Back home

Artem Borisov

Senior Information Security Engineer · LLMOps
mintn308@gmail.com+7 917 898 97 97t.me/M1NTNlinkedin.com/in/arborisovMoscow

Profile

Senior Information Security Engineer at R-Vision (since October 2023), Technical Expertise Department — AI/ML tools for cybersecurity.

Primary focus: LLM applications for the SOC — VRL Normalization Agent (RAG on Claude Sonnet + ChromaDB/Qdrant for SIEM log normalization), documentation chatbots, log explanation agents, incident recommendation generators.

Experience

Senior Information Security Engineer · R-Vision
10.2023 — present
Technical Expertise Department · AI/ML tools for cybersecurity
  • Built LLM applications for the SOC: VRL Normalization Agent (RAG + Claude Sonnet 4.5), 3S Soft Search Service, documentation chatbots, incident recommendation generators.
  • On-premise LLM infrastructure: vLLM + Qwen3.5 MoE on RTX 6000 Ada, LiteLLM proxy, MLflow Prompt Registry, dev/prod segmentation.
  • Operated EVO SIEM on Kubernetes: troubleshot NATS JetStream, Consul, Patroni HA, CNI networking issues.
Implementation Engineer · R-Vision
2021 — 2023
Complex R-Vision rollouts (UEBA, TIP, TDP, SOAR)
  • Parallel rollout of UEBA / TIP / TDP / SOAR at a customer, 25,000+ EPS on TIP.
  • VM and SOAR deployments at international customers — distributed infrastructures, multilingual teams.
  • Database clustering for SIEM/SOC workloads: PostgreSQL HA (Patroni), replicated ClickHouse.

Projects

  • 2024—2025
    VRL Normalization AgentAI platform that auto-generates normalization rules for R-Vision SIEM. Ingests raw logs (syslog, CEF, JSON, kv) and produces ready VRL rules via LLM + RAG with multi-stage validation.
  • 2024—2025
    3S — Soft Search ServiceSemantic search service for documents and structured data with RAG support, hybrid search, and large collections (10K+ entities).
  • 2025
    On-premise LLM infrastructurevLLM + Qwen3 / Qwen3.5 MoE on RTX 6000 Ada, LiteLLM proxy as a single entry point, MLflow Prompt Registry, dev/prod segmentation architecture.
  • 2024
    University lecture: AI in CybersecurityGuest lecture for CS students on applying LLMs and ML to infosec tasks — evangelism and talent pipeline.
  • 2023—2024
    R-Vision complex implementationSimultaneous rollout of four R-Vision products in a customer environment — UEBA, TIP, TDP, SOAR — with response integrations.
  • 2021—2023
    VM & SOAR deployments in international companiesVulnerability Management and SOAR deployments at international customers: requirements gathering, rollout, integrations, and team enablement.

Skills

AI / LLM
LLM Application Design · RAG · vLLM · LiteLLM · MLflow · Claude / Anthropic · OpenRouter · Prompt Engineering · Agentic / ReAct · Tool Calling
Backend
Python · FastAPI · SQLAlchemy 2.0 · Celery · asyncio · Pydantic
Data / Vector
PostgreSQL · ClickHouse · Redis · Qdrant · ChromaDB · MinIO · Patroni HA
Infra
Docker · Docker Compose · Kubernetes · NATS JetStream · Consul · Nginx · Linux
Security
R-Vision SOAR · R-Vision TIP · R-Vision UEBA · R-Vision TDP · QRadar · Vulnerability Management · SIEM operations

Languages

Russian — native · English — professional