
Aleksandr Krasnov
Verified Expert in Engineering
Security Engineer and Developer
Langley, BC, Canada
Toptal member since February 22, 2024
Aleksandr is an IT security specialist specializing in implementing automated security by integrating custom and enterprise tools into CI/CD pipelines and setting up security operation centers (SOC). He is also keen on creating and managing the Bug Bounty Program to have a flow of new vulnerability reports for security engineers. Aleksandr ran a startup for over a year and is eager to help resolve new security challenges in business settings.
Portfolio
Experience
- IT Security - 10 years
- Web Security - 5 years
- Dynamic Application Security Testing (DAST) - 5 years
- Infrastructure - 5 years
- Application Security - 5 years
- Offensive Security - 5 years
- Static Application Security Testing (SAST) - 5 years
- Penetration Testing - 5 years
Availability
Preferred Environment
Web Security, Penetration Testing, Application Security, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Secure Containers, Secure Coding, Network Security, IT Security, Infrastructure, Cloud Security, Security, Cybersecurity, Security Audits, Code Review, Artificial Intelligence (AI)
The most amazing...
...solution I've created to prevent dependency confusion allowed the company to eliminate the risk of supply chain attacks and was patented.
Work Experience
Senior DevSecOps Engineer
Thinkific
- Implemented a mobile security program that enabled the mobile team to develop applications with security guardrails. Added Flutter and Dart support to semgrep. Implemented RASP into the mobile's SDK lifecycle.
- Improved the SDLC by shifting 500 vulnerabilities to the left-hand side of the pipeline, thus enhancing deployment velocity twice.
- Set up a security guardrail around secrets detection and response that allowed to identify 200+ hardcoded secrets either actively done or in the git history, set up automated secrets rotation, and implemented a secrets management solution.
Senior Security Engineer
Dropbox
- Established guardrails in a CI/CD pipeline by improving the current SAST tool and adopting DAST.
- Led seven projects on iframe exploits and CSP protections.
- Handled supply chain attacks via patent-approved dependency confusion.
- Guided the team in migration to GitHub from various security aspects, from branch protection to Dependabot's usage.
- Created a runbook to identify unapproved ports being opened via Shodan.
- Co-led the adoption of cilium within Kubernetes deployment to ensure network visibility between pods.
- Worked on improving the current state of host filtering solution on production hosts.
- Led the network security team with a 3-year strategy roadmap, building partnerships.
Experience
Twistlock Integration to Prisma Cloud
https://www.paloaltonetworks.com/prisma/cloudEducation
Bachelor's Degree in Mathematics and Computer Science
Berea College - Kentucky, United States
Skills
Libraries/APIs
React
Tools
Ansible
Languages
Python, Python 3, Go, JavaScript, YAML, Ruby, Dart
Paradigms
Penetration Testing, DevSecOps
Platforms
Amazon Web Services (AWS), Docker, Kubernetes, Thinkific
Industry Expertise
Network Security, Cybersecurity
Frameworks
Flutter
Other
Web Security, Application Security, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Secure Containers, Secure Coding, Infrastructure, Cloud Security, Source Code Review, Offensive Security, IT Security, Security, SOC 2, ISO 27001, Ethical Hacking, Infrastructure as Code (IaC), CI/CD Pipelines, Security Audits, Code Review, Artificial Intelligence (AI), Cryptography, Mobile Security, Cloud, Networking, Software Development, Algorithms, Discrete Mathematics
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring