Photo

Aleksandr ****** Product Security Engineer

$850 / day LinkedIn 40********* Login to See Resume
Login to contact Candidate
Login to bookmark

Summary

Security engineer with 11 years of experience across IT infrastructure, DevSecOps, and application security. My foundation in system administration gives me comprehensive understanding of how systems are built, deployed, and attacked. I specialize in security architecture and design, translating threat landscapes into practical controls and working with engineering teams to embed security into the SDLC. With OSCP certification and hands-on experience in penetration testing and vulnerability assessment, I combine offensive security knowledge with strong automation skills to build scalable security processes.

 

Based in Cyprus. Open to relocation to Australia. Require employer-sponsored visa.

 

CORE SKILLS & TECHNOLOGIES:

• Security Architecture & Design: Defense-in-depth & zero-trust principles, Threat Modeling (STRIDE), MITRE ATT&CK, Cloud Security Architecture, Identity & Access Management, Risk Assessment and mitigation

• Application Security: SSDLC, SCA, SAST, DAST (OWASP ZAP, Burp Suite), WAF (ModSecurity), OWASP ASVS

• Vulnerability Management: Identification, triage and remediation workflows, false-positive reduction (Qualys, Nessus, DefectDojo)

• Automation & Development: Python (proficient), Go (learning), Bash, PowerShell, Infrastructure-as-Code (Terraform, Ansible), CI/CD pipelines, DevSecOps practices

• Cloud & Containers Security: Docker, Kubernetes (Kyverno, Falco, Seccomp, kubebench), AWS cloud security

• AI-Driven Security: Coding with Claude Code/Gemini agents, AI-assisted source code analysis, AI-driven automation of security tools/scripts, MCP server enforcing secure coding practices

• Infrastructure & Detection: Operating systems hardening, SIEM (Splunk, Humio), log analytics, Identity Services/SSO, Firewalls, security monitoring, CIS Controls

Education

2014 Computer Systems & Networks: Bachelor's Degree (5-year Specialist program) at Voronezh State Technical University, Russia

SKills

Active DirectoryAnsibleAWSBashBurp SuiteCI/CDCISSPDASTDefectDojoDevSecOpsDockerIdentity & Access ManagementKubernetesLinuxMITRE ATT&CKOSCPOWASPPenetration TestingPowerShellPythonSASTSCASecurity ArchitectureSIEMSplunkTerraformThreat ModelingVulnerability AssessmentWindows Server
Data Privacy & Security

Experience

Aug 2024 - Present Lead Product Security Engineer at Unlimit

integrated vulnerability management system (DefectDojo + custom Python automation + Jira). Develop AI-driven tools to examine codebases for business logic vulnerabilities. Architect enterprise-wide security pipeline integrating SAST, SCA, and secrets scanning into CI/CD. Conduct internal application penetration testing of web applications, APIs, and infrastructure. Perform security design reviews of company software products.

Apr 2023 - Aug 2024 Information Security Architect at Kaspersky Lab

Defined and documented secure architecture principles for products and infrastructure. Evaluated product and system designs to identify security flaws. Advised engineering teams on mitigating risks and embedding security into design decisions. Conducted targeted penetration testing of applications and services.

Sep 2021 - Apr 2023 Senior Cyber Security Engineer at TheSoul Publishing

Automated and maintained security controls: SAST, DAST, and IaC-based deployments. Strengthened security of Kubernetes clusters and CI/CD pipelines. Developed a secure remote access solution for corporate infrastructure with automated access controls, routing and monitoring. Managed SIEM, IDS, vulnerability scanners, and alerting.

Jan 2020 - Sep 2021 Information Security Engineer at Vkontakte

Developed and maintained internal security tools and automation scripts (Python). Managed SIEM platform (Splunk), vulnerability scanners, and IDS with focus on alert optimization. Designed and executed security awareness program including phishing simulation campaigns. Investigated security alerts and suspicious activities through log analysis.

Aug 2018 - Jan 2020 System integration team specialist at Positive Technologies

Developed automated attack simulations to test and validate detection capabilities of cybersecurity solutions. Deployed and configured security products across customer environments, including OS hardening, software installation, and network encryption. Created automation scripts (Python, Bash) for repeatable installation, configuration, and integration of security solutions.

Oct 2016 - Aug 2018 IT Engineer at GDC (Fujitsu preferred supplier of Services)

Administered enterprise identity infrastructure (Active Directory, MFA, Microsoft Identity Manager) and managed access control lifecycle. Assessed change requests for security impact and investigated security alerts using Splunk and endpoint protection systems. Managed Microsoft Active Directory Domain Services infrastructure, DNS, DHCP, and network policy services with PowerShell automation.

Jun 2014 - Oct 2016 System administrator at Atos IT Solutions & Services

Maintained enterprise Windows Server infrastructure, VMware vCenter, and IBM WebSphere environments with system monitoring and patching. Automated tasks using PowerShell for maintenance and identity management workflows. Administered SCCM and WSUS for enterprise patch management and software distribution. Managed user lifecycle and provided technical support services.