# CURRICULUM VITAE ## PERSONAL SUMMARY Name: Denis Tofan LinkedIn: https://www.linkedin.com/in/denis-tofan-2a048913/ github: https://github.com/jaberez tryhackme: https://tryhackme.com/p/jabberez An experienced IT professional with over 20+ years in various IT roles, specializing in system administration, information security, and penetration testing. Demonstrates strong problem-solving skills and a keen ability to innovate through automation and optimization of IT processes. Skilled in managing complex IT infrastructures and delivering comprehensive security assessments. ## Competence - Information Security and Penetration Testing: Expert in vulnerability assessment, infrastructure penetration testing, and risk analysis using tools such as Nessus, OpenVAS, Kali Linux, and MITRE ATT&CK. - System Administration: Extensive experience with Windows Server (2003–2022), FreeBSD/Linux, Docker, and virtualization platforms such as Hyper-V and FreeNAS. - IT Process Automation: Skilled in scripting and integrating systems using PowerShell, Python, and other programming languages for process optimization. - Monitoring and Log Analysis: Proficient with tools like Zabbix, Splunk, and Wazuh for proactive system monitoring and event analysis. - Project Implementation: Successfully deployed WSUS, SIEM systems, Zabbix monitoring, and various security solutions for enhanced organizational resilience. ## Work Experience ### Presale Enginer in CyberSecurity Direction Softprom LLC 03.2025 – Present - Collaborating with vendors including Citrix VDI, Imperva, and GreyCortex (NDR solution). ### Core Service Engineer Network Doctor, New Jersey 05.2022 – 08.2024 - Conducted local infrastructure security assessments and process automation for client onboarding and system integration. - Integrated Auvik and Sophos with ConnectWise Manage using PowerShell and Azure Functions. ### Jr. Information Security Expert (projects) PremierFintech, Spain 08.2022 – Present - Perform vulnerability scans, physical security assessments, and assisted clients in restoring critical system access. ### Information Security and Technology Consultant Ok Credit, Chisinau, RM 07.2020 – Present - Implemented virtualization solutions, backup systems, and security monitoring. - Vulnerability scanning using Nessus and Qualys. ### Senior System Administrator Procreditbank, Chisinau, RM 04.2014 – 04.2025 - Played a pivotal role in the migration to holding cloud infrastructure and deployment of various systems. ### Head of Infrastructure Unit Procreditbank, Chisinau, RM 10.2011 – 11.2013 - Managed and optimized the bank's infrastructure, including servers, networks, and storage systems. - Spearheaded the migration to a holding cloud infrastructure, ensuring minimal downtime and secure transitions. - Implemented and managed critical systems such as Active Directory, DNS, and DHCP. - Led a team of system and network engineers, ensuring projects were completed on time and within budget. ## Certification + CyberED Russia Hacker's School. Penetration Testing Specialist. (Final mark 96%) + [CEH](https://aspen.eccouncil.org/Verify) Certification Number ECC3490218756. (91.2%) + [CEH Master](https://aspen.eccouncil.org/Verify) Certification Number ECC8190527436. (20/20) + [Python](https://www.learnpython.org/). ### road map + [CISSM](https://gaqm.org/certifications/information_systems_security/cissm) + [CCNA](https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna.html) + [OSCP](https://www.offensive-security.com/pwk-oscp/) ### Additional Technical Training: - Core Solutions of MS Exchange Server 2013 - Configuring Windows Server 2008 ADDS - Designing a Public Key Infrastructure - Updating your Network Infrastructure and AD Technology Skills to Server 2008 - System Center Operations Manager - Designing a Public Key Infrastructure - CVAD-201 - Citrix Virtual Apps and Desktops Administration (2402 LTSR) - Imperva: TPA - WAF Gateway; TPA - API Security; TPA - Data Security Fabric ## Key Projects - Network Doctor: Automated complex IT processes for client systems using APIs and custom scripts. - Ok Credit: Deployed security systems and optimized IT infrastructure. - ProCredit Bank: 20 years of hands-on experience, driving major tasks and projects. - PremierFintech: Performed vulnerability scans, physical security assessments, and assisted clients in restoring critical system access