Csongor Józsa, Developer in Budapest, Hungary
Csongor is available for hire
Hire Csongor

Csongor Józsa

Verified Expert  in Engineering

Full-stack Developer

Location
Budapest, Hungary
Toptal Member Since
December 23, 2020

Csongor has been a software developer since 2009, specializing in JavaScript (React, Node.js, Gatsby) and Python (Django, Flask) based systems. As a polyglot programmer, he writes robust, high-quality, and well-tested code and is a test-driven development (TDD)/clean code enthusiast. In addition to experience with DevOps tooling and system administration, Csongor has a particular interest in web application security.

Portfolio

Ido Portal Ltd.
Elixir, Phoenix, Amazon S3 (AWS S3), AWS Lambda, AWS Elemental MediaConvert...
Allegis - Cruise Automation - Main
React, Node.js, PostgreSQL, JavaScript, React Redux, WebGL, Three.js, OpenGL...
Much Better Adventures
HTML5, Payment Gateways, Payment APIs, Contentful, Code Review...

Experience

Availability

Part-time

Preferred Environment

Amazon Web Services (AWS), Docker, Heroku, Linux

The most amazing...

...project I've been part of was designing and building a complex data pipeline for professional sports analysis and data visualization used by several NBA teams.

Work Experience

Principal Software Engineer

2023 - PRESENT
Ido Portal Ltd.
  • Rearchitected the main media conversion pipeline using AWS cloud solutions. Successfully planned and executed the migration of media data to the new system.
  • Planned and implemented a solution for secure video distribution.
  • Collaborated with the stakeholders to identify pain points and bottlenecks and implemented various fixes and improvements that streamlined user's workflow.
Technologies: Elixir, Phoenix, Amazon S3 (AWS S3), AWS Lambda, AWS Elemental MediaConvert, Amazon Elastic Transcoder, Heroku, GitHub, Docker, Video.js, PostgreSQL, Cypress, Amazon EventBridge, CI/CD Pipelines, REST APIs, Amazon Web Services (AWS), Video Streaming, System Design, Full-stack Development, Tailwind CSS, Front-end Development, Back-end Development, Node.js, Next.js, TypeScript, Netlify

Senior Software Engineer

2021 - 2023
Allegis - Cruise Automation - Main
  • Acted as a release manager, reviewing PRs and ensuring the release process went smoothly.
  • Assisted the QA team in planning the expansion of their testing strategy to include component and integration testing. Also helped identifying areas where the team could move towards automated testing instead of repetitive manual processes.
  • Acted as a technical mentor for an intern, helping him get familiar with the stack and the codebase, giving feedback on PRs, etc.
  • Planned and implemented the migration of the React codebase from Flow to TypeScript, enabling the engineering team to catch and fix defects earlier in the development process. This significantly reduced the number of bugs making it to production.
  • Assisted in identifying, prioritizing, and fixing a number of performance bottlenecks in the React-based front-end application. Managed to reduce the number of crashes and achieved huge rendering speed improvements.
  • Refactored sections of the main React app to use Redux middleware instead of Redux-Saga to streamline the codebase.
  • Improved the quality of the React codebase by refactoring the usage of algebraic data types from Fantasyland.
  • Refactored parts of the React application using RxJS, resulting in code that is more streamlined and easier to maintain.
Technologies: React, Node.js, PostgreSQL, JavaScript, React Redux, WebGL, Three.js, OpenGL, Ramda, Functional Programming, RxJS, Redux, Redux-Saga, Python, Mapbox, Express.js, Knex.js, PostgreSQL 9, TypeScript, Flow, Web Development, Maps, Full-stack, Mapbox SDK, Mapbox API, Software Development, Software Engineering, REST APIs, Jest, Full-stack Development, Front-end Development, Back-end Development, React Hooks

Lead Engineer

2019 - 2020
Much Better Adventures
  • Migrated parts of the monolithic Django application to a modern front-end app using React and Next.js.
  • Designed and built microservices for new feature sets, such as a new payment gateway, using React (TypeScript, Redux, Material UI), Flask, Django (DRF), and PostgreSQL, contributing to the effort to move away from the monolithic architecture.
  • Acted as the lead engineer, collaborating closely with the CTO regarding technical decisions related to system architecture.
  • Maintained and continuously improved the code quality of the main legacy application, which was built with Django and a Django REST framework API.
  • Collaborated with the customer support team to enhance workflow efficiency. Created various tools, including some intercom apps using Python, Flask, stream.io, and serverless.
  • Helped the client to move away from a monolithic design towards a microservice-based architecture. Designed and implemented the JWT-based authentication scheme between the different microservices.
  • Migrated the main application's CI pipeline from GitLab to GitHub.
Technologies: HTML5, Payment Gateways, Payment APIs, Contentful, Code Review, Automated Testing, Ajax, HTTP, React Redux, Redux, Google Analytics, REST APIs, Storybook, API Development, API Design, Django ORM, Amazon Web Services (AWS), Intercom API, REST, APIs, Full-stack, Front-end, Back-end, GraphQL, Python, Django, Django REST Framework, Flask, PostgreSQL, JavaScript, React, Gatsby, JSON Web Tokens (JWT), HTML, CSS, Docker, MySQL, PHP, WordPress, LAMP, Heroku, Serverless, Stripe, Intercom, Architecture, Web Architecture, API Architecture, REST API Architecture, API/Services Architecture, API Applications, Databases, Python 3, Stripe Payments, SQL, Continuous Deployment, Continuous Delivery (CD), Continuous Integration (CI), Stripe API, Relational Databases, Sentry, Web Development, Microservices, Microservices Architecture, RESTful Microservices, Software Development, Software Engineering, CI/CD Pipelines, Jest, System Design, Full-stack Development, Front-end Development, Back-end Development, React Hooks, Next.js

Application Security Engineer

2017 - 2019
Emarsys
  • Developed and maintained several sensitive and/or security-related product features and libraries, such as authentication, authorization, session handling, encryption, and data sanitization using JavaScript, TypeScript, Python, Go, PHP, and Ruby.
  • Created risk assessment and threat modeling tools using Django and Flask.
  • Designed and built a secure-by-default, easy-to-use cryptographic library for Python (github.com/emartech/python-easy-crypto) for securing data transfer between microservices.
  • Set up, developed, and maintained automated tools to help development teams ship secure product features using Python, ElasticSearch, Logstash, Kibana, MySQL, and Zed Attack Proxy.
  • Developed and maintained a set of AWS-compatible request signing libraries (Escher: escherauth.io/index.html), implemented in various languages, including Node.js, Python, Go, and PHP.
  • Played a crucial role in finding and fixing web application vulnerabilities. Also participated in planning and implementing security incident response strategies.
  • Enabled development teams to apply security best practices daily by providing one-on-one mentoring and consultation, developing training materials, and setting up secure development guidelines.
  • Played a key role in preparing for external audits and penetration tests, evaluating the results, and following up on possible findings.
  • Assisted development teams in secure data handling and GDPR-related design decisions.
  • Built an in-house CI monitoring/alerting using Silex, MongoDB, and Angular and integrating with Heroku and GitHub APIs.
Technologies: HTML5, Code Review, Automated Testing, Caching, Ajax, HTTP, Google Analytics, REST APIs, API Development, Node.js, Django ORM, Amazon Web Services (AWS), Zendesk API, Zendesk, Intercom, Jira, GraphQL, REST, APIs, Full-stack, Front-end, Back-end, Go, GDPR, Python, Django, Flask, Django REST Framework, MongoDB, MySQL, PostgreSQL, jQuery, JavaScript, Angular, AngularJS, CoffeeScript, TypeScript, Ruby, Ruby on Rails (RoR), PHP, Yii, Silex, Kibana, Logstash, Elasticsearch, Elastic, ELK (Elastic Stack), Docker Swarm, Docker, Google Cloud Platform (GCP), Azure, Azure Active Directory, Single Sign-on (SSO), Security, Web App Security, DevOps, DevSecOps, IT Security, OWASP, OWASP Zed Attack Proxy (ZAP), Heroku, Cryptography, OpenVPN, Web Architecture, Architecture, API Architecture, REST API Architecture, Code Architecture, API/Services Architecture, Python 3, Databases, API Applications, Python 2, Test-driven Development (TDD), SQL, Continuous Deployment, Continuous Delivery (CD), Continuous Integration (CI), Relational Databases, Express.js, Koa, Pytest, Web Development, Microservices, Microservices Architecture, RESTful Microservices, Software Development, Software Engineering, CI/CD Pipelines, Jest, Application Security, Secure Web Development, Vulnerability Management, Vulnerability Assessment, OWASP Top 10, Web Security, Applied Cryptography, Public-key Cryptography, Full-stack Development, Advanced Encryption Standard (AES), NoSQL, SQLAlchemy, Bash Script, Front-end Development, Back-end Development

Software Developer

2009 - 2017
Webpont
  • Developed data visualization tools for sports analytics software and implemented computer vision algorithms to analyze professional sports videos.
  • Bootstrapped the back-end engine for a forex copy trading platform.
  • Designed, built, and maintained an automated email marketing platform with advanced segmentation and personalization capabilities. The platform is optimized for sending high-volume emails.
  • Developed a custom CMS for an international grocery store chain.
Technologies: HTML5, Caching, Ajax, HTTP, Google Analytics, APIs, Full-stack, Front-end, Back-end, OpenCV, C++, C, Python, Bash, JavaScript, CakePHP, PHP, MySQL, Apache, Linux, jQuery, CSS, Web Architecture, Architecture, Code Architecture, API Architecture, REST API Architecture, API/Services Architecture, Databases, SQL, Relational Databases, Web Development, Software Development, Software Engineering, REST APIs, Full-stack Development, Forex, Bash Script, Front-end Development, Back-end Development

Scenario Editor for Testing Autonomous Vehicles

https://getcruise.com
As a senior software engineer, I delivered several high-impact user-facing features that sped up the test scenario creation and editing process conducted by AV test engineers. I also helped plan and implement various major refactors, including moving the codebase to TypeScript, changing the main map rendering engine to Mapbox, setting up a component testing strategy, and streamlining the usage of some 3rd-party software components, including RxJS, Redux-Saga, Ramda, and Folk Tale.

Much Better Adventures

https://www.muchbetteradventures.com/
Much Better Adventures is a London-based adventure travel company that helps people organize their skiing, cycling, or road biking holiday directly with specialist independent operators. I implemented various features and 3rd-party API integrations.

As the lead engineer for the company, I played a key role in driving technical decisions, moving the system from a monolithic application toward a more modern microservice-based architecture, and ensuring high code quality standards.

Application Security Pipeline for Emarsys

https://emarsys.com/
I built an automated AppSec pipeline that automatically discovers unauthenticated endpoints along with all the possible query/body parameters and regularly conducts an automated vulnerability scan on these endpoints.

Tesco Central Europe

http://www.tesco.hu
Software development projects for Tesco CE. I designed, built, and maintained a fully personalized, automated email marketing platform with high throughput and advanced personalization and segmentation capabilities. I also built a custom CMS for tesco.hu, itesco.cz, tesco.sk, and tesco.pl, integrating the websites mentioned above with the Tesco online grocery store webshop. I built a product catalog management back end for Tesco online and an automated PDF processing software to automate product catalog uploads.

Authentication Solutions for Emarsys Marketing Platform

https://emarsys.com/
As an application security engineer, I played a key role in designing and building various authentication/SSO solutions for the Emarsys marketing platform, working on in-house and client-facing authentication services.

Cryptographic Library for Python

https://github.com/emartech/python-easy-crypto
As an application security engineer at Emarsys, I designed and implemented an easy-to-use, secure, by default, an open-source cryptographic library for Python. Python Easy Crypto is fully compatible with other Easy Crypto implementations like Node Easy Crypto.

Real Estate Portal

As a junior software developer, I implemented several new product features for the region's market-leading real estate portal. I also participated in building a custom CMS for the client using PHP and MySQL.

Web3 Front End for Decentralized Finance Functionality of a Community-driven Crypto Token

https://github.com/jcsongor/scam-dapp
Created the front-end app for a community-driven token project. Bootstrapped the whole application, planned and implemented user-facing features (including a faucet and a staking mechanism) that interact with smart contracts deployed to the BNB Smart Chain.

Media Conversion Pipeline for Online Movement Education Platform

I reviewed and updated the main media conversion pipeline of an innovative online movement education platform. I also planned and executed the migration to a modern cloud-based solution using AWS technologies.
2005 - 2009

Bachelor's Degree in Computer Science and Engineering

Budapest University of Technology and Economics - Budapest, Hungary

2005 - 2005

Coursework Toward a Master’s Degree in Physics

Eötvös Loránd University (ELTE) - Budapest, Hungary

Libraries/APIs

React, REST APIs, Django ORM, Node.js, Stripe, SQLAlchemy, OpenCV, jQuery, Auth, Intercom API, Zendesk API, API Development, React Redux, Stripe API, WebGL, Three.js, OpenGL, Ramda, RxJS, Redux-Saga, Web3.js, Mapbox API, Rollbar

Tools

Elastic, Kibana, ELK (Elastic Stack), OWASP Zed Attack Proxy (ZAP), OpenVPN, Docker Swarm, Logstash, Apache, SendGrid, Git, Jira, Google Analytics, Sentry, Pytest, Knex.js, Flow, MetaMask, AWS IAM, Papertrail, GitHub

Frameworks

Django, Flask, Redux, Django REST Framework, JSON Web Tokens (JWT), Ruby on Rails (RoR), Yii, Silex, CakePHP, AngularJS, Angular, Express.js, Koa, Phoenix, Video.js, Cypress, Jest, Tailwind CSS, Next.js

Paradigms

Test-driven Development (TDD), REST, DevSecOps, DevOps, Automated Testing, Web Architecture, API Architecture, REST API Architecture, API/Services Architecture, Continuous Deployment, Continuous Delivery (CD), Continuous Integration (CI), Functional Programming, Microservices, Microservices Architecture

Languages

Python, JavaScript, PHP, SQL, HTML, CSS, TypeScript, Ruby, C, C++, Bash Script, CoffeeScript, Bash, Java, Go, GraphQL, HTML5, Python 3, Python 2, Solidity, Elixir

Storage

NoSQL, PostgreSQL, MySQL, Azure Active Directory, Elasticsearch, MongoDB, Memcached, Redis, Databases, Relational Databases, Amazon S3 (AWS S3)

Platforms

Linux, Heroku, Docker, Amazon Web Services (AWS), WordPress, LAMP, Google Cloud Platform (GCP), Azure, Oracle, Zendesk, Contentful, Mapbox, Buildkite, Blockchain, AWS Lambda, Netlify

Other

Web App Security, Back-end, APIs, Web Development, Front-end Development, Back-end Development, React Hooks, Full-stack, Gatsby, Serverless, Intercom, Single Sign-on (SSO), Security, IT Security, OWASP, Defect Management, Cryptography, GDPR, Forex, Algorithms, Data Structures, Mathematics, Physics, Linear Algebra, Calculus, Defect Logging, Vulnerability Assessment, Vulnerability Management, Vulnerability Identification, Applied Cryptography, Advanced Encryption Standard (AES), Front-end, API Design, Storybook, HTTP, Ajax, Caching, Code Review, Payment APIs, Payment Gateways, Architecture, Code Architecture, API Applications, Stripe Payments, PostgreSQL 9, Maps, Web3, Smart Contracts, Cryptocurrency, Decentralized Finance (DeFi), Cryptocurrency Wallets, RESTful Microservices, Mapbox SDK, Software Development, Software Engineering, Amazon Elastic Transcoder, AWS Elemental MediaConvert, Turbolinks, Amazon EventBridge, CI/CD Pipelines, Video Streaming, Application Security, Secure Web Development, OWASP Top 10, Web Security, Public-key Cryptography, System Design, Full-stack Development

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring