Ruslan Safin

Chief Security Architect | DevSecOps Leader
13+ Years IT Experience | 9+ Years C-Level Security Leadership

CONTACT INFORMATION

PROFESSIONAL SUMMARY

Chief Security Architect with 13+ years IT experience and 9+ years C-level security leadership. Proven expertise designing enterprise security architectures, building and scaling security teams, and delivering compliance-driven infrastructure. Deep expertise in Linux hardening (STIG/CIS), Kubernetes security, IPv6 architecture, and zero-trust implementations. Track record managing security across 75,000+ employees and building security programs from the ground up.

CORE EXPERTISE

Security Architecture & Leadership
Enterprise security architecture design, zero-trust network architecture, privilege access management, incident response, risk management, compliance (ISO 27001/27005), SOC design, M&A security integration

Infrastructure Security & Hardening
Linux hardening (STIG, CIS), Red Hat systems, Kubernetes (CKA), IPv6 architecture, VMware virtualization, network segmentation, next-generation firewalls (Cisco, Juniper, Palo Alto), Veeam backup and disaster recovery

Cloud & Infrastructure
AWS, GCP, Azure, Yandex Cloud security, Infrastructure-as-Code (Terraform, Ansible), vulnerability assessment (SAST, DAST, SCA), penetration testing, Docker and container security, compliance automation

Technical Skills
Penetration testing, forensics, incident response, Cisco/Juniper/CheckPoint networking, Veeam solutions, Red Hat systems, Python, Bash scripting

PROFESSIONAL EXPERIENCE

Information Security Architect

Fintech Company (NDA) | Sep 2025 – Present

Leading security architecture for large-scale enterprise infrastructure. Network segmentation design, vulnerability assessment, privilege access management, CIS/STIG compliance, red team operations. Infrastructure-as-Code implementation (Terraform, Ansible). Azure and OpenShift security.

DevOps TeamLead / Senior DevSecOps Engineer

Yandex | Apr 2023 – Sep 2025

High-load infrastructure development and security architecture leadership at Yandex — Russia’s largest tech company (NASDAQ-listed, $40B+ market cap, 100K+ employees). Managed security and infrastructure operations at scale.

Key Achievements:

  • High-Load Infrastructure: Built and scaled infrastructure handling 300K+ RPS from development through production
  • Zero-Trust Architecture: Implemented zero-trust network architecture with continuous posture monitoring
  • Kubernetes Security: Kubernetes security hardening and advanced network implementations
  • IPv6 Innovation: First IPv6-only Kubernetes implementation at Yandex with advanced networking capabilities
  • Team Leadership: Managed DevSecOps team, security operations, CTF exercises, and zero touch prod approach
  • Compliance & Monitoring: Established continuous compliance monitoring and security posture validation

Technologies: Kubernetes, Docker, Terraform, Ansible, Python, Ubuntu, Yandex Cloud, HashiCorp Consul, IPv6

Chief Security Systems Engineer

EPAM Systems, Inc, Belarus | Nov 2019 – Feb 2022

Security architecture leadership and zero-trust implementation for global technology company scaling from 25,000 to 75,000 employees. Managed team of 17 security professionals (architects, engineers, DevOps). Defined and executed security strategy during 3x organizational growth.

Key Achievements:

  • Zero-Trust Architecture: Implemented enterprise-wide zero-trust architecture with continuous posture checks and automated compliance monitoring
  • Privilege Access Management: Designed and deployed PAM program across 75,000+ employees
  • Identity Governance: Implemented centralized identity management system
  • Vulnerability Management: Established enterprise vulnerability assessment (SAST, DAST, SCA) and remediation program
  • Compliance & Risk Management: Supported SOX audit, ISO 27001/ISO 27701, SOC 1/2/3, HIPAA/PCI DSS alignment, ISAE 3402 Type 2, and CREST accreditation compliance programs. Automated ISO 27001/27005 compliance monitoring with 24/7 posture validation
  • Incident Response: Established enterprise incident response program and crisis management procedures

Technologies: Kubernetes, Docker, Terraform, Ansible, Linux, Red Hat, AWS, HashiCorp Vault, Palo Alto, Cisco, Juniper

Senior DevOps Engineer

Outsourcing Company | Feb 2022 – Mar 2023

Infrastructure and security engineering for enterprise clients. Kubernetes cluster management, disaster recovery, backup solutions, and performance optimization. Ansible automation and GitOps implementations.

Director of Information Security / CISO

Telecom (Top Telecom Operator, CIS Region) | Feb 2018 – Nov 2019

Security leadership for Kazakhstan’s largest telecommunications operator and top-3 telecom in CIS region (Central Asia & CIS with millions of subscribers). Security strategy, compliance management, incident response, security team management, DLP implementation, PAM program, and security awareness training. Security operations center (SOC) design and operations, ISMS administration, vulnerability management, and crisis management.

Business Development Manager

MONT Ltd | Apr 2012 – Apr 2013

Business development, client relationship management, and technical sales.

Senior Engineer / Team Lead

Kazakhtelecom (Top Telecom Operator, CIS Region) | Jul 2009 – Sep 2011

Network engineering and team management for critical infrastructure projects at Kazakhstan’s leading telecom. Led activities related to Organization for Security and Cooperation in Europe (OSCE) Summit 2010, Shanghai Cooperation Organization (SCO) Summit, and Islamic Development Bank Economic Forum (worldwide strategic projects requiring highest availability). Designed FTTB network infrastructure for Almaty city and surrounding region (3 million population, Central Asia’s largest city). Managed 7 engineers and 200+ equipment installers.

Technologies: Cisco networking, Linux systems, security implementation, infrastructure design

Independent Consulting

V-Office LLP | Oct 2009 – Present

Security consulting, infrastructure design, penetration testing, vulnerability assessment, compliance audits, and security awareness programs. Concurrent roles included CTO and team leadership positions with security architecture, infrastructure design, Linux administration, networking, security implementation, system design, and team mentoring responsibilities.

SPEAKING & TEACHING

Conference Presentations:

  • Positive Hack Camp 2024 — Linux Privilege Escalation, Post-Exploitation, Pivoting & Persistence Techniques
  • Sysconf.io 2019 — SELinux: Base, Tips and Tricks

Teaching & Mentoring: 10+ years mentoring IT professionals. 2+ years training in security and infrastructure. Security trainer for Linux, Kubernetes, Cisco R&S, and Information Security (ELTC LLP). University instructor in Information Security (KazATU University).

Hackathons: Served as a jury member at 8+ AI-focused hackathons in Russia (organized by RAEK — Russian Association of Electronic Communications) in 2022, evaluating projects in artificial intelligence, machine learning, and security applications.

PUBLICATIONS

Recent Publications (2022-2023):

  • “Comparison of Information Security Methods of Information-Communication Infrastructure: Multi-Factor Authentication”
    L.N. Gumilyov Eurasian National University Bulletin, Technical Sciences and Technology Series, No. 3(140), 2022
    Co-authors: Safin R.R., Abdiraman A.S., Nurusheva A.M., Aldasheva L.S.
  • “Analysis of National Cybersecurity Strategies”
    TELEMATIQUE, Volume 22 Issue 1, 2023, pages 2162-2169
    Co-authors: Nurusheva A., Safin R., Satybaldina D.
    Focus: Cybersecurity processes, national strategy impact, information security policy frameworks
  • “New Reality Strategy Proposal: Zero-Trust Methodology”
    The Bulletin of KazATC, No. 4(127), 2023, pages 140-147
    Co-authors: Nurusheva A., Safin R., Amrenov A., Satybaldina D.
    Focus: Zero-trust architecture, remote access security, vulnerability assessment, hybrid user-system authentication models

Earlier Academic Publications (2008-2011):
Scientific and technical journals and international conferences on USB device management, Windows networking, educational technology, and professional development.

CERTIFICATIONS & TRAINING

Certifications Training
Certified Kubernetes Administrator (CKA) CISSP Preparation Bootcamp (Nov 2025)
Hurricane Electric IPv6 rank Sage Cyber Hygiene & OSINT (Nov 2025)
Red Hat Accredited Professional ISO/IEC 27005 Risk Manager (Dec 2025)
Palo Alto Networks ATM, ACE, ASE  
VMware VCP, VTSP, VSP  
Microsoft MCP, MCTS (MS247, MS671, MS672, MS673)  
CyberArk Certified Engineer  
FireEye Product Specialist  
Symantec DLP & NetBackup Certifications  

TECHNICAL SKILLS

Security & Compliance:Security architecture, risk management, compliance (ISO 27001, ISO 27005), incident response, forensics, DLP, PAM, vulnerability assessment, penetration testing, hardening (CIS, STIG)

Infrastructure & Cloud: Linux (Red Hat, CentOS, Debian, Ubuntu), Kubernetes (CKA), IPv6, Docker, Terraform, Ansible, AWS, GCP, Azure, Yandex Cloud, GitOps

Virtualization & Storage: VMware vSphere, Red Hat Virtualization, KVM, Xen, Veeam Backup & Replication

Networking: Cisco (ASA, IOS, Catalyst), Juniper, Palo Alto, CheckPoint, Citrix NetScaler, load balancing, high availability

Monitoring & Tools: Wazuh, ELK Stack, Suricata, HashiCorp Vault, Teleport, Cloudflare, ZScaler

Programming & Scripting: Python, Bash

EDUCATION

Master of Science in Information Technology | 2007-2009
Karaganda State Technical University (KSTU), Karaganda, Kazakhstan
Credential evaluation confirmed by World Education Services (WES)

Master of Science in Microprocessor-based Systems in Industry | 2008
Saint Petersburg State Polytechnical University (SPbSTU), Saint Petersburg, Russia

Engineer of Information Technologies | 2002-2007
Karaganda State Technical University (KSTU), Karaganda, Kazakhstan

LANGUAGES

  • Russian — Native
  • English — B2 Speaking (Upper Intermediate), C1 Writing (Advanced)

PERSONAL INFORMATION

  • Hobbies: Develop and maintain pet project — hosting server infrastructure using Docker, Ansible, Traefik and Cloudflare Workers
  • References: Available upon request