Cybersecurity Consulting

Vaclav Dovnar

Hands-on security leadership. From strategy to implementation.

12+ years securing products, teams, and infrastructure for companies operating at global scale. Built security programs from scratch, led red team transformations, and delivered compliance across 46 countries.

Vaclav Dovnar — Cybersecurity Expert

About

I'm a hands-on security leader with 12+ years of experience across Application Security, Infrastructure Security, SOC/SIEM, DevSecOps, and fraud prevention. I've built security programs from zero twice and delivered a major turnaround of a stalled security program.

As CISO at inDrive, I built and led a 20-person security organization responsible for an ecosystem processing 3.5 million deals per day across 46 countries. I launched Bug Bounty, SOC, and achieved ISO 27001.

Currently serving as deputy CISO at 01.Tech, where I rebooted the AppSec program, transformed the penetration testing function into a red teaming model, and built an anti-fraud capability from scratch.

I'm a frequent conference speaker with 17 public talks on secure development, DevSecOps, and security team management. I share practical knowledge — no marketing, no fluff.

01.Tech inDrive City-Mobil RBK.Money Ernst & Young AT Consulting
12+
Years of Experience
17
Conference Talks
30
Team Members Led
46
Countries Covered

Services

Expert cybersecurity services tailored to your business needs

Offensive Security & Testing

Identify vulnerabilities before attackers do

Web Application Penetration Testing
Comprehensive testing of web applications for OWASP Top 10 and beyond
Social Engineering Assessments
Evaluate your team's resilience against phishing, pretexting, and other social attacks
Perimeter Vulnerability Assessment
Discover exposed services and vulnerabilities on your external attack surface
Leak Detection & OSINT
Find leaked credentials, exposed data, and open-source intelligence about your organization
Internal Penetration Testing
Simulate insider threats and lateral movement within your network
Source Code Audit & Backdoor Detection
Manual review of source code for vulnerabilities, backdoors, and security flaws
Web3, DeFi & Smart Contract Security
Security assessment of blockchain applications, DeFi protocols, and smart contracts
Red Team Operations
Full-scope adversary simulation with realistic attack paths and business-critical scenarios

Compliance & Governance

Meet regulatory requirements with practical approaches

Certification Preparation & Support
End-to-end guidance for ISO 27001, PCI DSS, SOX and other compliance frameworks
GDPR Compliance Program
Build and implement a practical GDPR compliance program for your organization
Security Process Audit
Evaluate the maturity and effectiveness of your existing security processes
Anti-Fraud System Audit
Assess your anti-fraud controls, detection logic, and operational efficiency

Strategic Advisory

Expert guidance for critical security decisions

Executive Security Consulting
Strategic advice for C-level executives on cybersecurity priorities and investments
Security Architecture Review
Expert review of your system architecture for security risks and design flaws
Security Team Building & CISO Assessment
Help forming security teams, evaluating technical and leadership qualities of CISO candidates
Trusted Vendor Selection
Independent evaluation and selection of security vendors and contractors
Independent Security Opinion
Third-party expert perspective on your cybersecurity questions and challenges
Anti-Insider Threat Program
Design and implement insider threat detection without disrupting business operations

Engineering & Operations

Security integrated into your development and operations

Secure Development Lifecycle
Implement security practices without creating blockers for your development teams
Perimeter Monitoring
Continuous monitoring of your external attack surface for changes and threats

Need a custom security solution? Let's discuss your requirements.

Get in Touch

Track Record

Proven results across industries and scales

3.5M
Deals per day secured in the inDrive ecosystem across 46 countries
ISO 27001
Certification obtained for inDrive operations in Cyprus and India
20
Person security organization built and led covering AppSec, InfraSec, and Compliance

Conference Talks

2025
Security by Design — Novi Sad, Serbia
Mature Automation Practices in AppSec
2024
Saint HighLoad++ — Saint Petersburg
Shift Left Security Guide for Architects and Developers
2024
Payment Security — Rosa Khutor
Secure Development with Minimal Resources
2024
CodeFest — Novosibirsk
Security Architecture Review Process
2024
DUMP — Ekaterinburg
Secure Development with Minimal Resources — Practical Tips
2024
MergeConf — Innopolis
Team Topologies & Kanban STATIK in Security
2024
Stachka — Ulyanovsk
Conflicts Between IT and Security: Root Causes and Solutions
2023
DevOops Conf
Security as a Platform Team

What People Say

Vaclav led a security audit of our online services — and he really delivered. He found vulnerabilities, explained everything clearly, and after his recommendations we were able to fix everything quickly. Communication was easy and straightforward: any question could be resolved fast, no unnecessary formalities or delays. We'll definitely reach out again and can confidently recommend him.
Denis Zakharov
CTO at ykt.ru
Client
Vaclav is highly proactive: he spots issues early, brings concrete options, and moves things forward without needing constant input. He is fully autonomous in building security processes from scratch — he can align stakeholders, make pragmatic trade-offs, and deliver real improvements in how security works with engineering. Clear, reliable, and easy to partner with.
Michil Androsov
ex-CTO at inDrive, Forbes 30 Under 30
Direct Manager
What sets Vaclav apart is his ability to reason about security as a practical engineering and business problem, quickly moving from abstract discussion to concrete decisions, trade-offs, and execution. I highly value these conversations and consider him a strong, trusted peer.
Maxim Mošarov
CEO/CISO, Security Expert
Industry Peer
I would like to thank Vaclav for helping to improve the practical information security of Beeline digital services.
Alexey Volkov
VP, CISO
Client
Vaclav is one of the top experts in his field, staying abreast of trends and possessing a deep understanding of modern practices. He is a thought leader who regularly shares his insights. With over ten years of experience across AppSec, InfraSec, and DevSecOps, he tackles security challenges with a holistic perspective.
Igor Kurochkin
Expert at Enabling.team
Industry Peer
Highly recommend Vaclav for cybersecurity advice — clear, practical, and extremely helpful.
Damir Ismakov
Client
Client

Why EdgeSec

Competitive Pricing

Fair rates enabled by a lean, part-time expert model — you pay for expertise, not overhead.

Vetted Professionals

Every team member has 5+ years of hands-on industry experience. No juniors learning on your systems.

Reliability

Clear communication, defined deliverables, and accountability at every stage of the engagement.

Boutique Approach

Minimal overhead, maximum focus. Your project gets personal attention from senior experts, not a conveyor belt.

Made with Care

Every engagement is approached with genuine expertise and dedication. Security crafted by people who care.

Let's Talk Security

Ready to strengthen your security posture? Reach out and let's discuss how I can help.

Message on Telegram

Start a conversation with our Telegram bot — fast, simple, and confidential.

Follow my Telegram channel for practical cybersecurity insights: Product Security