Open to opportunities

Czabán Tamás

@czaban_tamas

Message

Vulnerability management analyst building security automation that turns slow triage into minutes-fast remediation.

Hungary

Message

What I'm looking for

I want a fully remote, open-source-rooted team where I can build and ship security automation for vulnerability management and incident response—turning risk data into fast, clear action. I value strong engineering practice and measurable operational impact.

I build security automation that cuts response time from hours to minutes, and I apply the same discipline to both internal vulnerability operations and public open vulnerability data. At Citi, I run vulnerability management end-to-end—covering triage, investigation, remediation tracking, and incident response on L0 GEM deadlines—while shipping the Python tooling the team uses daily.

I track vulnerabilities through closure across the enterprise asset estate and communicate risk findings to engineers and director-level stakeholders. I lead incident response when the clock is on, like parsing affected app versions with Python automation and clearing a 48-hour deadline without chase emails.

I focus heavily on operational impact: I built an automated per-app-manager Email Composer during an Apache Tika XXE L0 GEM and an Oracle HTTP Server RCE L0 GEM, replacing manual workflows (~4 hours) with a 12-minute pipeline. I also deliver data products such as the Firewall & Load Balancer Vulnerability Dashboard and the GEM Dashboard, using efficient caching and filter-aware reporting so daily operational view stays sharp.

Beyond incident execution, I ship maintainable pipelines to production environments—containerized Python/Streamlit workloads on OpenShift, wired into GitHub Actions and a Tekton pipeline with supply-chain gates. I’m energized by open-source-rooted collaboration, and I build public tools like CVE Feed Dashboard, Vulnerability Prioritization Scorer, and Advisory Composer that connect NVD API v2, EPSS, CISA KEV, and OSV.dev to help teams prioritize and act.

Experience

Work history, roles, and key accomplishments

Current

Vulnerability Threat Management Analyst

Current

Citi

Apr 2025 - Present (1 year 2 months)

Triaged, investigated, and tracked GEM vulnerability findings through closure across Citi’s enterprise asset estate, coordinating remediation with asset-owner teams. Led L0 GEM incident response for Apache Tika XXE and Oracle HTTP Server RCE—clearing 48-hour deadlines and automating notifications from ~4 hours to a 12-minute pipeline.

Vulnerability Management Incident Response GEM Vulnerability Triage CVE CVSS EPSS Scoring Risk Communication CI CD Pipelines

Cloud Support Engineer

Ericsson

Apr 2023 - Apr 2025 (2 years)

Investigated and resolved orchestration-level incidents for enterprise OpenStack environments, delivering structured RCA reports and sustaining 95% on-time resolution. Maintained 24/7 on-call coverage for business-critical cloud infrastructure while managing concurrent critical cases with ~90% queue utilization.

OpenStack Troubleshooting Reliability Engineering Performance Monitoring SLA Management

Reporting Analyst

BlackRock

Jan 2022 - Jan 2023 (1 year)

Optimized 200+ daily reporting deliverables with a 90% success rate while maintaining 99% timeliness and sub-24-hour responses to client tickets. Improved workflow responsiveness to consistently meet operational deadlines.

Operational Reporting Performance Tracking Workflow Optimization Responsiveness