GRC and security leader specializing in regulatory readiness for crypto-asset firms and exchanges.
Certified Kraken and WhiteBIT for CCSS — among the most demanding audits in digital assets — and prepares C-level teams to walk into regulator interviews ready to defend their programs.
Designs and operates audit- and regulator-ready frameworks across CCSS, ISO 27001, DORA, MiCA, VARA, and ADGM, grounded in a hands-on penetration-testing background that means controls are assessed the way an attacker — and an auditor — would.
ISO/IEC 27001:2022 Lead Auditor and CISM with 8+ years across crypto, fintech, and PCI DSS environments.
Experience: 8 years
Yearly salary: $102,000
Hourly rate: $55
Nationality: 🇺🇦 Ukraine
Residency: 🇺🇦 Ukraine
Experience
Principal Consultant — ICT Risk & DORA Compliance
Trakx 2025 - 2026
Led the design and implementation of a full-scope ICT Risk Management and Cybersecurity Compliance framework for a regulated crypto-asset firm, aligned with DORA (Regulation EU 2022/2554) and MiCA expectations. - Designed and operationalized the ICT Risk Management Framework in line with DORA Chapter II, covering governance, asset classification, risk identification, assessment, treatment, and continuous monitoring. - Built an end-to-end ICT asset inventory, mapping business functions, critical systems, dependencies, and recovery objectives (RTO/RPO). - Developed a structured ICT Risk Register, linking assets, threats, vulnerabilities, controls, residual risk, and ownership — ready for regulator and auditor review. - Established Third-Party ICT Risk Management processes, including vendor criticality assessment, due diligence, SLA review, exit strategies, and dependency mapping. - Aligned cybersecurity controls with real operational practices (cloud, custody, IAM, endpoints, SaaS). - Prepared evidence-ready documentation and artifacts suitable for regulatory submissions, supervisory reviews, and audits.
Head of Security & Compliance
Hacken 2024 - 2026
- Built and scaled the information security compliance service from scratch — business case, methodology, and delivery. - Conducted CCSS audits for WhiteBIT and Kraken — two of the most demanding security audits in digital assets. - Prepared WhiteBIT and OSL for their MiCA regulator interviews, coaching teams to defend their compliance programs under supervisory questioning. - Conducted a CBUAE (Central Bank of the UAE) regulatory assessment for Bybit. - Led ISO 27001 readiness and implementation for Bitunix, Toobit, and OSL. - Delivered cybersecurity compliance audits against DORA, VARA, BMA, and CIS Controls.
Sr. Penetration Tester
Hacken 2023 - 2024
Full-cycle testing: reconnaissance & OSINT, scanning and enumeration, vulnerability assessment, exploitation, post-exploitation, and clear executive-grade reporting. Conducted pentest for MEXC.
Information Security Auditor
IT Specialist LLC 2019 - 2023
Team Leader of PCI DSS Audit projects: - Policies and Procedures Development - Conducting GAP Assessment and Certification Audit with QSA - Configurations Analysis (Network, Cloud, Security tools) - PCI DSS Final documentation preparation (SAQ all types, RoC) ISO 27001 Lead Auditor: - Documentation Development - Leadership of Risk Management Process - Setting up Incident Response, Disaster Recovery, Business Continuity, Logging and Monitoring, Access Control Processes - Leading Internal Audit processes as an External Consultant - Participating in Certification Audit
Skills
ai
analyst
blockchain
compliance
crypto
executive
non-tech
operations
security
