Pawel K.
London, United Kingdom
100%
Job Success
Experienced application security consultant
$90.00/hr
Ex Goldman-Sachs, Aon Hewitt, Kainos etc application security lead. Experienced information security professional (since 1995), specialising in application security architecture, penetration testing, vulnerability scanners etc. Broad experience on redesigning application security process and teams, preparing legacy apps for 3rd party pentests and making developers finally speak to security team. CISSP and CESG certified.
Primary specialities include development and transformation of secure development policies, construction of application security assurance processes, managing penetration testing teams, risk assessment and prioritization of large, heterogenous application portfolios in business-critical enterprise environments.
Independent application security consultancy and infosec services provider. Working primarily for fintech and public sector clients. Specialities:
* Building application security into the software development process, DevSecOps implementation in projects at varied maturity stages (from greenfield to 20+ years old legacy software). Working with business stakeholders, architects and developers for complete risk management, vulnerability assessment and remediation.
* Penetration testing, vulnerability assessment, manual code reviews, deployment and management of automated scanners in continuous integration. Primary tools BurpSuite, OpenVAS, Nessus, Metasploit, BlueClosure. Primary environments Oracle PL/SQL, Java, Python (Django).
* Deployment of CheckMarx SAST into the development process, CheckMarx query fine-tuning. Integration of open-source SAST tools (bandit) into the continuous integration environment.
* Design and implementation of large scale infrastructure protection - IKEv2, IPSec, DNSSEC, DANE, AppArmor, SPF, DKIM, DMARC using d Ansible configuration management over Debian, Ubuntu and RHEL server farms.
* Development and management of WebCookies.org, an innovative enterprise web application privacy, compliance and security scanner. Primary web technologies Python 3, Django, PostgreSQL, Redis. Primary detection technologies PhantomJS, Yara, Adobe Flash decompilation and static analysis.
Work history
Work history
Cyber security expert to crawl magento website for viruses
Apr 6, 2023
-
May 3, 2023
No feedback given
Private earnings
Scanner
Aug 13, 2020
-
Jan 6, 2023
No feedback given
Private earnings
Experienced application security consultant
Jun 9, 2021
-
Jan 6, 2023
No feedback given
Private earnings
Security consultant
Jan 20, 2021
-
Oct 17, 2022
5.00
"Pawel did consistently great work, very experienced and very knowledgeable, and I highly recommend him."
Private earnings
SAST expert
Sep 10, 2020
-
Jul 14, 2021
5.00
"Pawel is extremely knowledgeable when it comes to SAST and other security scanning technologies. He is also an expert on many other security topics. Highly recommended!"
Private earnings
Encryption specialist needed for mobile app
Dec 4, 2020
-
Feb 3, 2021
No feedback given
Private earnings
Security consultant to discuss the design of REST API for Password Manager mobile app
Oct 26, 2020
-
Jan 19, 2021
No feedback given
Private earnings
Penetration Testing - Canvas and Big Blue Button
Oct 8, 2020
-
Nov 2, 2020
4.70
Private earnings
IT Security Specialist
May 8, 2020
-
Aug 14, 2020
5.00
"We engaged Pawel for some guidance regarding a production grade AWS implementation and the security and compliance involved with it. Clearly he has enormous expertise in the area of compliance…
Private earnings
Experienced application security consultant
Jun 26, 2020
-
Aug 13, 2020
5.00
"Very knowledgeable and great to work with!"
Freelancer's response
"My pleasure, it's great to work with professionals!"Private earnings
Pawel K. has more jobs. Create an account to review them
Skills
Skills
- Penetration Testing
- Network Security
- Encryption
- Cybersecurity Management
- Application Security
- Information Security Consultation
- Vulnerability Assessment
- Security Policies & Procedures Documentation
- Security Engineering
- Intrusion Detection System
- Security Analysis
- CI/CD
Project catalog
Get started working with Pawel quickly with these predefined projects.
Get started working with Pawel quickly with these predefined projects.
You will get Wazuh intrusion detection and vulnerability scanning system
From $300
5 days delivery