Gergely Kalman

Gergely Kalman

Hungary
Scroll to view more ↓
Exclusive access to top developers

Gergely Kalman

Member since July 5, 2012
Hungary
With a background in IT-Security, Gergely has worked as Lead Developer for an Alexa Top 50 website serving several million unique visitors each month. He is a diligent and motivated worker who likes to dive in and get things done.
Portfolio:
Experience:
  • C, 6 years
  • Python, 3 years
  • Bash, 2 years
  • C++, 1 year
  • Assembler x86, 1 year
  • PHP, 1 year
  • MySQL, 1 year
Hungary
Availability:
Part-time
Preferred Environment:
Linux
The most amazing...
... software I've implemented was a live stream distribution and conversion architecture in Python3 and C, which was an alternative to the Flash Media Server.
Employment:
  • Freelance, Software Engineer (2011 - PRESENT)
    • Implemented several simple websites for personal projects using Django and Jinja2.
    • Implemented OpenVPN based Desktop software using wxPython, OpenVPN, and OpenSSL.
    Technologies: wxPython, OpenVPN, OpenSSL, Django, Jinja2
  • DuoDecad LLC, Media Platform Division, Head of Media Platform Development (2010 - 2011)
    • Worked as only developer (for first 8 months) on alternative video streaming platform to Adobe Flash Media Server (primary goal of The Media Platform Division (MPD)).
    • Achieved goal within a year using unofficial documentation of the protocol and manual reversing.
    • Designed and implemented live stream distribution and conversion architecture in Python3.
    • Optimized to allow one node to serve more than 100k clients, using ~10Gbit/s.
    • Supported on-the-fly transcoding of incoming audio and video.
    • Benchmarked performance and moved heavy-lifting code to C.
    • Integrated several libav* libraries into Python for stream conversion.
    • Researched and assisted in hardware acquisitions for the project.
    • Devised custom event-driven interface with custom socket handling for Python. Included FLV format handlers.
    • Detected bugs in Adobe formats and in libavformat.
    • Administered Media Platform Division's machines (about 80).
    • Tuned machines for maximum network performance.
    • Lectured on IT-Security, MPD's project, and Python programming.
    • Iterated until peak performance of cluster was almost a hundred gigabits. With 30 machines, it would have been capable of completely taking over existing streaming cluster (100+ nodes).
    • Project still in production.
    Technologies: libav* libraries, Python3, C, Linux, Bonding, RTMP, FLV, AMF
  • DuoDecad LLC, IT-Security division, IT Security Specialist (2008 - 2010)
    • Performed software audits, penetration tests, and stress tests.
    • Implemented failover architecture for main website.
    • Assisted partner company in acquiring Payment Card Industry Data Security Standard (PCI-DSS) compliance.
    • Devised company policies for PCI-DSS, developed architecture, and held educational sessions as part of IT Security staff.
    • Benchmarked Linux kernel's behaviour when presented with high volumes of DDoS traffic. Tuned and patched kernel to achieve maximum resilience.
    • Worked as member of incident response team.
    • Developed network analyzer in C which created real-time statistics of incoming HTTP requests, pinpointed attackers.
    • Ported old OpenSSH fork's modifications to latest version.
    Technologies: Linux, iptables, keepalived, LVS, C, netboot
  • DuoDecad LLC, IT-Security division, IT Operator (2008 - 2008)
    • Helped with administration of several hundred Linux machines.
    • Led support for kernel and network-related issues.
    • Wrote small scripts in BASH for administrative purposes.
    Technologies: Linux
  • SZAMALK Educational Institution, Instructor (2007 - 2007)
    • Taught course for single semester titled “Linux, Networking and System administration.”
  • Dorm System Administrator Group ELTE, System Administrator (2005 - 2007)
    • Helped with general Linux system administration tasks in University dorm.
    • Implemented load balancing.
    • Administered web proxies.
    • Created minimal netboot architecture.
Experience:
  • Synapse's Security Blog (Development)
    http://synsecblog.com

    Write and maintain personal blog.

  • PCI-DSS consultant (Other amazing things)

    Provided consultation and architectural help for Lalibco, which processed more than $500.000 daily for an Alexa top 50 website. Several bugs and security holes were uncovered in their systems. I prepared it for the PCI-DSS audit, which it passed successfully.

  • Online Payment Architect, PCI-DSS Consultant (Other amazing things)

    Helped design Escalion's (Lalib successor) system architecture from networking to services to policies and procedures. Advised on secure software practices and developed policies and procedures to keep cardholder data secure. Escalion passed PCI-DSS test and took over Lalib's transactions, which were around $500.000 each day.

  • BeatMyCode (Development)
    http://beatmycode.com

    My personal project where people can solve algorithmic challenges and get scored automatically.

  • 10 Most Common Web Security Vulnerabilities (Publication)
    http://www.toptal.com/security/10-most-common-web-security-vulnerabilities

    The Toptal Engineering Blog is a platform where engineers and industry leaders share projects and discuss technologies.

  • The “Heartbleed” OpenSSL Bug: What You Need to Know (Publication)
    http://www.toptal.com/freelance/the-heartbleed-openssl-bug-what-you-need-to-know

    The Toptal Engineering Blog is a platform where engineers and industry leaders share projects and discuss technologies.

  • With a Filter Bypass and Some Hexadecimal, Credit Card Numbers Are Still, Still Google-able (Publication)
    http://www.toptal.com/web/with-a-filter-bypass-credit-card-numbers-are-still-still-google-able

    The Toptal Engineering Blog is a platform where engineers and industry leaders share projects and discuss technologies.

  • How I Made Porn 20x More Efficient with Python Video Streaming (Publication)
    http://www.toptal.com/python/how-i-made-porn-20x-more-efficient-with-python

    The Toptal Engineering Blog is a platform where engineers and industry leaders share projects and discuss technologies.

Skills:
  • Languages
    Python, C, Bash, Assembler x86, C++, PHP
  • Frameworks
    Django, Jinja2
  • Libraries/APIs
    Libav
  • Tools
    iptables, OpenVPN
  • Paradigms
    Object-oriented programming, Imperative programming, Event-driven programming
  • Platforms
    Linux, Windows, OS X
  • Storage
    Memcached, MySQL
  • Misc
    TCP, Code Auditing, Security, SSH, RTMP, ICMP, UDP, Ethernet, Software Architecture
Education:
  • Bachelor's degree in Computer Science (2005 - 2007)
    Eotvos Lorand Science University - Hungary
Exclusive access to top developers
I really like this profile
Share it with others