I am an information security consultant and trainer based in Wroclaw, Poland. As a consultant I help my clients to understand their risk posture and choose the optimal way of bringing it to the accepted level. I am performing risk analyses and advising on implementing risk management processes reflecting specific needs of the client’s organisation. I also coordinate and lead information security audits and penetration tests. As a trainer I teach various aspects of information security including risk management and web security. I am also a member of the Board of Directors at ISSA Polska. I lead ISSA initiatives in Wroclaw. I am a Debian GNU/Linux distribution consultant.

I am holding the Certified Information Systems Security Professional (CISSP) and the Certified Ethical Hacker (CEH) designations.

Working as an information risk analyst for a global bank and as a developer for financial institutions, ISPs and hosting companies for over eight years as well as taking part in a few projects gave Michal a lot of experience in various IT areas and allowed him to look at information security from many different angles as well as to gain a lot of in-depth hands-on experience.

My full resume — containing my personal details, listed work experiences, and an always outdated list of skills — is available for download (160kB, pdf format). Please also feel invited to check out my LinkedIn profile.

You can reach me at michal@sobiegraj.com or by calling +48.509509150.

This blog consists mainly of my riffs, rants and ideas on security. Posts not related very much to security may occasionally appear, although you should not expect it very often.

You may also like to check out some random projects that I’m responsible for or which I’ve added my two cents to.