Simon Avagyan
Yerevan
Summary
Accomplished security officer with 15+ years of experience in information security governance, compliance, and risk management. Expertise in implementing advanced frameworks aligned with ISO 27001, PCI DSS, GDPR, and other regulatory standards. Instrumental in securing systems, mitigating threats, and enhancing compliance across diverse industries. Adept at designing comprehensive IT security solutions and fostering a security-focused culture through targeted training. Proven ability in root-cause analysis, troubleshooting, and complex problem-solving to ensure reliable business IT systems and networks. Excels in designing and regulating critical security programs and campaigns, with in-depth operational supervision of incidents and emergency disaster recovery.
Overview
10
10
years of professional experience
1
1
Certification
Work History
Information Security Coordinator
Ardshinbank
01.2023 - Current
- Security Operations: Orchestrate smooth security operations across technical and business teams, embedding risk management into day-to-day workflows for seamless integration and support for business objectives
- Risk Mitigation: Fortify organizational defenses by architecting advanced security roadmap while integrating international standards such as ISO 27001, GDPR, and PCI DSS for compliant security posture
- Threat Management: Implement proactive threat management program while incorporating continuous monitoring, employee awareness campaigns, and incident simulations to significantly reduce security breaches
- Data Loss Prevention: Maximize protection against data leakages and protect sensitive information by implementing next-generation technologies and effectively balancing limited resources
- Security Standards: Transform organization’s approach to compliance and governance, creating culture of accountability and adherence to global security standards through strategic planning and innovative processes
Data Protection Officer
UCRAFT
01.2022 - 01.2023
- Privacy & Compliance: Elevated organizational data protection standards by designing engaging, role-specific training programs that empowered employees to uphold privacy and compliance principles
- Risk Assessment: Assessed privacy risks through dynamic Data Protection Impact Assessments (DPIAs), implementing tailored strategies to protect sensitive data against emerging threats
- Compliance Strategy: Engineered enterprise-wide privacy governance models, embedding GDPR, CCPA, and global compliance requirements into organizational workflows, fostering data-first approach to compliance and data handling
- Breach Prevention: Optimized data flow security through innovative strategies that reduced exposure to potential breaches and secured sensitive information across all touchpoints
Information Security Expert
Ardshinbank
01.2021 - 01.2022
- Organizational Defense: Pioneered in-depth security evaluations and carried out audits to uncover system vulnerabilities, executing corrective measures to reinforce organizational defenses
- Security Solution: Achieved 90% risk reduction in data breaches through deployment of advanced Data Loss Prevention (DLP) solution, ensuring protection for sensitive organizational data across all critical systems
- Threat Alleviation: Revamped incident response capabilities by optimizing monitoring protocols and reducing response times, resulting in more agile security posture that swiftly addresses potential threats in real-time
- Vulnerability Management: Mitigated 100% of high-risk vulnerabilities through targeted risk assessments, proactive treatments, and the implementation of tailored security strategies, ensuring fully compliant and resilient security posture
- Strategy Development: Streamlined security processes and enhanced risk mitigation protocols while aligning security practices with best-in-class industry standards
Chief Security Officer/ Information Security Officer
AMX, Armenia Security Exchange
01.2020 - 01.2021
- Asset Protection: Devised advanced information security strategies while incorporating cutting-edge frameworks and regulatory requirements (ISO 27001, NIST, GDPR) to elevate organization’s defenses and guard digital assets
- Operational Continuity: Spearheaded integration of security controls across all business functions, guaranteeing proactive risk management while enabling operational agility, driving minimal disruption to business operations
- Process Automation: Drove substantial reduction in operational inefficiencies by automating security processes and aligning security operations with industry-leading standards to create risk-mitigated environment
- Continuous Education: Directed cross-functional initiative to promote security culture by delivering continuous education, workshops, and strategic alignment, ultimately achieving compliance-driven mindset across all teams and departments
IT Security Specialist
FXTM
01.2018 - 01.2019
- Forensic Investigations: Revamped forensic investigation procedures, ensuring professional approach that successfully eliminated the risk of intentional internal incidents and enhanced overall security posture
- Data Protection: Executed advanced Data Loss Prevention (DLP) systems to safeguard sensitive data from intentional and accidental exposure, resulting in zero data leakage incidents
- Security Analysis: Produced in-depth security analysis reports for leadership and key stakeholders, driving data-driven decisions and refining incident management framework by highlighting critical areas for improvement and risk reduction
Information Security Senior Specialist
Inecobank
01.2015 - 01.2018
- Security Training: Led targeted security awareness initiatives, delivering engaging training sessions to employees that significantly improved adherence to best practices and minimized human errors related to cybersecurity
- Cross-Functional Collaboration: Partnered closely with IT and operational teams to integrate cutting-edge security measures, aligning technological advancements with business needs and reinforcing system resilience against potential cyber threats
- Regulatory Adherence: Successfully maintained security compliance during high-stakes audits, fortifying the organization’s standing with stakeholders by upholding stringent security and compliance practices
- Compliance & Auditing: Conducted regular risk assessments and internal audits to guarantee protection of sensitive data and overall security posture of organization
Education
Master of Engineering - Biomedical Apparatus and Systems
State Engineering University of Armenia
Bachelor of Engineering - Biomedical Engineering
State Engineering University of Armenia
Skills
- Data Privacy Compliance
- Security Policies & Procedures
- Threat Intelligence
- Identity & Access Management
- Internal Audits
- Business Continuity Planning
- Awareness & Training Programs
- Team Leadership & Development
- Incident Handling & Reporting
- Forensic Investigations
- MS SQL Certification
- Project Management
Certification
- Data protection under GDPR - Data Privacy Professional (GDPR DPP), Data Privacy School, 01/01/22
- CCNA, Cisco Networking Academy, 01/01/12
- Development of the Centralized Systems for Support of Business, Beeline University, 01/01/10
- Basic Management Skills, Beeline University, 01/01/10
Languages
English
Russian
Armenian
Timeline
Information Security Coordinator
Ardshinbank
01.2023 - Current
Data Protection Officer
UCRAFT
01.2022 - 01.2023
Information Security Expert
Ardshinbank
01.2021 - 01.2022
Chief Security Officer/ Information Security Officer
AMX, Armenia Security Exchange
01.2020 - 01.2021
IT Security Specialist
FXTM
01.2018 - 01.2019
Information Security Senior Specialist
Inecobank
01.2015 - 01.2018
Bachelor of Engineering - Biomedical Engineering
State Engineering University of Armenia
Master of Engineering - Biomedical Apparatus and Systems
State Engineering University of Armenia
Similar Profiles
Marianna MuradyanMarianna Muradyan
Public Relations Specialist at Ardshinbank CJSCPublic Relations Specialist at Ardshinbank CJSC
Andranik TerzyanAndranik Terzyan
3D Artist at SciePro GmbH3D Artist at SciePro GmbH
Any HakobyanAny Hakobyan
Head of Marketing Department at Antheris ClinicsHead of Marketing Department at Antheris Clinics