Asparuh Stefanov
Manager - Cyber Attack and Defence
As Cyber Attack and Defence Manager at Forvis Mazars, Asparuh is responsible for leading a highly skilled team within the technology and digital practice, delivering advanced cyber advisory, penetration testing, and red team testing services to clients across the UK and internationally. His role involves managing the end-to-end delivery of complex security assessments, including red teaming and infrastructure testing, to identify vulnerabilities and fortify clients' security postures.
Experience
Asparuh has over six years of experience in scoping, planning and delivering a wide range of penetration testing engagements including internal/external infrastructure, web application, API testing, server build and network configuration reviews, and cloud assessments.
He has had exposure serving a wide range of global clients spanning both – public and private sectors across a number of industries, including financial services, telecommunications, pharmaceutical, technology and manufacturing.
Asparuh has conducted extensive work under the UK government CHECK scheme in securing networks, platforms and application assets that support UK Critical National Infrastructure (CNI).
He actively applies his knowledge, skills and experience in cyber security reviews of client’s scope to adequately map the external and internal attack surface.
Work highlights
At Forvis Mazars, Asparuh has conducted a comprehensive cloud assessment for a global client, identifying key areas for security enhancement that led to ongoing collaboration and additional projects. This work underscored the team’s expertise in cloud security and strengthened client trust.
Achieving the Principal Cyber Security Professional (PriCSP) title from the UK Cyber Security Council marks a pivotal milestone in Asparuh's career, validating his commitment to high standards and effective security practices.
Asparuh has also developed proprietary tools and methodologies for cloud security, server build reviews, architecture assessments, and LLM testing, which streamlined assessments and improved the accuracy of security evaluations.
In parallel, he remains dedicated to mentoring junior team members, guiding them through certifications, and sharing his skills and insights to foster their professional growth, further expanding the expertise of Forvis Mazars' cybersecurity team.
Accreditations/ Memberships of professional bodies
Principal Cyber Security Professional (PriCSP)
Cyber Scheme Team Leader - Infrastructure (CSTL-INF)
Certified Information Systems Security Professional (CISSP)