You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Tamas BaloghTB

Tamas Balogh

Cybersecurity Engineer, Consultant and vCISO

€752/day
London, GB
15+ years
SIEM
Firewall
Vulnerability Management
vCISO
Compliance Automation

Average response time: 1 hour

About Tamas

A hands-on Senior Cybersecurity Expert with 15+ years of experience in Threat Detection, Vulnerability Management, Security Operations (SOC, SIEM, SOAR), Network and Cloud Security. So far, I have helped close to 100 organisations shift to threat-informed cybersecurity practices delivering 10s of thousands of controls and detections worldwide. I am a quick learner, I process new information at an exceptional rate, and I use these skills to solve complex security challenges bridging the gap between operational, technical and business requirements, focusing on delivering measurable improvements in risk posture and efficiency. I enjoy working in a team, mentoring and leading team members, and I am also effective working solo on specific initiatives.

  • Hungarian

    Native or bilingual

  • English

    Fluent

Can work on-site
London (up to 50km)

Experience

  • KYBERX
    Cybersecurity Consultant and vCISO
    January 2025 - Today (1 year and 5 months)
    Latvia
    • Launched 2 new service lines for the client: Cybersecurity User Awareness and Compliance Automation.
    • Contributed to targeted security awareness training sessions for employees and stakeholders and presented complex security information in accessible language to technical and non-technical audiences.
    • Delivered free online webinar series to educate business and cybersecurity leaders on user awareness
    topics and best practices, risk management and NIS2 compliance including an implementation roadmap.
    • Deployed & managed a WAF solution (Cloudflare), designed rule sets, mitigated common web attacks.
    Key technologies:
    • SOCRadar, Qualys (VMDR), Cloudflare, Microsoft Azure (Defender, Entra ID, O365), Nimblr, usecure, LivingSecurity, Drata, Cyberday, SecurityScorecard, Windows OS.
  • AXA GO
    SecOps SME & Technical Program Lead
    October 2021 - December 2024 (3 years and 2 months)
    France
    • Translated business and security strategy, requirements and policies into reference architectures, design patterns, and secure configurations across network, cloud, SIEM and vulnerability management domains.
    • Acted as the highest escalation point for complex troubleshooting (networks, firewalls, logging configuration, permissions, cloud) within the program.
    • Conducted risk assessments and aligned controls with ISO 27001 , NIST CSF, GDPR and others.
    • Reviewed and optimised security documentation (policies, standards, procedures, guidelines).
    • Architected, built, documented and maintained a next-generation SIEM solution (MS Sentinel).
    • Gathered requirements and prepared detailed detection use case specifications.
    • Tuned alerts to minimise false positives and false negatives.
    • Normalised and enriched log sources.
    • Delivered a structured Target Operating Model (TOM) for SIEM log onboarding factory.
    • Led the design and implementation of both single- and multi-domain WEC (Windows Event Collector).
    • Applied MITRE ATT&CK to prioritise threats, design & build detections.
    • Delivered design and implemented of end-to-end network connectivity (Cisco, Azure, AWS), firewall filtering (Cisco, Palo Alto, Fortinet), IDS/IPS, S2S IPSEC & remote access VPN, SOC integration).
    • Designed IAM configuration (Active Directory, Azure Entra ID, CyberArk).
    • Conducted a feasibility and architectural study of Google SecOps (Chronicle) & Palo Alto Cortex XSIAM & Cortex XSOAR as potential upgrade solutions.
    Key technologies:
    • Microsoft Azure (Sentinel, Log Analytics, ADX, Logic Apps, AMA, Firewall, VPN Gateway, Application Gateway, Load-balancer, Entra ID), Google SecOps (Chrconicle), Bindplane, ArcSight (SmartConnectors, FlexConnectors, ArcMC), Cisco (ASA, FirePOWER, routing, switching), Palo Alto (PanOS, Panorama), Algosec, Fortinet, Check Point, AlgoSec, AWS, Active Directory, CyberArk, Symantec AV, Cybereason, ServiceNow, Jira, Windows, Linux, LAN, WAN.
  • T&L Cyber Consulting Ltd.
    Cybersecurity Consultant and vCISO
    January 2021 - September 2021 (8 months)
    Uk, IR, Russia
    • Led the process for & achieved Cyber Essentials & Cyber Essentials Plus accreditations for the business.
    Key technologies:
    • Qualys (VM, WAS), Cloudflare, Microsoft Azure (AD, O365), ESET AV & XDR, Windows OS.
Check out Tamas's experience

Recommendations

Be the first to recommend Tamas

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • AZ-900, SC-900, MITRE ATT&CK Cyber Threat Intelligence
    AZ-900, SC-900, MITRE ATT&CK Cyber Threat Intelligence
  • MAD20, MITRE ATT&CK Fundamentals, MITRE ATT&CK SOC Assessment
    2025
    MAD20, MITRE ATT&CK Fundamentals, MITRE ATT&CK SOC Assessment
Check out Tamas's education

Skill set

EDR
XDR
Microsoft Azure
AWS
Google cloud
Google SecOps (Chronicle)
Cisco
Palo Alto
Check Point
Fortinet
Qualys
BAS
NBA/UEBA
SOAR
ArcSight
LogRhythm
Splunk
Microsoft Sentinel
Microsoft Defender
MITRE ATT&CK
Armis
Cyberday
Drata
SecurityScorecard
Microsoft Entra ID
Microsoft Purview
NIS2
ISO 27001
DORA
NIST
PCI DSS
Cyber Essentials
CrowdStrike
GDPR
Nimblr
usecure
AlgoSec
Bindplane
Data Privacy (GDPR, CCPA)
GRC (Governance, Risk and Compliance)
Least Privilege Principles
Security Awareness Training
Risk and Vulnerability Assessment
Agile Project Management
IT Project Management

Categories