Ilia Tivin
Verified Expert in Engineering
Cybersecurity Expert and Developer
Singapore, Singapore
Toptal member since November 8, 2022
Ilia is a cybersecurity professional and a public speaker who has worked with clients in various domains such as government, defense, manufacturing, banking, and finance. He has designed secure, resilient, and adaptable architectures that stand the test of time. Ilia's broad background includes advising executive management on strategic security initiatives and how to progress them in the organization.
Portfolio
Experience
Availability
Preferred Environment
Windows, MacOS, Ubuntu, Threat Modeling, Secure Containers, Microsoft 365, Documentation, Security Advisory
The most amazing...
...result I've achieved during my career is training over 10,000 people in courses lasting from 45 minutes to five weeks.
Work Experience
Sessional Lecturer
James Cook University Australia
- Worked as a lecturer for cybersecurity (risk management, IoT security, and advanced e-security).
- Handled assessments, prepared course materials, and graded exams.
- Received stellar feedback from students on how my lectures contributed to their interest in cybersecurity.
Managing Director
Locked Jar
- Trained executive boards of companies with assets worth hundreds of billions.
- Established new frameworks and processes for companies to manage their incident response and change management processes.
- Helped secure funding for security departments in organizations based on devised strategies and stakeholder engagement efforts.
Customer Success Manager
Cisco
- Founded and led an internal cybersecurity and toastmasters community in the organization.
- Formed, interviewed, and established a new security success management team for the region.
- Created content and delivered weekly webinars for customers in the region to support global customer success teams.
Center of Excellence Hybrid Cloud Security Architect
Hewlett Packard Enterprise
- Designed multi-service and product architectures for governments, financial institutions, manufacturing companies, and others.
- Served as the point of contact for company security product vendors in the Asia-Pacific region.
- Managed an internal cybersecurity community of over 1,000 members across Asia and organized biweekly internal newsletters and learning sessions.
Business Development Manager
Hewlett Packard Enterprise
- Grew the security services business in Asia-Pacific and Japan (APJ) by 30% year over year.
- Trained security teams across Asia on new trends, security services, and stakeholder management.
- Devised successful multi-year sales and service strategies for the Asia-Pacific region.
Senior Security Consultant
HP Inc
- Designed and implemented solution architectures for projects worth tens of millions of dollars.
- Supported dozens of clients across the Asia-Pacific region on their security projects.
- Innovated the implementation of security monitoring and use cases for financial fraud and money laundering.
Security Consultant
Self-employed
- Managed large banking security projects and trained internal teams to analyze and respond to incidents.
- Served as a trainer for Symantec security products in the Middle East.
- Oversaw and managed the implementation of projects with an estimated worth of tens of millions of dollars.
Senior Cybersecurity Consultant
We!
- Managed a dozen clients and their deployments in different industries concurrently.
- Innovated deployment of projects that vendors passed on as being too complex.
- Oversaw sales cycles from the initial inquiry stage to the board presentations, justifications, and purchasing.
Experience
Virufy Secure Architecture
http://www.virufy.orgI designed the cloud architecture of Virufy to account for the solution's security, governance, and agile development. Furthermore, I was in charge of additional support in the form of compliance mapping, grant applications, testing of the other vendors' solutions, implementation, and management.
Critical Information Infrastructure Risk and Threat Modeling
The process commenced with an assessment of the corporation's existing methods and procedures, employing surveys and exploratory workshops to detect any deficiencies in its operations. I meticulously scrutinized the company's IT structure, including its networks, systems, and applications, to locate any weak points susceptible to cybercriminal exploits.
Using updated threat modeling methods, I managed to spot potential areas of attack and rank the risks, considering their probability and potential impact. I also checked the company's asset registers and earlier assessments to ensure critical assets were handled.
Based on what I found, I prepared a straightforward report for the company. It listed the risks and weak points we had identified, and I suggested some possible ways to lessen these issues.
Tabletop Exercises for the Board and Rewrite of Incident Response Procedures
Utilizing the knowledge of a specialized team, we examined past incident reports, existing procedures, and industry standards. This data informed our stakeholder workshops and guided our process.
Finally, I crafted a comprehensive security plan addressing the identified gaps, which was later presented to the company's board. They decided to significantly increase their security investments in the upcoming years, aiming to bolster their incident response and business continuity procedures. This work was a step toward enhancing the company's asset protection and reputation.
Education
Master's Degree in Management Studies
University College Dublin - Singapore
Bachelor's Degree in Information Management
University College Dublin - Singapore
Technical Diploma in Electronics, Micro-computers, and Software Engineering
ORT Israel - Arad, Israel
Certifications
Certified Information Security Manager (CISM)
ISACA
Certified Information Systems Security Architecture Professional (CISSP-ISSAP)
ISC2
ITIL 4 Strategist: Direct, Plan, and Improve
Axelos
Information Systems Security Management Professional (CISSP-ISSMP)
ISC2
Certificate of Cloud Security Knowledge v.4
Cloud Security Alliance
Certified Cloud Security Professional (CCSP)
ISC2
Certified Information Systems Security Professional (CISSP)
ISC2
Skills
Tools
System Security, VPN, Google Workspace, Symantec Brightmail, Cisco Umbrella, Graylog, Azure Network Security Groups
Industry Expertise
Cybersecurity, eLearning Design, Security Advisory, System Security
Paradigms
Management, DevSecOps, DevOps, Software Testing, HIPAA Compliance, Azure DevOps
Platforms
Windows Development, MacOS, Ubuntu, AWS, AWS, Azure, SharePoint Design, Microsoft Development, Duo, Linux, Cloud Engineering, Kubernetes, CrowdStrike, Blockchain
Storage
Database, Azure, Contabo, Database, Amazon S3
Languages
Assembly, SAML
Frameworks
COBIT
Other
Management Information, Security Management, Information Security Management Systems (ISMS), Incident Response, Security Assessment, Security Engineering, System Security, Cloud Engineering, Cloud Infrastructure, Cloud Computing, Disaster Recovery Plans (DRP), Business Continuity Planning (BCP), Business Continuity & Disaster Recovery (BCDR), Virtualization, Risk Assessment, Strategic Planning, SIEM, Security Architecture, Log Management, ICT Training, Advisory, Compliance, Security, IT Security, Threat Modeling, NIST, Information Security, IT Audits, Certified Information Systems Security Professional, Risk Management, Architecture, Cloud Security, CISSP, CISM, SOC 2( Service Organization Control), CISO, System Security, Technical Writing, Business Services, ISO 27002, ISO 27001, Cloudflare, System-on-a-Chip (SoC), Cloud Architecture, System Security, System Security, Incident Management, Monitoring, Audits, Microsoft 365, GRC, Security Audits, Critical Security Controls (CIS Controls), Lecturing, Security Design, Learning, AWS Certified Cloud Practitioner, System Administration, Documentation, Risk Modeling, Risk Analysis, Managed Security Service Providers (MSSP), Managed Services, Infrastructure, IT Project Management, Identity & Access Management (IAM), Application Security, Containers, Enterprise Architecture, System Development, Sustainable Business Management, SLA Management, Operating Models, IT Governance, Stakeholder Management, Capacity Planning, Data Loss Prevention (DLP), Encryption, Business, Sales, Business Development, New Business Development, Stakeholder Engagement, Vendor Management, Cisco, System Security, GDPR, Software Development Lifecycle (SDLC), SecOps, SSO Engineering, Regulations, International Data Privacy Regulations, IT Management, Vulnerability Assessment, Gmail, Asset Management, Systems, Assets, Request for Proposal (RFP), People Management, Intrusion Detection Systems (IDS), Leadership, Data Protection, Governance, Data Science, CompTIA, SaaS Security, Business Management, Research, Finance, Change Leadership, Organizational Change Management (OCM), System Security, Leadership Development, Knowledge Management, Culture Development, Electronics, Software Engineering, Microcomputers, Shell Scripting, Symantec, COPPA, Operations, PCI, AWS DevOps, CI/CD Pipelines, OWASP, SCIM, Crisis Management, Communication Coaching, Business Continuity, Secure Containers, Container Orchestration, Group Policy, Higher Education, Crypto, OWASP Top 10, Enterprise Cybersecurity, Artificial Intelligence, Active Directory (AD)
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring