Oleg Laskin

Introduction

With over 26 years of experience in information technology and security, Oleg is a well-rounded and accomplished cybersecurity leader who is passionate about protecting organizations from cyber threats and enhancing their security posture. Oleg currently serves as the Director of Cyber Security Services at Specialized Security Services, Inc., where he oversees the delivery of high-quality security solutions to clients across various industries and sectors.

As the director, Oleg leads and manages a team of security professionals who perform security assessments, penetration testing, red team operations, incident response, forensics, and security program development. Oleg also leverages his expertise in cloud security, security frameworks, security vulnerabilities management, web application vulnerability analysis, and secure code review to provide strategic guidance and recommendations to clients and stakeholders. Oleg holds a Master’s degree in Cybersecurity Management and Policy, a Bachelor’s degree in Business Management, and the following certifications: CISSP, GWAPT, GCIH, GPEN, CEH, and PCI Certified Professional.

In his spare time, Oleg Laskin enjoys studying various aspects of radio communications, and attending and speaking at security conferences. Recently Oleg picked up another hobby: Music production, mixing and DJ-ing.

Prior to his IT and Infosec career, Oleg worked as a certified Emergency Medical Technician (EMT) at a hospital in Jopin, Missouri in both Emergency Room and as part of the hospital's surgical team.

Work History

Security Researcher, Coro Security (remote)
- February 2024-Present
Director Cyber Security Services, S3 Security - Texas (remote)
- November 2020 - January 2024
Sr. Cloud Security Advisor, Aetna/CVS - Connecticut (remote)
- July 2020 - November 2020
Penetration Testing Team Lead, Trinity Health - Michigan (remote)
- May 2017 - July 2020
Enterprise Security Architect, Southeastern Grocers - Florida
- June 2015 - May 2017
Enterprise Security Architect, Enterprise Integration - Florida
- October 2014 - May 2015
Sr. Information Security Engineer, Enterprise Integration - Florida
- December 2013 - October 2014 - (promoted)
Sr. Information Security Analyst, Nemours - Florida
- January 2011 - December 2013
Director of Information Technology / Senior Infrastructure Security Manager, Duos Technologies - Florida
- October 2009 - December 2010
Deputy Director / System Administrator, Duos Technologies - Florida
- June 2007 - December 2010
System Architect, Idea Integration (MPS Group) - Florida
- May 2006 – June 2007
IT Manager, Solantic LLC - Florida
- August 2004 – May 2006
Desktop Support Services, Winn Dixie Stores Inc. - Florida
- January 2001-August 2004
Networks Engineer/Systems Administrator, Computerland of Joplin - Missouri
- March 1996 – August 2000

Bio

Professional Bio

Oleg Laskin began his Information Technology career in 1996 in Joplin, Missouri. He obtained his first IT job as a hardware technician at Computerland of Joplin and soon after, he was promoted to a PC technician and later to a server administrator. While working as a server administrator for the Internet provider, he showed interest and began working as a network technician, administering the company’s network architecture based on HP, 3COM, and Cisco technologies. He also worked with external customers such as schools and small businesses to help in setting up networks from the ground up, including design, cabling, and network hardware installation.

In 2001, after moving to Jacksonville, Florida, Oleg started a job as a Desktop Support and Client/Server Operations Technician at Winn Dixie Stores. Oleg was involved in large-scale projects such as a company-wide Windows 2000 roll-out. Oleg was also tasked with several logistics projects involving moving Winn Dixie purchasing and store design offices and print server infrastructure migration.

In August of 2004, Oleg began work as an IT Manager at a healthcare company - Solantic. Oleg’s work began administering servers and a network for 5 Urgent care facilities. During Oleg’s employment at Solantic, the company expanded to 12 Urgent care facilities in two states. Oleg designed and implemented all of the additional urgent care facilities as well as hired and managed a team of 4 desktop technicians, server administrators, and a web developer.

In 2006, Oleg began work as a Systems Architect. His projects included a large utility company’s complete re-design of the customer-facing portal’s architecture, SCADA system design, data center design, and DR plans. As an architect, he was also involved in a circuit court’s migration from Novell to Microsoft Active directory migration and several smaller projects with a variety of customers.

In 2007, Oleg worked as a server administrator, then a deputy director of IT, and Security Engineer at Duos Technology. In 2009, Oleg was promoted to the position of Director of Technology and Security Architect. Oleg’s work revolved around large enterprise clients' physical and information security. He was involved in projects dealing with security of transportation companies, healthcare, and large-scale government projects.

In 2011, Oleg stepped in as a Senior Information Security Analyst at Nemours - a pediatric healthcare company. He was in charge of assessing the security posture of the company, design, and implementation of security solutions to protect the company’s patient data and infrastructure. He designed and implemented many of the company’s security technologies such as McAfee EPO anti-virus solution, spam protection, and internet content filtering and protection architecture based on Cisco’s Ironport. Oleg also designed and implemented Nemours’ security vulnerability management program.

In December of 2013, Oleg began work as a Senior Information Security Engineer at Enterprise Integration. Working with Fortune 500 companies, Oleg was involved in the design and management of Load balancers, Web application firewalls, Single Sign-on technologies. Oleg was also instrumental in a large enterprise’s PCI compliance assessment and mitigation implementation. Oleg performed security assessments and vulnerability scan and reporting of customer's internal networks and web applications.

In the summer of 2015, Oleg made a move to Southeastern Grocers as a Security Architect. As an internal security consultant and penetration tester, Oleg works with Information Technology teams as well as business owners and project management teams. Oleg is involved in project development from the security perspective to ensure that new systems and applications are developed and implemented according to industry's security standards and best practices. Oleg also performs all internal penetration testing as well as works with external penetration testing vendors to validate results and review the findings.

After spending three years at Trinity Health, based in Michigan, where he contributed to building a penetration testing program, Oleg decided it was time to move back to consulting world.

Oleg works at S3 Security, a Texas-based security consulting firm as a Director of Cyber Security Services, where he manages a team of pentesters including all aspects of service delivery of the team, and work directly with clients on both the penetration testing engagements and consulting on security solutions. After four years, it was time for change.

At the beginning of 2024, Oleg joined Coro, a Cyber security company as a security researcher.

Skills

Core Competencies

Malware and security research
Red Team Operations Management
Incident response and Forensics
Enterprise Security programs management
Security Assessments team leadership
Security Program Development
Cyber Security Strategy development
Cloud security: Azure, AWS, Google Cloud
Security frameworks: HIPAA, HITECH, PCI, NIST 800-53, Cobit 5, ISO 27001
Security vulnerabilities management - Nexpose, Nessus, etc.
Web Application vulnerability analysis - Burp Suite Pro, commercial enterprise suites
Penetration testing - Web applications, API, Network, Cloud
Secure Code review - Checkmarx, Sonarqube, etc.
Intrusion Detection analysis and prevention
Data Loss Prevention program development and management

Technical Expertise

Malware Analysis and research
Threat Analysis
Email security
Reverse Engineering
Enterprise Architecture
Cloud Security: AWS, Azure, GCP
Penetration testing - Web applications, API, Network, Cloud
Security vulnerabilities analysis - Nexpose, Nessus
Web Application vulnerability analysis - Burp Suite, Zed Attack Proxy (ZAP)
Server and network monitoring and log analysis - RSA enVision SIEM, Splunk
Penetration testing - Metasploit, nmap, Core Impact, linux and windows based security tools
Forensic analysis - Linux, Windows, malware analysis, forensic storage analysis
HIPAA, HITECH, PCI
Intrusion Detection analysis and prevention
Data Loss Prevention
Windows / Linux Operating systems
Linux Bash scripting
Load balancers / Web
Application Firewalls - Citrix Netscaler, BigIP F5
Microsoft Server technologies: SQL, Exchange, Virtual Server
Microsoft Active Directory, DHCP, DNS
Networking technologies: Cisco routers, switches, firewalls
Network Security, VPN, Internet Routing Protocols
Disaster Recovery
VMWare ESX
HTML, PHP, Javascript
VBscript

Education

Education and Certifications

Master of Science in Cybersecurity Policy and Management - Embry Riddle Aeronautical University - 2020 - 4.0 GPA
Bachelor of Science in Business Management -University of Phoenix - 2006
CISSP - Certified Information Systems Security Professional - (2011) - Active
GPEN - GIAC Certified Penetration Tester - (2016) - Active
GCIH - GIAC Certified Incident Handler - (2012) - Active
GWAPT - GIAC Certified Web Application Penetration Tester - (2016) - Active
PCIP - PCI Professional - 2015
CICP - Core Impact Certified Professional - (2016) - Current
Penetration Testing with Kali Linux - course complete - (2016)
Penetration Testing with backtrack (PWB) by Offensive Security - course complete - (2014)
CEH - Certified Ethical Hacker - (2012) - Active
Microsoft Certified Professional - Server 2003, Active Directory, Network and Security

Information Security Professional