OUR MISSION
At Xeek, our mission is to provide comprehensive and tailored cybersecurity solutions to help organizations effectively manage their cybersecurity risks and exposures. Our team of experts works closely with each client to understand their unique needs and provide customized services that serve as a virtual CISO (Chief Information Security Officer) for their business.
From risk assessments to implementing robust security protocols and controls, our goal is to protect our clients' digital assets and ensure their cybersecurity posture remains strong over time. We strive to stay ahead of emerging threats and offer specialized services such as penetration testing and incident response planning to minimize the impact of any incidents that do occur. Trust in XeeK for top-notch cybersecurity services that keep your business safe and secure.
OUR TEAM
Our highly skilled cybersecurity team is dedicated to protecting clients' digital assets and enhancing their security posture. With a wealth of experience across diverse industries, our experts specialize in services like vCISO advisory, penetration testing, incident response, and more. Our team's deep understanding of the cybersecurity landscape allows them to effectively identify, evaluate, and address risks, while staying ahead of emerging threats.
By fostering a culture of continuous learning and staying up-to-date with the latest best practices, Xeek's cybersecurity professionals provide exceptional service, ensuring the safety and security of our clients' critical data and systems.
ANNA
CISO & GRC manager
Anna specializes in information security governance, focusing on the management, implementation, and operation of information security management systems. With over a decade of experience, she has designed and implemented internal business processes and methodologies, including risk management, documentation management, and exception management. Anna has created numerous policies, methodologies, documentation, and guidelines, and is certified in ITIL, M_o_R, and as an ISO 27001 Lead Implementer. Her proven track record includes developing security policies and ISMS documentation for banks and telecoms, designing and implementing security risk management processes for telecoms, preparing engineering companies for ISO 27001 certification, and governing security and risk compliance in the gas industry.
MARTIN
GRC consultant & BCP manager
Martin has over 18 years of experience in risk management. As a BCM Manager at Česká spořitelna, he established a new business continuity management program, including a crisis management framework. He also served as an Outsourcing Governance Officer, setting up an outsourcing management program focused on risk assessment, due diligence, and managing critical vendors, regulators, and auditors. Martin spent four years at PPF Group, where he established group-wide outsourcing management, led local teams in multiple countries, ensured regulatory compliance, and developed a new Vendor Risk Management framework. He holds certifications in Six Sigma, PRINCE2, Operational Risk Management, Business Continuity Management, ServiceNow GRC (IRM), and ISO 27001 Foundation. His key implementations include setting up the business continuity management framework at Česká spořitelna, analyzing crisis management capabilities, introducing new policies, conducting awareness campaigns, training employees, establishing outsourcing management, and creating a new vendor risk management process to ensure regulatory compliance.
LENKA
Delivery lead
Lenka brings extensive experience in Sales Support and Project Management, consistently becoming a key asset in every team she joins. Known for her responsibility, precision, and exceptional organizational skills, she advanced to roles managing VIP customers. As part of the Project Management team, Lenka led multiple internal and external teams, overseeing the delivery and activation of telecommunications services worldwide. Currently, she serves as a Delivery Manager at Xeek.
DAVID P
Cyber security designer & ICT consultant
David is a senior ICT consultant and security specialist with expertise in implementing security standards, threat mitigation, and environment standardization and hardening on MS Windows technologies, while also extending his skills to Linux and macOS. His career progression from IT helpdesk to L3 Windows Server administrator and IT security designer has equipped him with practical integration experience, ensuring security measures are effective and minimally disruptive to IT operations. David's strong scripting skills in PowerShell, Visual Basic Script, and HTA enhance his ability to implement robust security solutions. His key skills include designing and implementing the TIER model, security hardening using CIS standards, Intune security design and implementation, AppLocker deployment, migration to Microsoft Edge from IE11, Bitlocker to Go for portable device security, local administrator privilege management with MS Just Enough Administration and LAPS, local endpoint firewall administration, endpoint virtualization and thin client hardening, and managing, deploying, and migrating antivirus products such as Sophos, ESET, McAfee, and Microsoft Windows Defender ATP.
DAVID K
Cyber security designer & ICT consultant
David is a senior security consultant and specialist with expertise in implementing governance and operations models across various sectors, particularly focusing on ISO 27001 and NIS compliance. With almost a decade of experience in Identity and Access Management (IAM) and Privileged Access Management (PAM) using CyberArk, David excels in managing privileged accounts and secure application usage. His background in Enterprise Architecture within the financial sector, combined with his proficiency in vulnerability management, software testing, IT operations management, systems administration, and project management, makes him a versatile and valuable asset.
ROMAN
SSOE & Security architect
Roman is senior information security specialist with two decades of experience, primarily in the banking sector. Over the last 8 years, he has focused on security monitoring and incident response, showcasing expertise in SIEM solutions (QRadar, Splunk, MS Sentinel) for implementation, administration, development, and creating security monitoring scenarios. His skills also include designing, developing, and maintaining incident response automation, adopting and setting up threat intelligence, and achieving CSIRT team Trusted Introducer certification. Additionally, David excels in managing privileged accounts and secure access, implementing, administering, and developing DLP technology, and creating incident resolution procedures. His proficiency extends to vulnerability management, security hardening for Windows environments, and creating and deploying software security testing processes for end devices.
MARIAN
CEO, CISO & GRC manager
Marian is company founder and CEO with over 20 years of ICT and cybersecurity expertise in leading European banking institutions, excels in cybersecurity risk management, technical cybersecurity, and prevention strategies, ensuring robust protection for critical financial systems. He focuses on IT infrastructure, clouds, and security, mainly on Microsoft platforms. Marian has served as a Windows infrastructure manager and built an operational security team. Additionally, he worked as Chief Information Security Officer at Česká spořitelna and Group Information Security Officer for Škoda Transportation and Dr. Max pharmacy chain, where he oversaw security strategy, risk management, CSIRT team development, and general management. His specialties include long-term IT and IT security strategy design and implementation, Windows infrastructure virtualization, endpoint virtualization with Citrix, Active Directory environment redesign, and building IT security operational teams. He has also led initiatives in security maturity analysis, strategy definition, and compliance with cybersecurity laws and ISO standards.
TOMAS V
CISO & GRC manager
Tomáš has been working in IT for over 25 years, specializing in IT risk management, security strategy development, and implementation. His career has progressed from IT support and infrastructure management to IT security specialist roles, culminating in his position as Chief Information Security Officer in financial institutions. He has established departments responsible for Business Continuity and Crisis Management, Physical and IT Security, Fraud Management, and Operational Risk Management for a banking institution. Currently, his focus is on IT risk management, particularly in data protection, identity and access management, and regulatory compliance with GDPR, PCIDSS, PSD2, NIS2, and DORA. He is certified in ITIL and as an ISO 27001 Senior Lead Implementer. His proven track record includes building IT infrastructure for automotive suppliers, developing and implementing Vulnerability Management and DLP solutions, establishing comprehensive security departments, conducting security assessments, and implementing Identity and Access Management tools and company policies in IT security for banks and betting companies.
VIKTOR
CISO & GRC manager
Viktor is a Cyber Security and Program & Supplier Management expert with 18+ years experience and proven track record of building cybersecurity frameworks, leading transformations, and achieving significant cost and time savings while managing complex teams, including external partners. With global expertise in risk-based cybersecurity, he addresses security standards and regulations, showcasing proficiency in IT, project leadership, efficient problem-solving, legal acumen, and global negotiation skills. Viktor is a passionate lifelong learner, currently pursuing an LL.M. in ICT Law (MUNI), to prepare companies for disputes and litigations with regulators, cyber insurers, and customers in the cybersecurity space. Certified as a Certified Information Security Manager (CISM) and PRINCE2 practitioner, Viktor has led teams to develop and maintain comprehensive information security requirements, negotiated over 70 high-risk contracts annually, designed and implemented a BOT achieving over 50% automation, and attained double-digit percentage savings in cost optimization. He effectively split a financial company, established a new IT infrastructure, developed a cost-efficient IT strategy for a financial holding, and facilitated the expansion of a bank's operations to Europe.
KAROLINA
CISO & GRC manager
Karolína specializes in business and application requirements as well as information security analysis. With over 10 years of experience primarily in financial institutions, she has defined business requirements for digital transformation projects. Karolína has actively collaborated with implementation teams to ensure agile development and successful implementation of business requirements, while also defining appropriate test cases within sprints. Currently, she focuses on Information Security Governance. She holds certifications in Cyber Security, PRINCE2® Intro, Risk Management Intro, ITIL Intro, Business Analysis & Process Management from IBM, and Databases and SQL for Data Science from IBM. Her accomplishments include end-to-end business process analysis for digitalization programs, requirements management, process definition and design within future state architecture for GE Money Bank and CMSS, and analyzing DORA, NIS2, and ISO 27001 requirements for company certification.
JAN
Security architect & Security operations manager
Jan has been working in IT and IT security for over 13 years, holding roles from IT Administrator and Analyst to Infrastructure Consultant, ICT Security Architect, and CIO. He bridges the gap between business and IT, aligning technology strategies with business objectives in both private and public sectors. His expertise spans user management, log management, DLP, vulnerability management, and incident management, ensuring seamless operations and security. Jan has managed various teams, demonstrating his strong people management skills, and has international experience in the US, SEA, China, and India. His accomplishments include user and role management for the ISSP (State Treasury), log management, DLP implementation, establishing an IT site in the USA (OKIN), and certifications in IBM Security QRadar SIEM Administration and Configuration, Splunk Certified Power User, ITIL, and fundamental CSIRT functions.
LUKAS
Cyber security designer & ICT consultant
Lukáš is an ambitious IT security specialist with extensive expertise in Certificate Authority (CA) management, HSM modules, and EDR solutions. With hands-on experience across diverse IT systems, Lukáš has proven skills in server administration, vulnerability management, and developing security-centric applications. His practical and result-oriented approach ensures the effective execution of complex technological tasks and projects. Currently focusing on CrowdStrike Falcon, MS Defender, and ESET protection, Lukáš steers Certificate Authority initiatives and oversees the certificate lifecycle and policy settings. He managed applications on the JBoss platform, transitioning from a Linux farm to the OCP3 platform, and administer Windows servers for efficient application management and server lifecycle operations. Lukáš has also developed an application for enhanced Qualys management using its API, managed HSM modules including key configuration and lifecycle management, conducted comprehensive security assessments with tools like Qualys and Tenable, and managed ESET security solutions to enhance system integrity and client security.
JAKUB
SSOE & Security architect
Jakub is a Senior Security Incident Responder, Expert, and Architect with over a decade of experience in security monitoring and incident response. His extensive career includes providing security solutions to the financial and government sectors. Jakub is proficient with various SIEM solutions, including Splunk and Azure Sentinel, and is a skilled threat analyst using tools such as SocRadar, Black Kite, and BitSight. He holds a CSIRT team Trusted Introducer certification, further demonstrating his expertise and commitment to cybersecurity excellence.
TOMAS C
CSIRT product owner & Project manager
Tomas specializes in security monitoring, incident response, and threat intelligence platforms, with over six years of experience as Head of the CSIRT CSAS team. In this role, he was responsible for security monitoring and managing security incidents, leading his team to achieve Certified level within the Trusted Introducer organization, making them the fourth team in the Czech Republic and the second in the global banking sector to do so. His expertise includes CSIRT team Trusted Introducer Certification, Splunk SIEM implementation, ServiceNOW SIR module implementation, and adopting and setting up threat intelligence platforms such as Digital Shadows, BitSight, SocRadar, and Black Kite.