# Experience — Valerii Serkin ## Senior Manager, Security Engineering — TradingView **Málaga, Spain · Sep 2025 – Present** - Lead the internal Security Operations Center, delivering continuous, organization-wide security monitoring, incident response, and proactive threat hunting across the TradingView environment. - Established the SOC from the ground up — standing up monitoring, detection, and response capabilities and embedding a Threat Intelligence function to drive intelligence-led operations. - Architected and deployed SOAR automation and cross-tool integrations, unifying the security stack into a single workflow and significantly reducing mean time to detect and respond. - Tuned and optimized EDR for maximum detection coverage and performance, strengthening endpoint visibility and containment across the fleet. - Designed and operationalized Data Loss Prevention (DLP) controls to safeguard sensitive and regulated data across endpoints and corporate channels. - Built and ran continuous phishing simulation campaigns and security-awareness training, measurably improving resilience to social engineering. - Pioneered methods and internal tooling to detect and prevent "shadow AI" usage, mitigating data-exposure and compliance risks from unsanctioned AI services. ## Head of Cyber Defense Center — Malcrove **Dubai, UAE · Jan 2024 – Sep 2025** - Led a team of 20+ SOC analysts, overseeing daily security operations, incident response, and threat detection across diverse environments. - Directed Digital Forensics and Incident Response (DFIR) across client environments, ensuring swift containment, investigation, and remediation. - Performed comprehensive compromise assessments — identifying breaches, evaluating incident scope, and providing expert remediation recommendations. - Drove continuous improvement of SOC processes and workflows, optimizing SIEM platforms (Elasticsearch, Splunk, QRadar), IDS/IPS, and threat intelligence. - Mentored SOC analysts in incident handling, DFIR, and forensic investigations. ## Head of Detection Engineering & Threat Hunting — Malcrove **Dubai, UAE · Oct 2022 – Jan 2024** - Led a team developing and optimizing detection engineering and threat hunting across multiple clients, leveraging advanced analytics and security tools. - Designed and deployed customized detection rules using the SIGMA framework. - Spearheaded threat hunting across on-premise, AWS, and Azure infrastructures. - Built automated detection workflows using custom Python scripts and tools. - Analyzed adversary TTPs to stay ahead of evolving threat landscapes. ## Senior Cyber Security Consultant — Malcrove **Dubai, UAE · Sep 2021 – Oct 2022** - Led Threat Hunting and Incident Response engagements for multiple clients. - Developed internal microservices in Python to automate data enrichment, incident triage, and response workflows. - Conducted in-depth malware analysis, including reverse engineering, to produce actionable threat intelligence. - Performed compromise assessments and delivered detailed remediation strategies. ## Senior SOC Analyst — Research & Development — Kaspersky **Moscow, Russia · Sep 2016 – Sep 2021** - Played a key role in building the SOC's core processes and tools from scratch (Elasticsearch, TheHive, Cortex, and other open-source solutions). - Collaborated with incident responders and threat hunters to strengthen client security posture. - Developed internal microservices in Python, Go, and .NET Core to automate SOC workflows, improving detection accuracy and reducing response times. ## Leading Information Security Specialist — Credit Bank of Moscow **Moscow, Russia · Jun 2015 – Sep 2016** - Developed and implemented comprehensive information security policies. - Managed security assessments and audits, mitigating risks and ensuring regulatory compliance. - Oversaw deployment of firewalls, IDS, and endpoint protection. - Conducted incident response and forensic investigations. ## Leading Information Security Engineer — Transaero Airlines **Moscow, Russia · Mar 2014 – Jun 2015** - Led generation of key carriers for the client-bank clearing center (eToken / RuToken devices). - Managed information security projects end to end. - Conducted internal penetration tests with detailed reporting. ## IT Security Engineer — Microtest **Moscow, Russia · Dec 2011 – Sep 2012** - Conducted pre-sale consultations matching security solutions to customer needs. - Implemented communication-channel and personal-data protection systems at Kuibyshev Azot JSC and Renaissance Insurance Group.