π§ sapran@gmail.com π https://styran.com π Kyiv, Ukraine
Vlad Styran is an internationally known cybersecurity enthusiast, security leader, and ethical hacker with primary areas of expertise focused on Penetration Testing, Social Engineering, and Security Awareness. To help companies better protect their critical data and staff from modern cyber threats, he has created a unique methodology of identifying, assessing, and treating "human factor" security issues.
At Berezha Security, Vlad is responsible for the delivery of first-rate security assessment services. He consults the clients on a broad range of cybersecurity matters, such as application/software security, cybersecurity awareness, bug bounty programs, security policy, and compliance.
Since 2011, Vlad co-organized UISGCON, the largest Ukrainian information security conference at the time. In 2018, he co-founded NoNameCon, the flagship cybersecurity professional conference in Ukraine. He is a co-leader of the OWASP Kyiv chapter, a notable blogger, podcast producer, and conference speaker.
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Offensive Security Certified Professional (OSCP)
- ISO 27001 Lead ISMS Auditor (ISO27001LA)
- Certified Ethical Hacker (CEH)
Proven leadership skills; efficient recruitment abilities, talent development, and staff coaching.
Strong presentation and persuasion skills; ability to train, educate, inspire staff, and transform organizational culture.
Network, application, and social engineering penetration testing; clean, prioritized, and actionable reporting; business-focused risk management.
In-depth knowledge in organizational processes, information security management and Audit, operating environments, databases, networks, cloud technology, and software development.
Practical knowledge of regulatory compliance and security standards: PCI DSS, PTES, OWASP, NIST SP800, ISO27000, COBIT.
MS in Applied Mathematics and Mechanics, Chernivtsi National University, Chernivtsi, Ukraine, 2002.
English β fluent. French β good user.
Co-founder, General Coordinator, No Name Events (Professional Event Management), October 2017 β present
Bringing the Ukrainian professional cybersecurity scene to the next level by co-organizing the 100% community-built practical cybersecurity conference: NoNameCon.
Co-founder, VP of Business Development, Berezha Security (Information Security Consulting), November 2014 β present
Pursuing the dream of building a high-quality security consulting company that lets business, expertise, hacker community, and public interest help each other survive and thrive in cyberspace.
Head of Information Security Center of Excellence, LUXOFT (Software Engineering Services), June 2014 β August 2016
He raised the Information Security consulting practice from the point of in-depth resource and demand crisis to the level of high availability, sustainable growth, and company-wide recognition in one of the largest global software engineering service providers.
Deputy Head of Information Security Consulting Services Department, Head of Security Assessment Team, BMS Consulting (Information Security and IT Integration), February 2011 - June 2014
Opened, raised, and secured viable profitability of a new line of business by creating, growing, and developing the most successful team of penetration testers in the country.
Increased the corporate internal controls' coverage and effectiveness by extending the IT General Controls framework by 40% while keeping staff growth at 25%. Identified and facilitated timely remediation of several business-critical security issues.
Helped attract new business opportunities by establishing the Information Security Management System in line with ISO 27001 requirements and adopting a risk-based approach to customer data treatment and service delivery. Improved infrastructure security by implementing centralized software update management, malicious web and email content filtering, and role-based access control.
Information Security Engineer, Jet Infosystems (Information Security and IT Integration), Nov 2005 β Dec 2007.
Helped numerous clients in Eastern Europe and Asia increase their security posture by integrating Data Loss Prevention, Virtual Private Network, and centrally managed Firewalls solutions. Identified and helped remove multiple critical security issues by providing controlled Vulnerability Assessments.
Initiated the processes of IT security operations company-wise. Increased infrastructure security through systems hardening and migration of applications to inherently less vulnerable platforms. Established the culture of security incident response.
SBK (2005), Ukrtelecom (2002-2004), Bank βUkrainaβ (2001).