration,
credentials/certificates management and encryption. Planned and implemented an incident response and
business recovery program. Designed incident response procedures, implemented alerting and forensics
solutions, created and assigned roles. Conducted tabletop exercises and field tests to meet proper response
and recovery objectives (RTO and RPO). Built proactive threat detection and a SIEM-centered security
operations center. Established the change management program, including the solution (ServiceNow), roles
and monitoring of unauthorized changes and authority abuse. Planned, purchased and implemented Splunk
SIEM across the business replacing Scalyr and AlienVault, integrated data collection from various systems on
AWS, applied parsers and built series of security searches and dashboards. Handed off the solution to the
administrators and created wiki pages with knowledge transfer on Confluence.

06/2019 - 06/2020
Senior DevSecOps Engineer
Installed and configured tools and performed requirement review, architecture analysis, SAST, DAST, IAST,
SCA, RASP and penetration testing of the mission-critical applications. Conducted SDLC security integration
analysis on a number of mission-critical projects. Lead the application portion of the CCPA and GDPR
compliance initiatives. Introduced chaos engineering principles, tools and automation in DevOps. Created web
application with a python backend for open source Slingr chaos-engineering testing toolkit. Implemented Ping
ID cloud SSO authentication solution across the company. Implemented Sumo Logic SIEM across the
business, integrated data collection from various systems on AWS, applied parsers and built series of security
searches and dashboards. Used Terraform to stand several security solutions: McAfee ePO, Symantec DLP
and FireEye HX to comply with PCI DSS. Ensured that AWS Cloudformation configurations included proper
security settings. Assisted in company-wide encryption orchestration project. Built a web UI on top of the data
security and privacy monitoring system (BigId).

11/2017 - 05/2019
Senior DevSecOps Engineer
Designed and tested security for embedded systems (ARM) of several federal and state agencies, including
Texas DMV (streetlights), DoD (classified). Reviewed the security of web, desktop, server, mainframe, and
mobile applications. Built a web and mobile application that assessed architectures for security/compliance
and delivered interactive UX with reports and remediation plans. Analyzed security during all phases of the
SDLC in Java, C++, Python, Objective C, C#, Swift, PHP, JS including compliance with regulations
recommended adjustments. Created DevSecOps implementation integrations with Jenkins for continuous
security. Reviewed source code manually and with tools (Fortify, Checkmarx, Veracode, Coverity, IBM).
Traced and analyzed open-source components. Helped with incorporating security configs in Terraform selfservice
cluster. Conducted a statistical study of four leading application security products. Supported Splunk
deployment. Connected and parsed sources, enhanced speed and resilience. Developed and deployed
custom content for Splunk to discover APTs.
Used Ansible and Chef to stand configurations for several corporate security appliances (CheckPoint firewalls,
SourceFire, BlueCoat Proxy, CrowdStrike endpoint protection, Sumo Logic and others.

02/2013 - 10/2017
Contractor Security Engineer
Allianz (Oxford Global Resources)
Allianz (Oxford Global Resources) - performed migration from legacy systems to ArcSight. Built transition
backend in python for supporting enterprise security and compliance architecture, that automatically evaluated
capabilities and needs for security monitoring.

Cisco (The Select Group) - performed threat modeling and wrote security playbook for monitoring embedded
systems. Monitored and responded to embedded security alerts at plants and vessels at various customers of
MSSP. Supported SOC architecture for numerous large global clients based on a proprietary ATA system and
Splunk. Created a python backend server automating rules, playbooks and alerts, performing threat modeling,
and exposing APIs for the proprietary threat analytics platform (ATA) front-end.

BCBSNC (Matrix Resources) - managed ArcSight architecture, built a new content server with a database of
IOCs and exploits and exposed the APIs for internal security and compliance web apps. Wrote dashboards for
helping with technical SOC transition from the MSSP to the in-house model.

AT&T (Ingenious Solutions) - managed the analysis of the use cases and rule sets for PCI, HIPAA, FIPS and
other compliance in Splunk and Qradar. Created a web app for capturing customer security requirements and
matching them with MSSP capabilities and services. At an industrial control customer helped implement
security requirements in design of embedded systems, e.g., to make firmware updatable, limit access, create
and output meaningful logs, allow for integrations etc.

Xcel Energy (Horizontal Integration) - lead SIEM procurement project and implementation (LogRhythm).
Reviewed IT and ICS security requirements for core businesses as well as corporate functions throughout
eight states. Built PCI, NERC CIP compliance architectures. Implemented embedded security framework in
design and deployment of various CIP components from locks to RTUs to CCTV system on nuclear and power
grid objects.

Local Availability

Available worldwide
Available 1 time per month 2-3 days. US citizen, no European visa neded.


If you want to protect your valuable information and reputation from hackers you need an expert opinion on information security architecture, procedures, and technology. Information security is a complicated multidisciplinary subject that cannot be implemented by your technology team, operations staff, or even internal audit. With over 20 years of experience in the field, I have deep expertise in almost all aspects of enterprise security. My particular interest lies in protecting applications and managing enterprise monitoring systems like SIEMs. I have a masters in a data analysis discipline and most of my experience was accumulated in the United States. I served clients of all sizes operating in a variety of industries. I've always been able to maintain my expertise through constant learning. In addition to all current security laws and practices I keep a personal arsenal of approaches and tool choices. That helped me implement complete security solutions at many businesses like yours. You need to protect your money with an effective and efficient security. I am the expert. Contact me today!
Profileimage by Anonymous profile, Security Engineer Security Engineer