À propos de Vasyl
Security engineer with 10+ years of experience securing cloud-native, fintech, and AI/ML environments. Specialized in secure architecture design, SSDLC enablement, and DevSecOps automation. Proven success embedding security into developer workflows, leading secure design reviews, and building scalable AI/ML defense architectures. Drives adoption of security guardrails aligned with SOC 2, ISO 27001, PCI DSS, and GDPR. Experienced in leading Security Champions programs, developer security training, and product security strategy. Passionate about trustworthy AI, data security, and engineering culture transformation.
Anglais
Bilingue ou natif
Accepte de travailler sur site
Rzeszów (jusqu’à 50 km)
Expériences
- RailsrSenior Product Security Engineerjanvier 2025 - octobre 2025 (9 mois)• Lead secure architecture reviews across fintech microservices and multi-cloud environments (AWS/GCP).• Established a mature SSDLC framework with automated SAST/DAST/IAST integrations in CI/CD pipelines.• Designed and implemented policy-as-code for IAM, encryption, and network segmentation.• Enabled systematic threat modeling for financial APIs and payment data flows.• Participated in compliance readiness for PCI DSS, SOC 2, and ISO 27001 certifications.• Initiated and managed a Security Champions Program to scale product security culture across engineering teams.• Developed developer security training and workshops to embed secure coding practices.• Built security metrics dashboards to measure and communicate product security KPIs to leadership.• Collaborated with product and engineering leaders to align security controls with business objectives.• Drove adoption of threat intelligence and vulnerability management workflows integrated into Jira and CI/CD.
- Get-AnswerCo-Founder & CTO & CISO (Part-time)octobre 2023 - Aujourd'hui (2 ans et 8 mois)• Built secure AI automation platform integrating LLMs with browser-based execution.• Designed AI security architecture addressing prompt injection, data leakage, and model integrity risks.• Developed a secure authentication and authorization system.• Implemented OAuth2.0, encryption at rest/in transit, and runtime anomaly detection with ML-based models.• Established security-by-design principles and code review.• Led privacy risk assessments and established internal security policies.
- Chegg Inc.Senior Application Security Engineerjanvier 2022 - février 2025 (3 ans et 1 mois)• Designed secure architecture for fraud detection systems and large-scale API integrations.• Integrated CI/CD-based scanning (SAST, DAST, IaC, dependency) into developer pipelines.• Implemented security SLAs and risk scoring for findings management.• Developed fraud detection telemetry through behavioral analytics.• Conducted regular threat modeling and design reviews for new features and infrastructure changes.• Collaborated with engineering managers to build and mentor a global Security Champions network.• Managed bug bounty triage and responsible disclosure program.
Recommandations
Soyez le premier à recommander Vasyl
Contribuez à la réussite de ce freelance en partageant votre expérience de collaboration avec lui.
Ces profils de freelance correspondent également à vos critères
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Formations
- Master's degree, Computer and Information Systems Security/Information AssuranceNational Aviation University2015Master's degree, Computer and Information Systems Security/Information Assurance