Evgenii Tolmachev

Developed and executed a comprehensive product cybersecurity strategy and program, managing the development and implementation of a Cybersecurity Management System. Successfully integrated 7 critical teams into a unified security program, embedding core security practices and driving a shift-left approach.

Planned and executed security assessments combining threat-led penetration testing (TLPT) simulating advanced persistent threats (APT) and purple team exercises for top clients. Developed an offensive security testing toolkit to bypass most recent advanced defenses, strengthening red team capabilities.

Initiated building of the security architecture team and established security architecture practices from scratch. Developed and implemented comprehensive security architectures with a global scope, covering cloud, network, applications, and identity/access management systems.

Developed a software security program and roadmap, aligning security initiatives with business objectives. Hired and mentored security engineers and developers, and led the integration of security practices (BSIMM) into the secure software development lifecycle (SDLC).

Conducted international eDiscovery and digital forensics investigations in collaboration with legal offices and an international consulting network. Investigated attacks and data breaches affecting clients, developing and developing remediation plans to protect client data and systems.

Developed tailored software security functionalities for the company's main product (SIEM based on security asset management technology). Designed and implemented innovative security solutions to enhance resilience against cyber threats for clients in the financial industry.

Completed a Master of Science in Financial Management. This program provided a strong foundation in financial principles and their application.