Dmitrii Sokolov

Product presentation and selection prior to customer's preferences, maintenance of local product virtual testing environment, technical support, deployment and product PoC's in customers' infrastructure.

• Development of PoC and reporting documentation according to the ongoing projects;
• Technical support and problem solving for various solutions in diverse customer environments;
• Organization of communication between all project participants, including integrator/distributor, vendor and customer sides;
• Proprietary vendor certification;

Vast experience in administration and deployment of VMWare ESXi, Windows Servers (Active Directory, IIS, DNS etc.), Microsoft SQL DB, most commonly-used Linux distros.
Deep knowledge and expertise in following solutions:

• DLP:
  – Forcepoint (Web Security Proxy, Email Security, Endpoint);
  – SkyGuard (Web Security Proxy, Email Security, Endpoint).
• EDR/XDR/MDR:
  – Fidelis Elevate;
  – Cynet;
  – SentinelOne cloud platform.
• Vulnerability Management:
  – Tenable cloud platform.

Online teaching competencies including:

• Cybersecurity fundamentals, risks, GDPR, asset management, standards and frameworks (NIST, BSI, TUV, ISO 27001/02 etc.);
• Government compliance with real examples;
• Introduction into cybersecurity roles, responsibilities and job positions;
• Introduction into cybersecurity market and most commonly-used solutions, such as NGFW, ZTNA, NAC, PAM, EDR XDR, MDR, DLP, VM, Web proxies, MTA, MDM, DB Security, IAM, WAF, CASB along with real life schemes, battlecards and technical specifications;
• Student training for passing CompTIA Security+ 701 exam.

Participated in documentation and technical development of local cybersecurity division and infrastructure according to 48th NBRK compliance, including SOC:

• PoC organization in accordance to cybersecurity needs and pains;
• Solution deployment and support;
• Asset management lists compilation, discovery, network mapping and internal pentesting;
• Documentation/inner compliance development according to ISO 27001/02 and Kazakhstan laws.

Successful deployment and maintenance of various cybersecurity products, including:

• FIM;
• DLP;
• MDM;
• PAM;
• SIEM;
• EPP;
• Fortinet hardware and software solutions.

Product presentation and selection prior to customer's preferences, maintenance of local product virtual testing environment, technical support, deployment and product PoC's in customers' infrastructure.

• Development of PoC and reporting documentation according to the ongoing projects;
• Technical support and problem solving for various solutions in diverse customer environments;
• Organization of communication between all project participants, including integrator, vendor and customer sides.

Deep knowledge and expertise in following on-premise solutions:

• DLP (Digital Guardian, Forcepoint, ESET Safetica, GTB Technologies);
• EDR (Check Point Harmony).

Participated in documentation and technical development of the unified endpoint image project:

• Development of the standard workstation image based on the Debian Linux, including integration into existing Active Directory-based environment;
• Tuning and configuration of syslog-ng/auditd in conjunction with MaxPatrol SIEM;
• Configuration of local system security policies based on the built-in software, including password policies, access rights, user permissions, as well as agent-based solution for centralized Linux management;
• Udev rules development for USB-device filtering;
• Administration of Kaspersky Endpoint Security client/server for Linux;
• Integration of user Linux-based machines with Active Directory domain system through bash and python scripts involving sssd/winbind services;
• Deployment, configuration and technical support of Wallix PAM solution;
• SOC engineering activities in conjunction with MaxPatrol SIEM, including incident response, Linux-based host event normalization, reporting;
• Pentesting based on Kali Linux;
• Bash script development in combination with cron and mutt;
• Internal compliance development according to ISO 27001/02.

Administration and maintenance of the following cybersecurity solutions:

• Secret Net Studio; MaxPatrol 8 VM, InfoWatch Traffic Monitor (DLP).

Assisted in deployment of the newly-created SOC based on MaxPatrol SIEM according to 187th federal compliance:

• Workstation image development based on Linux, including implementation of Hardware Trusted Authentication Modules;
• Configuration of Astra Linux Directory, syslog/auditd, winbind and kerberos in conjunction with Active Directory and MaxPatrol SIEM;
• Compliance documentation development;
• Secret Net Studio solution deployment and administration.

Technical specification and image development for customers from FTS according to project needs:

• Preparation activities for implementation of Linux standard image for FTS CA in combination with proprietary FTS software, crypto-provider software, necessary drivers, tokens and Hardware Trusted Authentication Modules;
• Organizational activities between end customer and OS developers.

Participated in the following tasks and projects:

• Deployment, administration and support of a testing environment for Federal State Information System of Civil Status Act Registration Agency based on Linux image, participation in assembly of the standard project OS image, cooperation with vendors dedicated to upgrading and fine-tuning of image;
• Preparation for the organization's acquirement of the FSTEC's permit for laboratory examination of cybersecurity software;
• Deployment and support for Infowatch Traffic/Device Monitor solution integrated into FTS data center's network;
• Development of the perspective FTS employee's workstation Linux image including Wine software in testing environment;
• Documentation development, including internal compliance in accordance to ISO 27001/02.