n n
@nn01
Application Security Engineer with expertise in DevSecOps and pentesting.
What I'm looking for
I am an experienced Application Security Engineer with over four years in the field, specializing in DevSecOps and pentesting. Currently, I lead a team of seven at 01tech, where I define development strategies and implement secure development processes across a diverse range of products. My role involves collaborating closely with the CTO to enhance information security and manage a comprehensive security pipeline that integrates open-source and commercial solutions.
My journey in security began with a keen interest in vulnerability assessment, which has led me to successfully discover and remediate numerous critical vulnerabilities. I have a proven track record of implementing security metrics, conducting thorough security audits, and developing training courses to promote secure development practices. My freelance experience as a Bug Bounty Hunter has further honed my skills in identifying vulnerabilities across various platforms.
With a strong commitment to continuous learning, I actively pursue certifications and stay updated on the latest trends in information security. I thrive in collaborative environments and am passionate about fostering a culture of security within development teams.
Experience
Work history, roles, and key accomplishments
Application Security Team Lead
01tech
Nov 2023 - Present (1 year 9 months)
Led a team of 7 in defining and implementing secure development processes (SSDLC) across all company products. Successfully implemented a full-fledged Security Pipeline across over a hundred repositories and integrated with EASM tools for perimeter control.
Bug Bounty Hunter
Индивидуальное предпринимательство / частная практика / фрил
Jun 2023 - Present (2 years 2 months)
Actively participated in various bug bounty platforms, including HackerOne, Bugcrowd, Standoff, and Bizone. Identified and facilitated the remediation of dozens of vulnerabilities, including high-level and critical issues, across infrastructure and web applications.
Software Development
Индивидуальное предпринимательство / частная практика / фрил
Jun 2023 - Present (2 years 2 months)
Developed and promoted personal applications, including Telegram bots, and undertook custom software development projects. Established and managed a dedicated infrastructure utilizing Nginx, Docker, Redis, and MariaDB.
Security Tester (Web Pentester)
EPAM Systems Inc.
Jul 2021 - Present (4 years 1 month)
Conducted comprehensive web application testing following the PTES standard, utilizing Black Box, White Box, and Grey Box methodologies. Identified various vulnerabilities, including critical ones, and provided detailed reports and consultations to developers.
Application Security Engineer
EPAM Systems Inc.
Jul 2021 - Present (4 years 1 month)
Built and managed the S-SDLC process, implementing and controlling security requirements for products and their functionalities. Integrated various security tools into CI/CD pipelines, including SAST, DAST, SCA, and Secret Scanning solutions.
DevSecOps Intern
EPAM Systems Inc.
Jun 2021 - Present (4 years 2 months)
Gained proficiency in key DevOps and security tools, including Terraform, Ansible, Docker, and Kubernetes. Successfully implemented a secure CI/CD pipeline with integrated SAST, DAST, and secret scanners as a final project.
Education
Degrees, certifications, and relevant coursework
National Technical University 'Kharkiv Polytechnic Institute'
Incomplete Higher Education, Information Technology
Studied at the National Technical University 'Kharkiv Polytechnic Institute' with a focus on Information Technology. The curriculum included various aspects of IT and cybersecurity, preparing for a career in technical fields.
Availability
Location
Authorized to work in
Job categories
Skills
Interested in hiring n?
You can contact n and 90k+ other talented remote workers on Himalayas.
Message nFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
