Aleksandr is available for hire

Aleksandr Krasnov

Verified Expert in Engineering

Security Engineer and Developer

Location

Langley, BC, Canada

Toptal Member Since

February 22, 2024

Aleksandr is an IT security specialist specializing in implementing automated security by integrating custom and enterprise tools into CI/CD pipelines and setting up security operation centers (SOC). He is also keen on creating and managing the Bug Bounty Program to have a flow of new vulnerability reports for security engineers. Aleksandr ran a startup for over a year and is eager to help resolve new security challenges in business settings.

Security Code Review Infrastructure as Code (IaC)Artificial Intelligence (AI)Web Security Application Security Secure Coding Cloud Security Offensive Security Cybersecurity DevSecOps Penetration Testing Network Security Python Amazon Web Services (AWS)Thinkific API

Portfolio

Thinkific

Python, Go, Amazon Web Services (AWS), Docker, Kubernetes, Application Security...

Dropbox

Python 3, Go, Application Security, Amazon Web Services (AWS)...

Experience

IT Security - 10 years Web Security - 5 years Dynamic Application Security Testing (DAST) - 5 years Infrastructure - 5 years Application Security - 5 years Offensive Security - 5 years Static Application Security Testing (SAST) - 5 years Penetration Testing - 5 years

Availability

Part-time

Preferred Environment

Web Security, Penetration Testing, Application Security, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Secure Containers, Secure Coding, Network Security, IT Security, Infrastructure, Cloud Security, Security, Cybersecurity, Security Audits, Code Review, Artificial Intelligence (AI)

The most amazing...

...solution I've created to prevent dependency confusion allowed the company to eliminate the risk of supply chain attacks and was patented.

Work Experience

Senior DevSecOps Engineer

2022 - PRESENT

Thinkific

Implemented a mobile security program that enabled the mobile team to develop applications with security guardrails. Added Flutter and Dart support to semgrep. Implemented RASP into the mobile's SDK lifecycle.
Improved the SDLC by shifting 500 vulnerabilities to the left-hand side of the pipeline, thus enhancing deployment velocity twice.
Set up a security guardrail around secrets detection and response that allowed to identify 200+ hardcoded secrets either actively done or in the git history, set up automated secrets rotation, and implemented a secrets management solution.

Technologies: Python, Go, Amazon Web Services (AWS), Docker, Kubernetes, Application Security, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Cloud Security, Source Code Review, Secure Coding, Cryptography, JavaScript, Ruby, React, Flutter, Dart, Mobile Security, SOC 2, ISO 27001, Thinkific, Ethical Hacking, DevSecOps, Infrastructure as Code (IaC), Cloud, CI/CD Pipelines, Cybersecurity, Security Audits, Code Review, Artificial Intelligence (AI)

Senior Security Engineer

2020 - 2022

Dropbox

Established guardrails in a CI/CD pipeline by improving the current SAST tool and adopting DAST.
Led seven projects on iframe exploits and CSP protections.
Handled supply chain attacks via patent-approved dependency confusion.
Guided the team in migration to GitHub from various security aspects, from branch protection to Dependabot's usage.
Created a runbook to identify unapproved ports being opened via Shodan.
Co-led the adoption of cilium within Kubernetes deployment to ensure network visibility between pods.
Worked on improving the current state of host filtering solution on production hosts.
Led the network security team with a 3-year strategy roadmap, building partnerships.

Technologies: Python 3, Go, Application Security, Amazon Web Services (AWS), Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Dart, Offensive Security, IT Security, Infrastructure, SOC 2, ISO 27001, Ethical Hacking, DevSecOps, Infrastructure as Code (IaC), Cloud, CI/CD Pipelines, Cybersecurity, Security Audits, Code Review, Artificial Intelligence (AI)

Experience

Twistlock Integration to Prisma Cloud

https://www.paloaltonetworks.com/prisma/cloud

I worked on the integration of Twistlock into Prisma Cloud. It consisted of 50% software development, 25% SRE, and 25% security work. CircleCI Orb by Twistlock and Jenkins Plugin, both worked on within this project's scope, are now part of Prisma Cloud.

Education

2017 - 2020

Bachelor's Degree in Mathematics and Computer Science

Berea College - Kentucky, United States

Skills

Libraries/APIs

React

Tools

Ansible

Paradigms

Penetration Testing, DevSecOps

Industry Expertise

Network Security, Cybersecurity

Languages

Python, Python 3, Go, JavaScript, YAML, Ruby, Dart

Platforms

Amazon Web Services (AWS), Docker, Kubernetes, Thinkific

Frameworks

Flutter

Other

Web Security, Application Security, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Secure Containers, Secure Coding, Infrastructure, Cloud Security, Source Code Review, Offensive Security, IT Security, Security, SOC 2, ISO 27001, Ethical Hacking, Infrastructure as Code (IaC), CI/CD Pipelines, Security Audits, Code Review, Artificial Intelligence (AI), Cryptography, Mobile Security, Cloud, Networking, Software Development, Algorithms, Discrete Mathematics

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring