Istvan Balazs

- Developing hardened cyber security solutions to protect against zero-day threats. - IT Security & Audit Policy Implementation - Vulnerability Management: Nessus, OpenVAS, Nmap , Qualys - Security Posture Assessment: Guiding organizations through the 7 steps of security testing (pre-engagement to remediation) - Strategic Penetration Testing: used frameworks (OWASP, Cobalt Strike, Metasploit, OSSTMM, PCI DSS, NIST CSF, PTES) - Expertise in designing, implementing, configuring, and maintaining ELK SIEM

1. Coordination of Cyber Security tasks: - Penetration Testing - Patch Management - Vulnerability Management - IAM: Identity Access Management - Security Event Logging And Monitoring - PUAM: Privileged User Access Management 2. Coordination of BRIDGE/NFR project's tasks related to Data Privacy&Security: - Matrix Audit testing and audit preparation - Data Anonymization - Supervision of Cyber Security Review/Approval of various Product and Services’ design & development related CM, IA, HLD, CR documents.

Main Duties & Tasks: - Data Privacy Integration Project Management, - Data Protection Management, - Data Privacy Protection, - Data Privacy Impact Assessment and Analysis - Data Privacy Risk Management

- Security operations: Real-time analysis of immediate threats - Cyberrisk and cyber intelligence - Security Investigations and Forensics - Data loss and fraud prevention - Security architecture Design and Planning - Identity and access management - Program management: - Governance

- Cyber Security Advisory and Consulting - Automated Proactive Cyber Security Protection as a Service - Supervision of IT Security Operations & Incident Management - EU GDPR Compliance GAP Assessment, Analysis and Remediation - EU GDPR Organizational & Technical change/re-adjustment Assistance - EU GDPR Law Compliant Products & Solutions Implementation - EU GDPR Data Protection Impact Assessment - Unix/Linux/Windows OS Server Hardening - Supervising Penetration Tests and Vulnerability Assessments

• Enhancing security team accomplishments and competence by planning delivery of solutions. • Determining security requirements by conducting system security and vulnerability analyses and risk assessments. • Planning network & application security systems by evaluating (OpenVPN, IPSEC, Light SSL VPN), routers, perimeter and web application firewalls and related security designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures.

Managing and supervising the development of Encrypted E-mail and Web Security Solutions and Online IT Security Services.

* Managing and Designing the Development of ThunderPort IT Security Solutions: L7 Firewall, Web/Email Content Filter, IDS/IPS, VPN. * Conducting IT Security Audits and Vulnerability Assessments. * Giving presentations about the company’s R&D Activity at EU Commission’s INFOSEC Meetings, Hungary’s Defense Ministry, Budapest Chamber of Commerce * Consultance and Advisory Regarding Data Privacy, * Designing and implementing the complete Security Infrastructure for several Governamental organizations

Course/Curriculum Developer, Enhanced Network Security Course Instructor and Examiner for IT Security managers and professionals attending the training from the government, corporate(telecommunication, banking, financial institutions) and industrial sector.

• Protecting the international multi-site computer networks dealing with classified information, from industrial espionage and hacker attacks, working as a IT Security staff, responsible for supervising the IT infrastructure integrity, confidentiality and availability of more than 2500 internet connected workstations and servers. • Conducting system security and vulnerability analyses and risk assessments while maintaining security by monitoring and ensuring compliance standards, policies and procedures.