n n

Led a team of 7 in defining and implementing secure development processes (SSDLC) across all company products. Successfully implemented a full-fledged Security Pipeline across over a hundred repositories and integrated with EASM tools for perimeter control.

Actively participated in various bug bounty platforms, including HackerOne, Bugcrowd, Standoff, and Bizone. Identified and facilitated the remediation of dozens of vulnerabilities, including high-level and critical issues, across infrastructure and web applications.

Developed and promoted personal applications, including Telegram bots, and undertook custom software development projects. Established and managed a dedicated infrastructure utilizing Nginx, Docker, Redis, and MariaDB.

Conducted comprehensive web application testing following the PTES standard, utilizing Black Box, White Box, and Grey Box methodologies. Identified various vulnerabilities, including critical ones, and provided detailed reports and consultations to developers.

Built and managed the S-SDLC process, implementing and controlling security requirements for products and their functionalities. Integrated various security tools into CI/CD pipelines, including SAST, DAST, SCA, and Secret Scanning solutions.

Gained proficiency in key DevOps and security tools, including Terraform, Ansible, Docker, and Kubernetes. Successfully implemented a secure CI/CD pipeline with integrated SAST, DAST, and secret scanners as a final project.

Studied at the National Technical University 'Kharkiv Polytechnic Institute' with a focus on Information Technology. The curriculum included various aspects of IT and cybersecurity, preparing for a career in technical fields.