Alex Zirka, Developer in Amsterdam, Netherlands
Alex is available for hire
Hire Alex

Alex Zirka

Verified Expert  in Engineering

Cloud Security Developer

Amsterdam, Netherlands

Toptal member since August 30, 2018

Bio

Alex is a seasoned and enthusiastic application security engineer with 13+ years of experience in penetration testing, back-end development, cloud platform management, DevOps engineering, and IT infrastructure. His back-end development background allows him to use automation in security analysis and penetration testing and helps to establish and maintain the SDLC process. DevOps-wise, Alex is most skilled and experienced with Linux systems and infrastructure management.

Portfolio

Grammarly
CI/CD Pipelines, Software Development Lifecycle (SDLC), Threat Modeling...
VAIMO
OWASP, NMap, Nessus, Security, Metasploit, Kali Linux, Application Security...
VAIMO
Apache Superset, Metabase, SonarQube, Ghost Inspector, Nessus, Metasploit...

Experience

  • Cloud Security - 8 years
  • Web Security - 7 years
  • Python - 6 years
  • Application Security - 5 years
  • DevSecOps - 5 years
  • Penetration Testing - 5 years
  • Static Application Security Testing (SAST) - 4 years

Availability

Part-time

Preferred Environment

Google Cloud, Linux, Python, Amazon Web Services (AWS)

The most amazing...

...secure infrastructure I did for 500+ microservices included implementing security scans into the software development process and centralized WAF management.

Work Experience

Application Security Engineer

2020 - 2024
Grammarly
  • Worked for the world's leading AI writing assistance company, which shifts security and compliance earlier in the development process with automated scanning and policies.
  • Integrated GitLab Ultimate security scans into the software development process.
  • Designed and implemented automation tools for vulnerability auto-remediation, integration between GitLab and Jira, and automated configurations of security scans.
  • Conducted application security testing and remediation. Performed project security audits using manual code analysis and tools.
Technologies: CI/CD Pipelines, Software Development Lifecycle (SDLC), Threat Modeling, User Authentication, Vulnerability Assessment, Network Security, Cloud Security, IT Security, IT Audits, Identity & Access Management (IAM), Security

Application Security Engineer

2019 - 2020
VAIMO
  • Designed and implemented an extendable tool using Python that included a malware scanner, server hardening checks, security patch checker, Magecart attack detector, stored credit card information, and more.
  • Designed and deployed a centralized log management system for both VPS and Kubernetes infrastructures based on SumoLogic.
  • Implemented a tool to detect weak Magento admin passwords.
  • Developed and conducted security training sessions and workshops for back-end developers, DevOps, and QA engineers.
  • Improved the security level of Kubernetes infrastructure using GateKeeper, Falco, and Anchore.
  • Performed project security audits using manual code analysis and tools, including Nessus, Arachni, ZAP, and Metasploit.
Technologies: OWASP, NMap, Nessus, Security, Metasploit, Kali Linux, Application Security, DevSecOps, DevOps, Web App Security, Sumo Logic, Arachni, Jira, IT Security

System Architect

2015 - 2019
VAIMO
  • Provided pre-sales and post-sales support and high-level project estimations.
  • Oversaw and was responsible for all aspects of technical delivery for Magento 2 projects.
  • Led multiple training sessions in the field of web security and Magento development.
  • Interacted with business stakeholders at the CxO level (C-suite).
  • Mentored and coached Magento back-end developers.
  • Introduced and integrated a deployment process SonarQube code analysis tool to increase the quality of technical delivery for the project.
  • Introduced a platform for acceptance tests automation based on Ghost Inspector and integrated it into the deployment pipeline.
  • Designed a fully automated and scalable infrastructure based on the Google Cloud Platform.
Technologies: Apache Superset, Metabase, SonarQube, Ghost Inspector, Nessus, Metasploit, Argon.js, Fluentd, Magento 2, Python, Kubernetes, Google Cloud Platform (GCP), Security Architecture, Network Security, Agile, Mercurial, Google Kubernetes Engine (GKE), Terraform, Jira, Architecture, Azure, Training, Security

Senior Magento Developer | Team Lead

2014 - 2015
Balance Internet
  • Served as a team leader and mentor for a team of five developers and provided Magento development training and coaching.
  • Optimized both Magento and infrastructure for high-traffic and large product catalog; also performed load tests using Apache JMeter.
  • Designed and implemented a custom search engine based on Elasticsearch.
  • Migrated the infrastructure from legacy hosting to Amazon Web Services in order to achieve greater horizontal scalability and costs optimization.
  • Implemented a Magento integration with Akeneo PIM.
  • Planned developer resources to deliver the project according to schedule.
  • Developed and extended Magento modules used on the B2B website.
  • Implemented integrations of Magento with third-party services (ERP, CRM) via SOAP and the REST API.
  • Designed and implemented the project infrastructure based on Amazon Web Services using the Puppet configuration management tool.
  • Designed and developed a continuous delivery framework using Jenkins.
Technologies: Elasticsearch, Jenkins, NGINX, Apache JMeter, Puppet, Akeneo, Docker, Varnish, Magento 2, Magento 1, Amazon Web Services (AWS), Magento Enterprise, Jira, Confluence

Senior Magento Developer | Team Lead

2013 - 2014
Ciklum
  • Provided guidance to team members to encourage work productivity.
  • Designed and planned a strategy to converge multiple European Magento platforms into a single codebase.
  • Designed and implemented integrations of Magento with ERP, CRM, OMS.
  • Built a high available, fault-tolerant, scalable, secure IT architecture using Ansible configuration management.
  • Introduced a platform for acceptance tests automation based on Codeception and integrate it into deployment pipeline.
Technologies: Ansible, Jenkins, Codeception, Vagrant, PHPUnit, Git, Magento 1, Magento API, ELK (Elastic Stack), Jira, Automotive Testing

Magento Developer

2011 - 2013
Smile Ukraine
  • Planned and executed the migration from a legacy eCommerce platform to Magento.
  • Optimized Magento for high traffic, both the application (using Solr search) as well as underlying OS and infrastructure (custom Varnish integration).
  • Built a high available, fault-tolerant, scalable, secure IT architecture using the Chef configuration management tool.
  • Improved agility, security, service quality by leveraging Capistrano as a deployment tool.
Technologies: jQuery, Chef, Varnish, Memcached, Redis, MongoDB, Solr, Magento 1, MySQL, MySQL/MariaDB, Jira

Web Developer | Network Administrator

2007 - 2011
National Academy of Sciences of Ukraine
  • Installed and customized modules into multiple Drupal and Magento projects.
  • Designed and implemented integrations of Magento with ERP, CRM, and more.
  • Configured Apache, Postfix, and firewall rules according to requirements.
  • Implemented Magento front-end customizations using a jQuery library.
  • Handled the infrastructure design, system administration, and maintenance of the FreeBSD/Linux hosting infrastructure.
Technologies: jQuery, Zend Framework, PHP, Bash, FreeBSD, Linux, CentOS, PHP 5

SDLC Platform Security

As a leading retail company, FoodTech shifts both security and compliance earlier in the development process with automated scanning and policies.

Responsibilities:
• Integrated GitLab Ultimate security scans into the software development process.
• Designed and implemented automation tools for vulnerability auto-remediation, integration between GitLab and Jira, and automated configurations of security scans.
• Did application security testing and remediation.
• Performed project security audits using manual code analysis and tools.

Security Hub

As a hosting provider for enterprise-level clients, we built a system that regularly collects information about vulnerable packages, state of applied Magento security patches, hardening checks, malware scans, weak Magento admin passwords, etc., for more than 1,500 servers.

Responsibilities:
• Designed and implemented the extendable tool using Python, including a malware scanner, server hardening checks, security patch checker, Magecart attack detector, stored credit card information discovery, and more.
• Created the database structure that included the results of all scans and hardening checks.
• Implemented the database visualization (charts, graphs, alerts) based on Metabase and Apache Superset.
• Designed and deployed a centralized log management system based on Sumo Logic for both VPS and Kubernetes infrastructures.
• Implemented a tool to detect weak Magento admin passwords.
• Developed and conducted security training and workshops for back-end developers, DevOps, and QA engineers.
• Improved the security level of Kubernetes infrastructure using GateKeeper, Falco, and Anchore.
• Performed project security audits using manual code analysis and tools, including Nessus, Arachni, ZAP, and Metasploit.

Laroche Posay

Laroche Posay, official web store for a well-known French brand of cosmetics, Magento 2.

Responsibilities:
• Implemented a custom Magento checkout, catalog customizations, CRM integration, and import functionality.
• Introduced acceptance tests platform based on Ghost Inspector that was reused on other projects.
• Designed a fully automated and scalable infrastructure based on the Google Cloud Platform.
• Introduced and implemented the project infrastructure in Terraform.

Tele2 SE, Tele2 NL

Tele2 is a major telephone operator in the Nordic and Baltic countries. All country-specific websites are fully independent and have a custom business logic; however, they are based on common modules.

Responsibilities:
• Provided guidance to team members to encourage work productivity.
• Designed and planned a strategy to converge multiple European Magento platforms into a single codebase.
• Designed and implemented integrations of Magento with ERP, CRM, and OMS.
• Built a highly available, fault-tolerant, scalable, secure IT architecture using Ansible configuration management.
• Introduced a platform for acceptance tests automation based on Codeception and integrated it into the deployment pipeline.
2001 - 2008

Master's Degree in Microelectronics and Semiconductor Devices

National Technical University of Ukraine “Kyiv Polytechnic Institute” - Kyiv, Ukraine

JANUARY 2022 - PRESENT

PentesterLab

pentesterlab.com

JANUARY 2020 - PRESENT

PortSwigger Web Security Academy

PortSwigger

JANUARY 2017 - PRESENT

Magento 1 Certified Solution Specialist

Magento U

JANUARY 2015 - PRESENT

AWS Business Professional

Amazon Web Services, Inc.

JANUARY 2015 - PRESENT

AWS Technical Professional

Amazon Web Services, Inc.

JANUARY 2014 - PRESENT

M101P MongoDB for NodeJS

10gen (now MongoDB, Inc.)

JANUARY 2013 - PRESENT

M101P MongoDB for Developers

10gen (now MongoDB, Inc.)

JANUARY 2013 - PRESENT

Zend Certified Engineer PHP 5.3

Zend

JANUARY 2012 - PRESENT

Magento 1 Certified Developer Plus

Magento

Libraries/APIs

Argon.js, jQuery, Node.js

Tools

Jira, Puppet, Solr, Git, Vagrant, Varnish, NGINX, Mercurial, Jenkins, Google Kubernetes Engine (GKE), Terraform, Sumo Logic, ELK (Elastic Stack), Metasploit, NMap, Ansible, Chef, Apache JMeter, Fluentd, Nessus, Ghost Inspector, SonarQube, Akeneo, GitLab, GitLab CI/CD, Confluence

Frameworks

Arachni, Codeception, PHPUnit, Zend Framework, OAuth 2

Paradigms

Agile, DevSecOps, Penetration Testing, DevOps

Platforms

Magento Enterprise, CentOS, Magento 1, Magento 2, Magento API, Docker, Kubernetes, Kali Linux, Linux, Magento, Amazon Web Services (AWS), Google Cloud Platform (GCP), FreeBSD, Burp Suite, Azure

Languages

PHP, PHP 7, PHP 5, Python, Bash, Python 3

Storage

MySQL, MySQL/MariaDB, MongoDB, Redis, Memcached, Google Cloud, Elasticsearch

Industry Expertise

Network Security

Other

Security, Web App Security, Web Security, Static Application Security Testing (SAST), Application Security, IT Security, Cloud Security, Metabase, Apache Superset, OWASP, Development, APIs, Burp Proxy, Hacking, System-on-a-Chip (SoC), OAuth, Dynamic Application Security Testing (DAST), Security Architecture, Automotive Testing, CI/CD Pipelines, Software Development Lifecycle (SDLC), Threat Modeling, User Authentication, Vulnerability Assessment, IT Audits, Architecture, Identity & Access Management (IAM), Training

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring