E-mail: pece at predragtasevski.com
Web page: http://predragtasevski.com
Nationality: Macedonian and Bulgarian (EU Citizen)
OBJECTIVE RESEARCH INTERESTS
SME in cybersecurity, risk assessment/management, incident handling, awareness, blockchain and digital forensics. He worked as Senior Cloud Security Engineer and as a Cyber Security Control Manager. He has more than 10 years working experience in information security, data/policy protection, risk operations, training/lecture, IT author, cyber insurance, cloud security advisor, incident responder, researcher and hacktivist. He is an ISO27k, MCT and Cloud certified. And holds a M.Sc. in Cyber Security and Post-Master in Security in Computer Systems and Communications.
November 2018 - April 2019
Senior Cloud Security Engineer (Acting as a Head of IT-Security), Verimi GmbH, Berlin, Germany
- Define and interact security checklist/requirements/recommendations for software development (DEV) and cloud operations (OPS) teams
- Point person discussing security gaps details for stakeholders, partners and vendor security questionnaires
- Enhancing and hardening the security posture of cloud infrastructure, tools and services
- Design security incident handling process, monitoring and procedure
- Mitigate risk exposure and document the residual risk
- Write documentations for eIDAS substantial level of assurance
- Determine implementation and compliance for QES requirements
- Define penetration testing scope
- Design IT Security Concept and security culture
February 2018 - October 2018
Senior Security Consulting Consultant, Accenture, Berlin, Germany
Project 1: Role - Project: Cloud Security Advisor, Global Bank - Frankfurt
- Support project in migrating from on-premises into hybrid cloud solution in developing a sustainable and compliant security architecture and cloud readiness
- Establish IaaS Security support inside the Cloud Foundation Cluster - by defining Cloud Computing Security Controls and establishing team work with multi-stakeholders
Project 2: Global E-Commerce Traveling Agency
- GDPR HR assessment focusing on organisational, application and access management (IAM) gap findings and provide remediation actions to improve IT compliance
- Assessment focus on the following applications: Workday, SAP HR, and Greenhouse
March 2016 - January 2018
Business Functional Analyst/Security Controls Manager (Freier Beurater), ENFINA- Security s.r.o, Eschborn, Frankfurt am Main, Germany
Project 1: Business Functional Analyst (Freier Beurater)
- Global Bank - Non Financial Risk Operation Team
- Deploying, maintaining and managing two Non-Financial Risk Operation applications
- Migrating Oracle database servers from IBM to HP
- Working with business stakeholders in ITIL and Agile process to meet the regulatory, compliance and technical requirements
- Managing the change assurance lifecycle - systems development life cycle (SDLC)
Project 2: Security Controls Manager (Freier Beurater)
- Security Configuration Control Management
- Subject Matter Expert (SME) for creating Business Requirement Documents (BRD) for new prioritisation framework according to NIST Common Configuration Scoring System (CCSS)
- Improvement of Security Configuration Control Management (SCCM) tool for the security compliances
- Enhance implementation of security policies, technical implementation from: CyberArk, IDS/IPS solutions, server access control and vulnerability scanners
June 2012 - Present
Founder, CyberSecurity.mk, Kumanovo, Macedonia
- Development of dynamic web content sites (Drupal, WordPress)
- Implementing: PKI solution, fuzz testing (web testing, network protocol testing, etc.)
- Implementation of real-time web filtering solutions, web filter and security, web proxy solutions
July 2014 - December 2014
Intern: Cyber Security Researcher, iWE, Sophia Antipolis, France
- Developing cyber security services: Incident Response, Digital Forensics, Cyber Audit, Cyber Risk Assessment and Pentesting
- Research of a novel approach and tool for cyber risk assessment and audit projects within critical information infrastructure (CII)
- Design and Develop a Cloud Security Architecture – zero knowledge data at REST
Feb 2014 - Sep 2015
Visiting/Remote Lecture, University of Donja Gorica, Podgorica, Montenegro
- Develop, design the scope and delivered a course study on two subjects: cyber crime and digital forensics
- Two semesters spring 2014 and 2015
May 2009 - Aug 2010
Teacher/Admin, Narodna Technika Kumanovo, Macedonia
- Designed and delivered programming and computer courses for different age groups.
- Performed System Administration tasks and involved in building security solution for ISP and Radius technology.
- Developing dynamic (WordPress, Drupal, CodeIgniter) and static web sites.
Dec 2008 - April 2009
Technical Author, INACON GmbH, Kriegsstrasse 154, 76133 Karlsruhe, Germany
- Designed and write technical product documentation for GPRS/UMTS & LTE telecommunication protocol and implementation in Wireshark application for troubleshooting
May 2007 - Oct 2008
Team Manager Class, Stream International Bulgaria, Business Park Sofia Building 3, Bulgaria
- Design, develop and delivered trainings for more than 100 personnel for: customer (tier 1), technical (tier 2 & 3), tools and process training for Microsoft products.
- Coaching and deliver first help support for advanced troubleshoot issues
2013 - 2015
Post-Master (Diplôme d’Ingénieur de specialisation) in Security in Computer Systems and Communications
EURECOM – Campus Sophia Tech, Biot France
Awarded with scholarship Labex UCN@SOPHIA
2010 - 2012
Master of Science in Engineering, Concentration: Cyber Security
Tallinn University of Technology (TTU) and Tartu University, Estonia
Awarded with scholarship DoRa 9
Title of Thesis
Interactive Cyber Security Awareness Program - ICSAP
2003 - 2009
Bachelor degree in Informatics
New Bulgarian University, Sofia, Bulgaria
Title of Thesis
2002 - 2003
High School in Informatics
Champlin Park High School, Minnesota, USA
Is an application developed in Java platform programming language as on purpose of no additional requirements of library or platform independence. Messenger-Pigeon is an application with client-server software architecture. The interface it is very simple and easy to use for all different ages. It is simple and easy of configuration and setup the server with the two different database sources (ODBC and MySQL). Messenger-Pigeon as an LAN Chatting Messenger can be used in business and home environment.
Course Management System
ICSAP is prototype web based application for the management of the syllabus. CMS or in other words Learning Management System (LMS) is a software application for administration, documentation, tracking records, scoreboard and reporting of training program and training content. The prototype system is developed in CodeIgniter, PHP framework and additionally MySQL relation database management system.
Is an awareness wizard application to deliver to any end-users, companies, mobile providers, etc. security solution for their mobile and portable devices that run Android.
NATO Advanced Research Workshop: Encouraging Cyber Security Awareness in the Balkans
- Co-director of Advanced Research Workshop (ISEG.EAP.ARW.984799) held on 17-19 of March 2015, Skopje, Macedonia
- Write the project and gather a scientists and experts from academy, social societies and well-known experts in the field of cyber security, cyber warfare, information security from the region and NATO partner countries
Cybersecurity in the Western Balkans: Policy gaps and cooperation opportunities (Researcher)
- Author on the report on cybersecurity cooperation in the Western Balkans implemented with the support of the Federal Department of Foreign Affairs of Switzerland, in partnership with the Geneva Centre for the Democratic Control of Armed Forces (DCAF). Full report available at DiploFoundation
NATO Advanced Research Workshop: Benchmarking Telemedicine: Improving Health Security in the Balkans
- Co-director of Advanced Research Workshop (ISEG.EAP.ARW.985183), held on 15-17 of November 2016, Skopje, Macedonia
- Write and design the project, and collect and gather a Scientists and experts among well-known healthcare leaders from: government, military, NGOs and public and private sector from NATO members and partner countries
Implementation and improvement of e-Health system in Macedonia
- Design and improve implementation of current e-health system in Macedonia, within PKI support and smartcard
- Analysis of current – As-Is analysis,
- Benchmarking with international solutions,
- To Be with cost-benefit analysis and
- Technical specification
NATO Advanced Research Workshop: Fundamental readiness in Cyber Defence in the Balkans (FRCDB)
- Co-director of Advanced Research Workshop (ISEG.EAP.ARW.G5515), held on 17-19 of October 2018, Belgrade, Serbia
- Write and design the project, and collect and gather a Scientists and experts among well-known Subject-matter experts from: government, military, NGOs, research and development, education and public and private sector from NATO members and partner countries
Messenger-Pigeon; ISBN-10: 3838391314; ISBN-13: 978-3838391311
Interactive Cyber Security Awareness Program; ISBN 978-3-659-20798-3
Password Attacks and Generation Strategies, Tartu University, Estonia.
Security Risk Assessment article, PenTest Magazine Audit and Stand: IS Risk Assessment Measurement; Issue 07/2012 August; ISSN 2084-1116; page 70.
Web Servers Analysis under DoS Attacks, Secure Your Mobile, Protect Your Network and Hack More with Hakin9 11/2012!; ISSN 1733-178; page 66.
Frequently-Occurring Security Incidents, The 10th Conference for Informatics and Information Technology (CIIT 2013) , Faculty of Computer Science and Engineering, Macedonia.
Methodological Approach to Security Awareness, CyberSecurity for the Next Generation. Politechnico di Milano, Italy.
Macedonian Path Towards Cybersecurity, Information & Security: An International Journal, vol. 32, issue 1, 2015, In Press.
IT and Cyber Security Awareness – Raising Campaigns, Information & Security: An International Journal, vol. 34 (2015).
Cybersecurity in the Western Balkans: Policy gaps and cooperation opportunities, DiploFoundation, Geneva, Research report under the project "Cybersecurity Capacity Building and Research Programme for South - Eastern Europe" implemented with the support of the Federal Department of Foreign Affairs of Switzerland.
English, Bulgarian, Serbian & Croatian
French, Russian, Estonian, German
Languages & Libraries
- Text :: Org-mode, LaTeX, Markdown, Emacs, Lyx, Libre/MS Office
- Graphics :: Gimp, Inkscape, FreeMind, Dia
Good experience with system administration on Debian & RPM based systems and Bash scripting.
Lead/External Auditor for Information Security Management Systems /ISO/IEC 27001:2005/, June 2013, Certificate No. 026/ISMS/2013
MCT (Microsoft Certified Trainer) Mar 10, 2009 Microsoft Certified Professional ID 6083756:
Microsoft Certified IT Professional Apr 08, 2008
Enterprise Support Technician Apr 08, 2008
Microsoft Certified Technology Specialist Apr 08, 2008
Microsoft Windows Vista: Configuration Apr 08, 2008
Microsoft Certified Desktop Support Technician Feb 29, 2008
Microsoft Windows XP Feb 29, 2008
- Contact Coaching Coach Jun 06, 2008, School of Leadership Training in Stream University Stream Super Stars from Colleague
- Starting a Business v2.1, Yes Incubator, November 2012
- The Cybersecurity Imperative: An Agency’s Toolbox for Secure Data July 26 2013
- Coursera, University Leiden. Terrorism and Counterterrorism: Comparing Theory and Practice. Feb. 26, 2014
- Coursera, University Leiden. Terrorism and Counter-terrorism: Comparing Theory and Practice. Feb. 26, 2014
- Coursera: Google Cloud. Google Cloud Platform Fundamentals: Core Infrastructure. Sep. 2018
- Coursera: Google Cloud. Essential Cloud Infrastructure: Core Services. Sep. 2018
- Coursera: Google Cloud. Essential Cloud Infrastructure Foundation. Sep. 2018
- Coursera: Google Cloud. Elastic Cloud Infrastructure: Scaling and Automation. Sep. 2018
- Coursera: Google Cloud. Elastic Cloud Infrastructure: Containers and Services. Sep. 2018
- Amazon training: Introduction to AWS Lambda. Aug. 2018
- Amazon training: Introduction to Amazon Elastic Load Balancer - Classic. Aug. 2018
- Amazon training: Introduction to Amazon Elastic Load Balancer - Application. Aug 2018
- Amazon training: Introduction to Amazon Elastic Container Service. Aug 2018
- Amazon training: Introduction to Amazon Elastic Compute Cloud (EC2). Aug. 2018
- Amazon training: AWS Compute Services Overview. Aug. 2018
- Amazon training: AWS Security Fundamentals. Sep. 2018
- CyberArk Training: Introduction to CyberArk Privileged Access Security Course. Aug. 2018
- CyberArk Training: CyberArk Certified Trustee. Aug. 2018
Talks/Speaker & Community Service
ACTA - ACTIVE CITIZENS TAKE ACTION, Maribor, Slovenia. Presenting topic: Bullying of digital divide or not?.
Belgrade Security Forum 2013, Belgrade, Serbia. Topic: Assuring Cyber-Security in the Western Balkans and the Rest of Europe: Roles and Responsibilities of Institutions, Industry and Users? (in cooperation with DCAF)
Smart Defense and Open – Door Policy – New Synergies for Euro – Atlantic Security, Sofia, Bulgaria. Topic: Collective Cyber Defence – The Role of Newer Members and Opportunities for Specialization of Bulgaria in the Alliance Questions and answers. Organized by representation of the European Commission in Bulgaria.
Topic: Methodological Approach to Security Awareness, Kaspersky - CyberSecurity for the Next Generation 2014, EU Round. Politecnico di Milano, Italy
NATO ARW, Strengthening Cyber Defense for Critical Infrastructure, Kiev, Ukraine. Presented topic: Standards for Information Security are inappropriate fashion to assess the risk in private companies and elsewhere.
DCAF Young Faces Network 2014. Young Faces Network Cybersecurity Winter School for the Western Balkans. Petnica, Serbia, 1 to 5 December 2014. Delivering lectures on two topics: How the Internet works and Introduction to cybersecurity threats and risks.
NATO ARW (ISEG.EAP.ARW.984799), Encouraging Cyber Security Awareness in the Balkans, presenting: /Cyber security awareness among the Balkan Countries and the rest of the world/, 17-19 March 2015, Skopje, Macedonia.
Geneva Internet Platform (GIP): Fighting Cybercrime through closer International Cooperation, presenting at Cybersecurity Lab
- Internet governance in Bangkok, presenting DoS/DDoS attacks at Cybersecurity Lab.
- TEDxBASSalon topic Open Data & the Hacking Movement, 24 September at Business Academy Smilevski, Skopje.
- CyberLab and video scenario, OSCE Chairmanship Event on Effective Strategies to Cyber/ICT Security Threats. 29-30 October 2015, Belgrade Serbia.
- Cyber.Lab, DiploFoundation at 22nd OSCE Ministerial Council. 3-4 December 2015. Belgrade, Serbia. Link: 22nd OSCE Ministerial Council.
- NATO (ISEG.EAP.ARW.985183), Benchmarking Telemedicine: Improving Health Security in the Balkans . Panel discussion: Cyber security for the implementation of telemedicine: threats, best practices, information sharing, presenting: Telemedicine: Cyber Security Threats and Best Practice, 15 - 17 November 2016 Skopje, Macedonia.
- SEEDIG - South Eastern European Dialogue on Internet Governance. 24 - 25 May 2017 Ohrid, Maceodnia. Presenting: Mobile security and pentesting.
- SECOND REGIONAL INTERNET FREEDOM SUMMIT, AMERICAN BAR ASSOCIATION RULE OF LAW INITIATIVE’S (ABA ROLI’S). Development and Enhancement of Legal Frameworks in Eastern Europe and Eurasia to Protect Internet Freedom Program. 21 - 25 March, Struga, Macedonia. Presenting: Cybersecurity Challenges for 2018.
- 4TH SEEDIG MEETING, 23–24 MAY 2018, Ljubljana, Slovenia. Session 5: Securing all data. Cybersecurity: National frameworks and regional cooperation.
- 28th Economic Forum. Krynica-Zdroj, Poland, 4-6 September. Discussion panel: Developing an Innovative Nationwide Education for Cyber Security.
- Economic Forum of Young Leaders 2018, Nowy Sacz, Poland. September 3-7, 2018. Panel discussion: Enterprises in the world of smart products ‒ Industry 4.0 technologies at your fingertips.
- NATO ARW, Fundamental readiness in Cyber Defence in the Balkans (FRCDB), 17-19 October 2018, Belgrade, Serbia. Cyber Security in the Western Balkans: Policy Gaps and Cooperation Opportunities.
- IGF MKD, SECOND ANNUAL INTERNET GOVERNANCE FORUM MACEDONIA, 31.10.2018, Skopje, Macedonia. Cyber Security retrospective in Macedonia (Technical community).
Organized and participate at Eurocrypt 2011, Tallinn, Estonia
3rd International Conference on Cyber Conflict, organized by NATO Cooperative Cyber Defence Centre of Excellence, Tallinn, Estonia.
Stockholm Internet Forum 2013, Stockholm, Sweden.
Regional Euro Atlantic Camp – REACT 2013, Plav, Montenegro. /Moderator/.
Stockholm Internet Forum 2014, Stockholm, Sweden.
EvoCS: Evolving Concepts of Security – Values, Perceptions, Threats across Four European Regions, Final conference 10 November 2015, Brussels, Belgium.
October 26-30, 2016
ABA ROLI Regional E&E Internet Freedom Summit. Ohrid. Macedonia.
Founder of Internet Governance Forum Macedonia (IGFMKD)
ICAN Southeast Europe
Cyber Security Expert at Research Centre for Security Defence and Peace, Macedonia.
Mentor at Startup - Academy for Young Entrepreneurs.
Macedonian representative of DiploFoundation.
Blogger at ResPublica Macedonia - academical blogging platform.
Bulgarian Euro - Atlantic Youth Club, Bulgaria.
Cyber Security Advisor at Kyberturvallisuus RY - Finland Cyber Security Association.
Internet Society Member ID: 130447.
IEEE, Member Number: 93817940.
- Cybersecurity Community, IEEE.
- Security and Privacy, IEEE Computer Society Technical Committee on
- e-Government, IEEE Computer Society Technical Community on
- Cloud Computing Community, IEEE
- Internet Technology Policy Community, IEEE