Looking for a job

1. 1
RUSLAN TSVIENTARNYI
Senior developer at Malware analysis department
Location: Kremenchuk, Poltava region, Ukraine
Date of birth: 27th
, March, 1983
e-mail: forrusl@gmail.com
phone, viber, whatsapp: +38(068)642-69-96
skype: crcrusl
linkedin: www.linkedin.com/in/rusl
OBJECTIVE
Looking for new opportunities (remote work or Kremenchuk location are desirable):
• Python software developer
• C/C++ software developer
• Malware researcher
SUMMARY
Experience (since 2012) in malware research, development of various tools for malware analysis
department, automation of any manual workflow. Have good analytical skills, easy to learn, self-
motivated, work well both independently and in a team, including remote.
TECHNICAL SKILLS
• Programming:
• Python (since 2012)
• C/C++ (since 2006)
• Assembler (MASM, x86/x64) (since 2006)
• OlllyDbg, WinDbg, x64dbg, IDA
• Malware research (MS Windows OS) (since 2012)
• MS Windows OS internals
• Trac, Jira
• SVN, Git
• VMware, Oracle VirtualBox
• MS SQL, SQLite, MongoDB, CouchDB
• Different malware analysis tools
WORK EXPERIENCE
Senior developer at Malware analysis department: 2015 - present
ROMAD Systems©
www.romad.io, www.romad-systems.com
Responsibilities:
• Programming (Python, C/C++, Assembler):
• Development of different high-performance multi-threaded internal tools for data parsing,
transforming, analysis, signature database validation, signature detection and testing,

2. 2
malware samples hunting, downloading and classifying
• Automation of any manual workflow
• Support of all developed tools
• ROMAD Antivirus signature database development and testing
• Testing products for correct work and malware detection, bugs investigation and reporting
• Research of malware techniques
• Research and description of new ideas and features to increase opportunities of endpoint product
to detect actual malware families
• Malware samples hunting and research (MS Windows OS):
• Stack-trace of system calls flow
• API flow
• Process hierarchy
• Suspicious traffic
• Memory injections, allocations, origins, etc
• Destructive system changes
• Debugging, unpacking, dumping
• Disassembling (IDA, Hiew, etc)
• Malware incidents investigation
• Writing detailed technical documentation
Professional achievements:
• Malware behavior log parser developed
• Antivirus database metadata standard improved, new features researched and implemented
• Antivirus database metadata preprocessor developed
• Antivirus database metadata validation tool developed
• Metadata detector (standalone signature detector) developed
• Generator of internal database for stack-trace analysis (using IDA API) developed
• Cross-process malware detection mechanism researched, described, documented as standard
and developed for standalone signature detector
• Malware hunting and downloading tool (using VirusTotal API v2 and v3 (jsonapi)) developed
• Malware classifier by behavior log developed
• Malware checker and sorter (using VirusTotal API v2 and v3 (jsonapi)) developed
• Process tree viewer (by system behavior log information) developed
• False positive detection prevention tool developed
• All developed tools carefully documented
• Antivirus signatures for top-80 malware families developed and tested
• A number of bugs in endpoint product discovered, investigated and reported
• A number of new features researched, described and documented for developers and tested after
releasing to improve actual malware detection with endpoint product
• All manual workflow of malware analysis department automated
• One developer and one QA engineer trained to work at malware analysis department
Malware analyst, CTO: 2012 - 2015
GridinSoft LLC
www.gridinsoft.com
Responsibilities:
• Technical strategy of product evolution

3. 3
• Malware research
• Malware analysis automation
• Antivirus signature database development
• Malware detection statistics analysis
• Technical support of malware victims
Professional achievements:
• A number of tools for malware research, hunting and downloading developed
• Antivirus signature database efficiency improved
• Antivirus signature database update tool improved
• Endpoint product release automated
• False positive malware detection minimized
• A number of new features researched and documented for developers to improve malware
detection and cleaning with endpoint product
• Communication with endpoint users improved, remote technical support implemented
• Hiring and training new developers and malware analysts
Lecturer at Computer and information systems department: 2006 - 2013
Kremenchuk Mykhailo Ostrohradskyi National University
www.kdu.edu.ua
Subjects:
• Programming (C/C++, Assembler (MASM, x86/x64), Prolog, Pascal)
• Architecture of Computers
• Information Security
• Theory of Digital Automaton
• Probability Theory
• Mathematical Statistics
• Digital Signal Processing
• Theory of Information and Coding
• Simulation Modeling
LANGUAGES
Russian (native), Ukrainian (native), English (intermediate)
RECOMMENDATIONS
Available on request
EDUCATION
Kremenchuk Mykhailo Ostrohradskyi National University: 2000 - 2006
Kremenchuk, Poltava region, Ukraine
Master's Degree (Honors), Computer Systems and Networks