Mišo Mijatović

A new adventure :)

My partner and I had the dream to travel together in South America. This was the good moment for us so we decided to go!
We've loved it and carry in our hearts a lot of great memories.

As a Lead R&D engineer I am responsible to improve our long term bot detection, support my team and improve the Datadome product. Some of my main duties are:
- Analyse traffic and improve bot detection: Elasticsearch, Kibana, Grafana, Python, Logz.io
- Analyse bots and services to create rules and signals to use to block them
- Build software to automatically label bot traffic: Git, Python, Jenkins, Docker, SQL
- Implement automations to help the team doing fast and precise analysis
- Support my team with project architecture, reviews and documentation
- Maintain and improve our documentation, in sync with other teams
- Organise and lead team meetings
- Research and develop new ideas with the objective of enriching our service proposal
- Present our research in public and private presentations: Black Hat Europe 2023

As a Cybersecurity Data Analyst my responsibilities are:
- Analyse traffic and improve bot detection: Elasticsearch, Kibana, Grafana, Python, Logz.io, pandas, Jupyter notebook
- Block aggressive bots targeting our customers using both signature and behavioral rules
- Respond to customer's inquiries with detailed analysis and a clear explication, respecting efficient work timelines
- Build software to automatically label bot traffic: Git, Python, Jenkins, Docker, SQL, Selenium, AWS
- Implement automations to help the team doing faster and precise analysis

Working as a devops consultant and programmer
- Development of API clients: Python, Git
- Development of security-oriented software: C, Git, Bash, Python, Ansible, Packer
- Development of custom Ansible modules: Python, Git
- Development of automation & monitoring software: Elastic, REST API, Ansible, Git, Python, Packer, Vagrant, Prometheus, Grafana, Docker
- Deployment and/or configuration of log monitoring solutions: Elastic, Splunk

I took a pause from work and decided to travel. I was away for almost 6 months in eastern Europe, I saw beautiful places, I got to know cultures, history and nature. I met my actual partner, she was also travelling :)

During this trip I also did some consultancy activities, mostly on Elasticsearch.
Before leaving, my employer asked me to participate to a research activity for new talents and partner in the countries I would have visited. With this objective:
- I partecipated to informal tech meetups
- I presented myself and Sorint to universities
- I met people interested in a partnership
- I collected information on the countries I've visited on: economy, instruction, work, political situation

Responsible to develop, deploy and maintain software, often security focused. Administer security solutions and make them interoperate in parallel to responding to incidents and service requests.
• Manage SIEM and log monitoring solutions: Splunk, QRadar, LogRhythm, ELK, Exabeam, Kibi
• Incident response: definition of procedures, solution of the incidents, communication with the customers
• Develop software with different purposes: Python, Django, Git, ELK, HTML, SQL, Javascript, Shell
• Create intelligence over network and security logs: Python, Git, ELK, Bash scripting
• Endpoint protection: SentinelOne, Symantec, and more
• Malware Analisys: sandboxing (Cuckoo, AnyRun), reversing, deobfuscating, execution in a controlled environment, IoC. Automation of malware analysis and data collection
• Administer security solutions: IDS/IPS (Suricata, PaloAlto), ATP (FireEye, ProofPoint, Symantec), Firewall (PaloAlto, FortiGate, CheckPoint), Threat Intelligence (BlueLiv, IntSights)
• Analysis of Windows logs, Linux logs, application and system logs, generic logs.
• Antiphishing: categorization of emails and domains, automation of analysis and takedown procedures

Development and analysis in security scope
• Analysis of open source solutions aimed to detect anomalies on network traffic
• Create intelligence over existing network and security data, mainly using Python & Git
• Studying and tuning internal IPS/IDS Suricata solution
• Studying and tuning internal Elasticsearch cluster