
Csongor Józsa
Verified Expert in Engineering
Software Developer
Csongor has been working as a software developer since 2009, specializing in Python and JavaScript-based systems. As a polyglot programmer, he writes robust, high-quality, and well-tested code, and he is a TDD/clean code enthusiast. In addition to experience with DevOps tooling and system administration, Csongor has a special interest in web application security.
Portfolio
Experience
Availability
Preferred Environment
Amazon Web Services (AWS), Docker, Heroku, Linux
The most amazing...
...project I've been part of was designing and building a complex data pipeline for professional sports analysis and data visualization used by several NBA teams.
Work Experience
Senior Software Engineer
Allegis - Cruise Automation - Main
- Planned and implemented the migration of the codebase from Flow to TypeScript, enabling the engineering team to catch and fix defects much earlier in the development process. This significantly reduced the number of crashes in production.
- Implemented various user-facing features that improved our users' workflows.
- Refactored parts of the code to use Redux middleware instead of Redux-Saga to streamline the codebase.
- Assisted the QA team in planning the component testing strategy.
- Streamlined the codebase by refactoring the usage of algebraic data types from Fantasyland.
- Refactored parts of the codebase using RxJS, resulting in code that is more streamlined and easier to maintain.
- Assisted in migrating the main rendering engine to Mapbox, which led to huge performance gains.
- Acted as a technical mentor for an intern, helping him get familiar with the stack and the codebase, giving feedback on PRs, etc.
- Acted as a release manager, reviewing PRs and ensuring the release process went smoothly.
Lead Engineer
Much Better Adventures
- Migrated parts of the monolithic application to a modern front-end app using React and Gatsby.
- Designed and built microservices for new feature sets, such as a new payment gateway, using React (TypeScript, Redux, MUI), Flask, Django (DRF), and PostgreSQL.
- Drove technical decisions regarding system architecture and participated in code reviews.
- Maintained and continuously improved the code quality of the main legacy application, which was built with Django and a Django REST framework API.
- Created various intercom apps to assist the MBA customer support team (Flask, stream.io).
- Helped the client to move away from a monolithic design towards a microservice-based architecture. Designed and implemented the JWT-based authentication scheme between the different microservices.
- Migrated the main application's CI pipeline from GitLab to GitHub.
Application Security Engineer
Emarsys
- Played a key role in finding and fixing web application vulnerabilities.
- Developed and maintained several sensitive and/or security-related product features and libraries, such as authentication, authorization, session handling, encryption, and data sanitization (JavaScript, TypeScript, Python, Go, PHP, Ruby).
- Set up, developed, and maintained automated tools to help development teams ship secure product features.
- Enabled development teams to apply security best practices during their daily work by providing one-on-one mentoring and consultation, developing training materials, and setting up secure development guidelines.
- Created risk assessment and threat modeling tools using Django and Flask.
- Played a key role in preparing for external audits and penetration tests, evaluating the results, and following up on possible findings.
- Assisted development teams in secure data handling and GDPR-related design decisions.
- Developed and maintained a set of AWS-compatible request signing libraries (Escher: escherauth.io/index.html), implemented in various languages, including Node.js, Python, Go, and PHP.
- Designed and built a secure-by-default, easy-to-use cryptographic library for Python (github.com/emartech/python-easy-crypto) for securing data transfer between microservices.
- Built an in-house CI monitoring/alerting using Silex, MongoDB, and Angular and integrating with Heroku and GitHub APIs.
Software Developer
Webpont
- Developed data visualization tools for sports analytics software and implemented computer vision algorithms for analysis of professional sports videos.
- Bootstrapped the back-end engine for a forex copy trading platform.
- Designed, built, and maintained an automated email marketing platform with advanced segmentation and personalization capabilities. The platform is optimized for sending high-volume emails.
- Developed a custom CMS for an international grocery store chain.
- Built microsites for various athletes, sports teams, and brands.
Experience
Scenario Editor for Testing Autonomous Vehicles
https://getcruise.comMuch Better Adventures
https://www.muchbetteradventures.com/As the lead engineer for the company, I played a key role in driving technical decisions, moving the system from a monolithic application toward a more modern microservice-based architecture, and ensuring high code quality standards.
Application Security Pipeline for Emarsys
https://emarsys.com/Tesco Central Europe
https://tesco.huAuthentication Solutions for Emarsys Marketing Platform
https://emarsys.com/Cryptographic Library for Python
https://github.com/emartech/python-easy-cryptoReal Estate Portal
Web3 Front End for Decentralized Finance Functionality of a Community-driven Crypto Token
https://github.com/jcsongor/scam-dappSkills
Languages
Python, JavaScript, SQL, HTML, PHP, CSS, Ruby, TypeScript, C, C++, Bash Script, CoffeeScript, Bash, Java, Go, GraphQL, HTML5, Python 3, Python 2, Solidity
Frameworks
Django, Flask, Redux, Django REST Framework, JSON Web Tokens (JWT), Ruby on Rails (RoR), Yii, Silex, CakePHP, AngularJS, Angular, Express.js, Koa
Paradigms
Test-driven Development (TDD), REST, DevSecOps, DevOps, Automated Testing, Web Architecture, API Architecture, REST API Architecture, API/Services Architecture, Continuous Deployment, Continuous Delivery (CD), Continuous Integration (CI), Functional Programming, Microservices, Microservices Architecture
Other
Web App Security, Back-end, APIs, Web Development, Full-stack, Gatsby, Serverless, Intercom, Single Sign-on (SSO), OWASP, Defect Management, Cryptography, GDPR, Forex, Algorithms, Data Structures, Mathematics, Physics, Linear Algebra, Calculus, Defect Logging, Vulnerability Assessment, Vulnerability Management, Vulnerability Identification, Applied Cryptography, Advanced Encryption Standard (AES), Front-end, API Design, Storybook, HTTP, Ajax, Caching, Code Review, Payment APIs, Payment Gateways, Architecture, Code Architecture, API Applications, Stripe Payments, PostgreSQL 9.3, Maps, Web3, Smart Contracts, Cryptocurrency, Decentralized Finance (DeFi), Cryptocurrency Wallets, RESTful Microservices, Mapbox SDK, Software Development, Software Engineering
Libraries/APIs
React, Django ORM, Node.js, Stripe, SQLAlchemy, OpenCV, jQuery, Auth, Intercom API, Zendesk API, API Development, REST APIs, React Redux, Stripe API, WebGL, Three.js, OpenGL, Ramda, RxJS, Redux-Saga, Web3.js, Mapbox API
Platforms
Linux, Heroku, Docker, WordPress, LAMP, Google Cloud Platform (GCP), Azure, Oracle, Zendesk, Amazon Web Services (AWS), Contentful, Mapbox, Buildkite, Blockchain
Tools
Elastic, Kibana, ELK (Elastic Stack), OWASP Zed Attack Proxy (ZAP), OpenVPN, Docker Swarm, Logstash, Apache, SendGrid, Git, Jira, Google Analytics, Sentry, Pytest, Knex.js, Flow, MetaMask
Storage
NoSQL, PostgreSQL, MySQL, Azure Active Directory, Elasticsearch, MongoDB, Memcached, Redis, Databases, Relational Databases
Industry Expertise
Security, IT Security
Education
Bachelor's Degree in Computer Science and Engineering
Budapest University of Technology and Economics - Budapest, Hungary
Coursework Toward a Master’s Degree in Physics
Eötvös Loránd University (ELTE) - Budapest, Hungary