Ivan S - Senior Security Consultant at Google

Disclaimer: This information was obtained from publicly available sources online and is believed to be accurate at the time of publication. Valimates collects this information with proprietary technology and cannot guarantee the accuracy or completeness of the data. The purpose of the data is to inform the reader about the expertise of the individual and should not be used for any other purpose. Valimates does not have any affiliation with the individual.

Ivan S Senior Security Consultant at Google

Claim Profile Update Profile Delete Profile

Ivan S. is an impressive tech professional with extensive experience in both technical and strategic roles across multiple industries. With over 12,755 LinkedIn connections, Ivan has established a strong network within the tech industry. Their expertise lies in Infosec, CompSci, and ML, with a particular emphasis on Security Strategy & Design, Cloud, Security Engineering, and IT GRC.

Not only does Ivan possess a diverse skill set and impressive educational background, including a Bachelor's degree in BioMed: Chemistry Minor from Texas A&M University and a Master's degree in Computer Science from Southern New Hampshire University, but they also hold numerous current tech certifications. These certifications include CISSP, CCSP, GPCS, GDSA, PCA, ACE, SCS, SAA, CCP, AZ, AI, DP, SC-900, CISA, CDPSE, and CCSK.

Ivan currently works as a Senior Security Consultant at Google, where they provide strategic security services to enterprise leaders and their teams, focusing on assessing and closing critical gaps in infrastructure. They have also held positions at Mandiant, USAA, and Fullstack Academy, where they have proven their expertise in cloud security, IT security auditing, and data governance.

Overall, Ivan is a highly knowledgeable and experienced professional who consistently delivers exceptional results. Their dedication to learning, passion for surfing, and commitment to their family make them a well-rounded individual in both professional and personal aspects.

More about this expert

Full name: Ivan S
Location: United States
Title: Senior Security Consultant
Company: Google (since 2022)
Industry: Software Development
LinkedIn profile: https://www.linkedin.com/in/ivanvlad/
LinkedIn Connections: 12755
Summary: I am a tech professional with experience in both technical and strategic roles across multiple industries. My education, certifications, and experience focus on Infosec, CompSci, and ML with an emphasis on Security Strategy & Design, Cloud, Security Engineering, and IT GRC. I'm an avid learner, I love to surf, and most of all I love my fam. Please check out my featured content for more info or contact me. I always welcome conversation and feedback. Current Tech Certifications: ISC2: CISSP , CCSP SANS: GPCS , GDSA GCP: PCA , ACE AWS: SCS , SAA , CCP Azure/MSFT: AZ, AI, DP, SC-900 ISACA/CSA: CISA , CDPSE , CCSK *To verify current Tech Certifications: all digital verification links are in the "Licenses & certifications" section below.
Skills: Cybersecurity Google Cloud Platform (GCP)

Education

Texas A&M University: Bachelor's degree
Field of study: BioMed: Chemistry Minor
Southern New Hampshire University: Master's degree
Field of study: Computer Science

Positions

Google: Senior Security Consultant
Nov 2022 - Present

As part of the GCP family, I deliver strategic security services to enterprise leaders and their teams that enable them to assess, and close persistent, critical, and costly gaps in their infrastructure. My current focus is Cloud. Our technical security services include (not limited to):
‣ Cloud Security Solutions
‣ Red Team Program Development
‣ Cyber Defense Optimization
‣ Executive and/or Technical Tabletops
‣ Security Program Assessment
‣ Incident Response Preparedness
‣ Ransomware Readiness
Mandiant: Senior Security Consultant
Sep 2022 - Nov 2022

Served on the consulting team to meet with organizations and provide them with strategic security solutions and intelligence to:
• drive efficient and effective security operations
• improve cyber risk readiness and resilience
• reduce the business impact of a breach
USAA Aug 2021 - Sep 2022 · 1 yr 2 mos: Senior Cloud Security Engineer
Aug 2021 - Sep 2022

Served on the Public Cloud Security Team (PCS) to design and implement secure cloud solutions for USAA's multicloud enterprise environment (AWS, GCP, Azure):
• Build and deliver the new enterprise cloud security assurance program for AWS (Amazon Web Services), GCP (Google Cloud Platform), and Azure (Microsoft).
• Design, implement, and socialize the USAA internal Cloud Security Compliance program with AWS Security Assurance Services (SAS): established a RACI covering 24 cloud security domains, and a custom cloud control mapping aligned to industry frameworks (FFIEC, NIST, CSA CCM, CMMC, and Mitre Attack) outlining 70+ control objectives across 40+ AWS services. The program has enabled 30+ cloud security epics (173+ tasks) across 28 different accountable teams – shifting the cloud compliance needle left in our dev cycle.
• Leading PCS representation in 2022 enterprise cloud audit collaborating with the cloud governance and cloud infrastructure teams, delivered 10+ tech demos & generated all evidence packages, audit completed with 0 net new issues.
• AWS Cloud Audit Academy (201) partner: facilitated the 4-day course with AWS SAS for over 100+ USAA 1st, 2nd, and 3rd line partners.
• Validate, automate, and evidence multicloud (AWS, GCP, Azure) security solutions to meet 11 key compliance controls utilizing cloud-native security tooling alongside 3rd Party CI/CD, Infrastructure as Code, and multicloud security solutions; baselined for the following objectives: secure config, identity governance, authentication, RBAC, privileged access mgmt, network security, application security, vulnerability mgmt, malware defense, HIDS, incident response.
• Programming languages used: Golang, Python
USAA Aug 2021 - Sep 2022 · 1 yr 2 mos: Senior IT Security Auditor
Sep 2020 - Aug 2021

Served on the 3rd-line IT Security Infrastructure Team conducting technical engagements aligned to FFIEC, NIST CSF, COBIT, and ITIL standards including:
• Digital Member IAM (Identity and Access Management)
• Mobile Application Security (Code Review)
• Network Infrastructure Management (Cloud and Wireless)
• IT Availability & Problem Management (Code Review)
• IT Asset Mgmt (CI/CD IaC Review)
• Data Transfer Governance
• Internal Threat Management
All technical engagements were delivered within the 90-day SLO with 100% of objectives met for the 2021 OCC Supervisory Letter deadlines.
USAA: Data Governance Advisor (USAA Bank)
Jun 2019 - Sep 2020

Served on the Bank Information Risk Services Team (BIRS), Sensitive Data Mgmt:
• Bank IT GRC, Sensitive data, and PCI DSS: Structured and Unstructured PCI, PII remediation of 43 bank databases and 1.5M member data files.
• Bank data security advisor for Snowflake Cloud secure data migration, oversight for data and privacy regulations (GDPR, CCPA, GLBA)
• Lead bank CMMI audit and delivered a rating score of 3 - raised from the previous year's rating score of 2
• Designed and developed Bank Info Risk internal site and newsletter, additionally trained 2 other teams to create their internal bank GRC sites
• Liaison for bank IT, compliance, and business stakeholders; responsible for accurate requirements gathering and advising during bank data projects to ensure data security standards and best practices were implemented with a focus on FFIEC and NIST
Fullstack Academy New York, New York, United States: Bootcamp Instructor
Jan 2022 - Apr 2022

Cyber Security Instructor for the NY, NY cohorts. FSA Cyber Curriculum:
• Cloud: Amazon Web Services (AWS)
• Programming: Python
• Security Essentials, Red Team, Blue Team
Security Essentials:
• Linux CLI, Windows CLI , Security Concepts
• Computing, Virtualization, Networking, Services & Protocols, Backup & Recovery, Storage &
Databases, Wireless Security
• Networking & the Web: HTTP Verbs, REST, Persistence
• Data Transmission & Capture
• Data Encoding & Cryptography
• Project: Building a Modern Enterprise Network
Red Team:
• Ethical Hacking, Offensive Security's PWK
• Penetration Testing Methodology, using Kali Linux
• Attack Types, Technical Tooling
• WebApp: OWASP Top 10, Burp Suite
• Red Team Project
Blue Team:
• Defense in Depth
• Threat Modeling
• System Hardening
• Firewalls, IDS, VPNs, Vulnerability Mgmt
• Identity And Access Management
• Log Hunting & Analysis
• Splunk, Wireshark, Snort, Python & Bash Scripting
• Incident Response
• Blue Team Project
Final Project:
• Go beyond the course materials by building a project
• Working together as a team
• Produce written and video artifacts
Government - COSA: Security Engineer
Sep 2017 - Jun 2019

Served on the Information Security Team:
• Lead pentesting engagements for wireless & web app for airport, hospital and clinics, police and fire stations, public schools and libraries, and city hall buildings; created and delivered 13 actionable pentest reports to stakeholders
• SDLC QA testing: regression (UFT), load (LoadRunner)
• Completed IT Compliance Engagements include 2 rounds each of HIPAA, PCI DSS, CJIS, COPPA
• Optimized SAP IdP on-prem to Cloud migration by programmatically tuning over ~1500 accounts and ~200 roles.
• Developed, implemented, and administered various IT security and infrastructure systems, programs, and upgrades that increased the overall security posture by increasing workload automation and reducing noise/false-positives: anti-phishing program, AI threat detection system, SIEM platform, vulnerability manager, pentesting lab, and a WAF; automated when possible (Python)
• Built 21 monthly security data & metrics reports and created the presentation(s) for CISO and CIO, security presentations were used during city council hearings and leadership briefings. Used data analytics to identify security trends, KRI's, and KPI's
• Designed the Security Awareness Campaign strategy and developed & implemented the internal site, raised security training compliance attestation by 45%