###### tags: `cv`
# CV
* Denis Tofan
linked: https://www.linkedin.com/in/denis-tofan-2a048913/
github: https://github.com/jaberez
## IT
### Experience
* Softprom, Chisinau, RM - Cyber Security Presale Engineer. (probation period till 06.2025). 03.2025 -
* PremierFintech, Spain - Jr. Information Security Expert. 08.2022 -
* Ok Credit, Chisinau, RM. —
Information Security and Technology Consultant 07.2020 -
* ----
* Network Doctor, New Jersey, USA - Core Service Engineer. 05.2022 - 08.2024
* Procreditbank, Chisinau, RM. — Senior System Administrator. 04.2014 - 03.2025
* Procreditbank, Chisinau, RM. — System Administrator. 11.2013 - 04.2014
* Procreditbank, Chisinau, RM. — Head of System & Network unit. 10.2011 - 11.2013
* Avitex, Moscow, RF — Web developer, System Administrator, CMS administrator, Process optimizer. 05.2008 - 12.2016 remotely
* Procreditbank, Chisinau, RM. — System Administrator. 10.2005 - 10.2011
* Procreditbank, Chisinau, RM. — IT Support Specialist. 10.2004 - 06.2005
* Coliseum internet cafe, Chisinau, RM. — System Administrator. 05.2003 - 08.2004
* Flachera internet cafe, Chisinau, RM. — System Administrator. 05.2001 - 08.2002
### Courses
* CEH 12 (https://iclass.eccouncil.org/our-courses/certified-ethical-hacker-ceh/)
* Penetration testing specialist (462 Hours). [CyberED Russia]
* Core Solutions of MS Exchange Server 2013 (20341B)
* Configuring and Troubleshooting Windows Server 2008 ADDS (6425B)
* Updating your Network Infrastructure and AD Technology Skills to Server 2008
* System Center Operations Manager
* Designing a Public Key Infrastructure
### Tournaments and rankings
main: https://tryhackme.com/p/jabberez
https://www.root-me.org/jaberez?lang=en
https://cybertalents.com/members/jaberez/profile
### Certification Roadmap
##### Security (pentest)
+ CyberED Russia Hacker's School. Done (Final mark 96%)
+ [CEH](https://aspen.eccouncil.org/Verify) Certification Number ECC3490218756. Done (91.2%)
+ [CEH Master](https://aspen.eccouncil.org/Verify) Certification Number ECC8190527436. Done (20/20)
+ [Python](https://www.learnpython.org/). Done (https://www.learnx.org/certificate/0e88931c-73cd-46d5-a7d0-933f8976d4de)
+ [CCNA](https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna.html)
+ [OSCP](https://www.offensive-security.com/pwk-oscp/)
##### Administrative
+ Okta Certified Professional [link](https://www.credly.com/badges/318d82d3-f13e-44ce-aa1b-2d4fff8ff468/public_url). Done
+ AZ-800 - in process
### Skills
#### Penetration testing(Offensive security)
<!--  -->
+ Infrastructure Penetration Testing:
+ tools: OpenVAS, Qualis, mfc, whireshark, Nmap, Nikto, Aircrack-ng, Kali Linux, Burp Suite.
+ Mobile and reverse engineering
+ tools: Yaazhini,Cutter,Ida,x64dbg
+ Vulnerability Assessment
+ tools: Nessus, OpenVAS, Qualys, Metasploit.
+ Threat Intelligence
+ tools: MISP.
+ Monitoring & Log Analysis
+ tools: Arcsight, Splunk.
+ IOC Analysis
+ tools: YARA, VirusTotal and Hybrid analysis, Mandiant IOCe for OpenIOC.
+ Risk Assessment:
+ tools: MITRE ATT&CK.
+ OSINT
+ Tools: Maltego, theHarvester, Shodan, SpiderFoot, Recon-ng.
#### Windows
* Windows Server 2003/2012/2016/2022 - deployment/administration/troubleshooting
* Windows Terminal Server 2003/2012/2016 - deployment/administration/troubleshooting
* Hyper-V - deployment/administration/troubleshooting
* AD/DNS/DHCP - deployment/administration/troubleshooting
* WSUS - deployment/administration
* Sharepoint 2003 - deployment/administration
* Exchange 2013/2016 administration
* Windows 7/10/11(& any user's software) - deployment/administration/troubleshooting
#### FreeBSD/Linux
* Debian,Ubuntu - deployment/administration/troubleshooting
* FreeNAS/Bhyve - deployment/administration/troubleshooting
* Docker - deployment/administration/troubleshooting
* LAMP(apache, nginx) - deployment/administration/troubleshooting
* Zabbix monitoring - deployment/administration/troubleshooting/development
* Nextcloud - deployment/administration/troubleshooting
* bind, exim, squid, fail2ban - deployment/administration/troubleshooting
* ZFS - administration
#### Network
* RouterOS Mikrotik - administration
* Cisco some experience in administration
#### MSP Application and Cloud Solutions
* Connectwise Automate (+api)
* Connectwise Manage (+api)
* integration with Zabbix
* Okta (+api)
* Rewst (basic knowledge)
* Domotz
* tested (was not implemented)
* Zabbix
* tested if it could change Auvik (was not implemented)
* custom integration with CWM
* Sophos (+api)
* integration with CWM
* Auvik (+api)
* integration with CWM
* mass collectors upgrade (custom vm image)
* Azure Function
* Auvik - CWM integration, reopen forgoten tickets and open ignored alerts
* Sophos - CWM integration, reopen forgoten tickets and open ignored alerts
* AI Teams chat bot to CWM summarize ticket's information
#### Programming and markup languages (varied experience)
* powershell,python,VB,php,vbscript,jscript,perl,c++
* regexp
* HTML 4.0, Markdown
#### Other
* Netapp 7/8 - administration
* IQHome - deployment/administration/troubleshooting
* Arduino microcontroller(c++) - development
### Projects
#### PremierFintech (project-based work)
* Client's local infrastructure security assessment
* Searching for compromised client information on the internet
* Vulnerabily scan internal/external
* Physical security assessment
* Restoring access to a locked accounting application
#### NetworkDoctor
* Client's local infrastructure security assessment (own initiative)
* automation processes
* onboarding/offboarding NDR users (application api + selenium)
* onboarding clent's users (application api + selenium)
* auvik - cwm integration (powershell function app)
* sophos - cwm integration (powershell function app)
* Rewst
* AI Dispatch (function app)
* password reset (function app + playwright )
* azure vm backup check (function app)
#### Ok-Credit
* Virtualization has been implemented.
* Veeam Backup and Replication has been implemented.
* Zabbix monitoring system has been implemented.
* Vulnerability scans have been implemented using Nessus and Qualys.
* WSUS has been implemented
* Wazuh system has been implemented.
* Splunk SIEM implementation is in progress.
#### Procreditbank Moldova
##### migration to holding cloud infrastructure - done
* AD trust/users migration. (done)
* Exchange. (done)
* core application. (done)
* Storage. (done)
* Printing. (done)
* Videomonitoring (done)
##### deployed by me
* Zabbix monitoring system
* Pay per Print (printer management centralization) - This service was introduced in Moldova with my active involvement.
* Video Monitoring System
##### deployed with me
* AD,DNS,DHCP
* AD Migration/Upgrade
* WSUS deployment
* Virtualization Hyper-V
* SIEM Arcsight (Zabbix integration)
#### at home
##### deployed/managed by me
+ Hyper-V
+ FreeNAS/Bhyve
+ Esxi
+ Splunk
+ Nextcloud
+ HomeAssistant
+ StableDiffision/Flux server
+ mikrotik router
+ cisco switch
##### developing by me
+ IQHome on Arduino MEGA controllers
## Hobby
### Actoring
+ Theatre courses. "Practica"
+ Graduation performance. (man at the bar)
+ Children's performance. (King)
+ Acting classes for cinema
+ Short film "Minus one" (clairvoyant / father of "suicidal")
+ Directing courses
+ Member of the crew of the short film "My Crazy Dad"
+ Explication for the one-time short film "Baby shoes, never worn".
+ colouration with BesarabKino
+ Member of the crew of the short film "ТоляNicu"
+ episodic role (Romanian solder)
### Riddles and puzzles
+ https://braingames.ru/?path=profile&id=68320
+ puzzles collection
Sign in with Wallet
Connect another wallet