Pawel K.
LondonUnited Kingdom
100% Job Success

Experienced application security consultant

Ex Goldman-Sachs, Aon Hewitt, Kainos etc application security lead. Experienced information security professional (since 1995), specialising in application security architecture, penetration testing, vulnerability scanners etc. Broad experience on redesigning application security process and teams, preparing legacy apps for 3rd party pentests and making developers finally speak to security team. CISSP and CESG certified. Primary specialities include development and transformation of secure development policies, construction of application security assurance processes, managing penetration testing teams, risk assessment and prioritization of large, heterogenous application portfolios in business-critical enterprise environments. Independent application security consultancy and infosec services provider. Working primarily for fintech and public sector clients. Specialities: * Building application security into the software development process, DevSecOps implementation in projects at varied maturity stages (from greenfield to 20+ years old legacy software). Working with business stakeholders, architects and developers for complete risk management, vulnerability assessment and remediation. * Penetration testing, vulnerability assessment, manual code reviews, deployment and management of automated scanners in continuous integration. Primary tools BurpSuite, OpenVAS, Nessus, Metasploit, BlueClosure. Primary environments Oracle PL/SQL, Java, Python (Django). * Deployment of CheckMarx SAST into the development process, CheckMarx query fine-tuning. Integration of open-source SAST tools (bandit) into the continuous integration environment. * Design and implementation of large scale infrastructure protection - IKEv2, IPSec, DNSSEC, DANE, AppArmor, SPF, DKIM, DMARC using d Ansible configuration management over Debian, Ubuntu and RHEL server farms. * Development and management of WebCookies.org, an innovative enterprise web application privacy, compliance and security scanner. Primary web technologies Python 3, Django, PostgreSQL, Redis. Primary detection technologies PhantomJS, Yara, Adobe Flash decompilation and static analysis.
Work history

Pawel K. has more jobs. Create an account to review them
Skills

Skills

  • Penetration Testing
  • Network Security
  • Encryption
  • Cybersecurity Management
  • Application Security
  • Information Security Consultation
  • Vulnerability Assessment
  • Security Policies & Procedures Documentation
  • Security Engineering
  • Intrusion Detection System
  • Security Analysis
  • CI/CD

Get started working with Pawel quickly with these predefined projects.

Get started working with Pawel quickly with these predefined projects.

You will get Wazuh intrusion detection and vulnerability scanning system

From $300
5 days delivery