Азат Жакубаев

IAM Engineer — PAM / MFA / Email Security

Identity and Access Management / Privileged Access Management Implemented and developed the company’s IAM infrastructure: from deploying PAM from scratch to securing email and container environments. PAM (Delinea Secret Server) Deployed the platform from pilot to production. Developed launchers for web, RDP, and DBeaver with the implementation of a credential store—eliminating the need to share passwords with users. Blocked direct access to mission-critical and SOX-compliant systems by transferring control to PAM. Conducted privileged access audits and SOX compliance checks. Email Security (FortiMail) Deployed a high-availability cluster from scratch: configured MX, SPF, DKIM, and filtering policies for incoming/outgoing traffic. Reduced the number of phishing and malicious emails by approximately 70–80%. MFA / 2FA Provided support for Microsoft MFA and LinOTP: diagnosed and resolved OTP delivery failures, investigated authentication incidents. DevOps Security (Kubernetes / Docker) Implemented RBAC in Kubernetes: configured roles, role bindings, service accounts, and namespaces. Restricted access to Kubernetes APIs and Docker hosts using the principle of least privilege. Coordinated and implemented firewall rules taking into account network segmentation (VLAN, DMZ).

• Reduced the number of phishing and malicious emails by approximately 70–80%

SOC Аналитик L1

Provided 24/7 monitoring and response to cybersecurity incidents within the infrastructure of a major telecommunications operator. SIEM / Monitoring Detected and classified security events in IBM QRadar, ArcSight ESM, Splunk, and Wazuh. Integrated log sources, configured correlation rules, and resolved issues with data quality and ingestion delays. Analyzed network and endpoint incidents via Fidelis, Microsoft Defender, DLP, and Suricata IDS/IPS. Verified IOCs via VirusTotal, IBM X-Force, and Cisco Talos. WAF / Response Analyzed F5 WAF alerts: identified anomalies, classified events, and blocked IP addresses. Escalated incidents to the L2 and network teams with prepared context for rapid decision-making. Developed playbooks and automated response scenarios via SOAR—reduced response time and lowered the false positive rate. Automation (Python / PowerShell) Automated routine operations: log parsing, report generation, and integration via REST API. Developed a Telegram bot for push notifications to SOC analysts—reducing the time it took to alert the team about incidents. Vulnerability Management Conducted security audits, identified vulnerabilities and architectural weaknesses. Managed patch management: tracked update installations and verified vulnerability remediation. Collaborated with responsible teams on prioritization and SLAs.

• Reduced response time and lowered the false positive rate through SOAR automation
• Reduced the time it took to alert the team about incidents via Telegram bot

Специалист 1 категорий