Milan Velev
Sofia
Summary
With over 10 years of experience in cybersecurity, including 5+ years in leadership positions, I am a dedicated and results-driven CISO. My track record showcases the successful implementation of robust cybersecurity frameworks and the achievement of industry-leading certifications. As a strategic leader, I have developed and executed comprehensive security strategies to safeguard organizations against evolving cyber threats. Ensuring regulatory compliance and fostering a culture of security awareness come naturally to me. At Nexo, I led the attainment of ISO 27001, 27017, 27018, SOC 2 Type 2, and CSA Star Level 1 certifications. Additionally, I demonstrated my leadership skills by assembling and leading a team of 15+ cybersecurity professionals, fostering a collaborative and high-performance culture.
Overview
7
7
years of professional experience
1
1
Certification
Work History
CHIEF INFORMATION SECURITY OFFICER
Nexo
05.2021 - Current
- Successfully led Nexo in obtaining ISO 27001, 27017, 27018, SOC 2 Type 2, and CSA Star Level 1 certifications, demonstrating commitment to best practices in information security and privacy
- Established and led a dynamic team of 15 cybersecurity professionals, fostering a collaborative and high-performance culture
- Developed and implemented a comprehensive cybersecurity program that significantly enhanced the organization's resilience to cyber threats
- Formulated and executed the IT security and compliance roadmap aligned with organizational objectives and regulatory requirements
- Directed a cross-functional team, fostering collaboration and ensuring a unified approach to security across departments
- Implemented a risk management framework to identify, assess, and mitigate potential risks to information assets
- Ensured Nexo's compliance with relevant data protection regulations, industry standards, and legal requirements
- Conducted regular internal audits and assessments to monitor compliance status and address any identified gaps
- Developed and implemented a comprehensive security awareness program for employees, reducing the risk of human-related security incidents
- Conducted training sessions to educate staff on cybersecurity best practices and the importance of maintaining a secure work environment.
TECHNICAL TRAINER
Pragmatic LLC
03.2019 - Current
- Information Security and Penetration testing
APPLICATION SECURITY ENGINEER/ INFOSEC SITE LEAD
Genius Sports
04.2020 - 05.2021
- Conducted security assessments of web-based and mobile applications using tools such as Burp Suite, ZAP, and OWASP Zed Attack Proxy
- Developed and implemented security policies and procedures to ensure the security of the company's applications and infrastructure
- Conducted security code reviews and provided remediation guidance to developers and training on secure coding practices
- Performed penetration testing and vulnerability assessments to identify and mitigate security risks
- Participated in the development of security incident response plans and procedures.
INFORMATION SECURITY MANAGER
DZI Insurance, KBC Group
10.2018 - 04.2020
- Developed and implemented information security policies and procedures to ensure the confidentiality, integrity, and availability of the organization's data assets
- Managed security incidents and conducted investigations, ensuring timely response and resolution
- Conducted security assessments and audits to identify vulnerabilities and risks, and developed plans to mitigate them
- Designed and implemented security architecture, ensuring alignment with the organization's overall IT strategy
- Provided security awareness training to employees, ensuring they were aware of their responsibilities in safeguarding the organization's information
- Conducted regular compliance assessments to ensure adherence to information security standards, regulations, and best practices.
SENIOR SECURITY ANALYST/SOC TEAM LEAD
Trading212
03.2017 - 10.2018
- Developed and conducted security training programs for employees to promote security awareness and ensure compliance with security policies and standards
- Designed and implemented security controls, monitoring systems, and security policies to ensure effective security operations
- Led incident response activities and ensured timely and effective resolution of security incidents, including the identification, containment, and recovery phases
- Provided technical guidance and support to junior security analysts
- Collaborated with cross-functional teams to address security issues and provided guidance on security best practices and strategies.
Education
Certification - Oxford Executive Leadership Programme
Saïd Business School, University of Oxford
07.2024
MASTER OF ARTS (M.A.) IN CYBERSECURITY -
New Bulgarian University
07.2017
BACHELOR OF ARTS (B.A.) IN GENERAL PSYCHOLOGY -
Sofia University "St. Kliment Ohridski"
07.2011
Skills
- Cybersecurity strategy development and implementation
- Risk management and mitigation
- Security assessments and vulnerability scanning
- Incident response planning and execution
- Regulatory compliance (eg, ISO 27001, SOC2 Type 1 and 2, NIST, CIS Controls)
- Team management and leadership
- Excellent communication and collaboration skills
- Blockchain Security
Certification
- Certified Chief Information Security Officer (CCISO)
- Certified Blockchain Security Professional (CBSP)
- Certified Blockchain Security Expert (CBSE)
- Computer Hacking Forensic Investigator v9 (CHFI)
- Certified EC-Council Instructor (CEI) - Ethical Hacking and Forensics
- Certified Ethical Hacker (CEH) v10
- CCNA Routing and Switching
- CCNA Security
- Check Point Certified Security Administrator (CCSA) v77
- Check Point Certified Security Expert (CCSE) v77
- Palo Alto Networks Certified Network Security Engineer 7 (PCNSE)
- Certified Cloud Security Professional (CCSP) - In progress
- Offensive Security Web Assessor (OSWA) - In progress
Languages
English
Proficient
C2
French
Advanced
C1
Volunteer Experience
Mentor, Mentor the Young, 03/2023 - Present
Dog Walker, Adopt Pitbulls, 06/2023 - Present
References
References available upon request
Timeline
CHIEF INFORMATION SECURITY OFFICER
Nexo
05.2021 - Current
APPLICATION SECURITY ENGINEER/ INFOSEC SITE LEAD
Genius Sports
04.2020 - 05.2021
TECHNICAL TRAINER
Pragmatic LLC
03.2019 - Current
INFORMATION SECURITY MANAGER
DZI Insurance, KBC Group
10.2018 - 04.2020
SENIOR SECURITY ANALYST/SOC TEAM LEAD
Trading212
03.2017 - 10.2018
Certification - Oxford Executive Leadership Programme
Saïd Business School, University of Oxford
MASTER OF ARTS (M.A.) IN CYBERSECURITY -
New Bulgarian University
BACHELOR OF ARTS (B.A.) IN GENERAL PSYCHOLOGY -
Sofia University "St. Kliment Ohridski"
- Certified Chief Information Security Officer (CCISO)
- Certified Blockchain Security Professional (CBSP)
- Certified Blockchain Security Expert (CBSE)
- Computer Hacking Forensic Investigator v9 (CHFI)
- Certified EC-Council Instructor (CEI) - Ethical Hacking and Forensics
- Certified Ethical Hacker (CEH) v10
- CCNA Routing and Switching
- CCNA Security
- Check Point Certified Security Administrator (CCSA) v77
- Check Point Certified Security Expert (CCSE) v77
- Palo Alto Networks Certified Network Security Engineer 7 (PCNSE)
- Certified Cloud Security Professional (CCSP) - In progress
- Offensive Security Web Assessor (OSWA) - In progress
Similar Profiles
Vili KirimovaVili Kirimova
Treasury Operations Specialist at NexoTreasury Operations Specialist at Nexo
Jatinder SinghJatinder Singh
Production Associate at Nexo Industries Pvt LtdProduction Associate at Nexo Industries Pvt Ltd
Allan MathewAllan Mathew
Warehouse Associate at Nexo Footwear Private Ltd.Warehouse Associate at Nexo Footwear Private Ltd.