Csongor Józsa, Software Developer in Budapest, Hungary
Csongor Józsa

Software Developer in Budapest, Hungary

Member since December 23, 2020
Csongor has been working as a software developer since 2009, specializing in Python and JavaScript-based systems. As a polyglot programmer, he writes robust, high-quality, and well-tested code, and he is a TDD/clean code enthusiast. In addition to experience with DevOps tooling and system administration, Csongor has a special interest in web application security.
Csongor is now available for hire


  • Much Better Adventures
    HTML5, Payment Gateways, Payment APIs, Contentful, Code Review...
  • Emarsys
    HTML5, Code Review, Automated Testing, Caching, Ajax, HTTP, Google Analytics...
  • Webpont
    HTML5, Caching, Ajax, HTTP, Google Analytics, APIs, Full-stack, Front-end...



Budapest, Hungary



Preferred Environment

Amazon Web Services (AWS), Docker, Heroku, Linux

The most amazing...

...project I've been part of was designing and building a complex data pipeline for professional sports analysis and data visualization used by several NBA teams.


  • Lead Engineer

    2019 - 2020
    Much Better Adventures
    • Migrated parts of the monolithic application to a modern front-end app, using React and Gatsby.
    • Designed and built microservices for new feature sets, such as a new payment gateway, using React (TypeScript, Redux, MaterialUI), Flask, Django (DRF). and PostgreSQL.
    • Drove technical decisions regarding system architecture, participated in code reviews.
    • Maintained and continuously improved the code quality of the main legacy application, which was built with Django and a Django REST framework API.
    • Created various intercom apps to assist the MBA Customer support team (Flask, stream.io).
    • Helped the client to move away from a monolithic design towards a microservice-based architecture. Designed and implemented the JWT-based authentication scheme between the different microservices.
    • Migrated the main application's CI pipeline from Gitlab to Github.
    Technologies: HTML5, Payment Gateways, Payment APIs, Contentful, Code Review, Automated Testing, Ajax, HTTP, React Redux, Redux, Google Analytics, REST APIs, Storybook, API Development, API Design, Django ORM, Amazon Web Services (AWS), Intercom API, REST, APIs, Full-stack, Front-end, Back-end, GraphQL, Python, Django, Django REST Framework, Flask, PostgreSQL, JavaScript, React, Gatsby, JSON Web Tokens (JWT), HTML, CSS, Docker, MySQL, PHP, WordPress, LAMP, Heroku, Serverless, Stripe, Intercom, Architecture, Web Architecture, API Architecture, REST API Architecture, API/Services Architecture, API Applications, Databases, Python 3, Stripe Payments, SQL, Continuous Deployment, Continuous Delivery (CD), Continuous Integration (CI), Stripe API, Relational Databases, Sentry
  • Application Security Engineer

    2017 - 2019
    • Played a key role in finding and fixing web application vulnerabilities.
    • Developed and maintained several sensitive and/or security-related product features and libraries, such as authentication, authorization, session handling, encryption, and data sanitization (JavaScript, TypeScript, Python, Go, PHP, Ruby).
    • Set up, developed, and maintained automated tools to help development teams ship secure product features.
    • Enabled development teams to apply security best practices during their daily work by providing one-on-one mentoring and consultation, developing training materials, and setting up secure development guidelines.
    • Created risk assessment and threat modeling tools, using Django and Flask.
    • Played a key role in preparing for external audits and penetration tests, evaluating the results, and following up on possible findings.
    • Assisted development teams in secure data handling and GDPR-related design decisions.
    • Developed and maintained a set of AWS-compatible request signing libraries (Escher - http://escherauth.io/index.html), implemented in various languages including Node.js, Python, Go, and PHP.
    • Designed and built a secure-by-default, easy-to-use cryptographic library for Python (https://github.com/emartech/python-easy-crypto) for securing data transfer between microservices.
    • Built an in-house CI monitoring/alerting using Silex, MongoDB, and Angular, and integrating with Heroku and Github APIs.
    Technologies: HTML5, Code Review, Automated Testing, Caching, Ajax, HTTP, Google Analytics, REST APIs, API Development, Node.js, Django ORM, Amazon Web Services (AWS), Zendesk API, Zendesk, Intercom, Jira, GraphQL, REST, APIs, Full-stack, Front-end, Back-end, Go, GDPR, Python, Django, Flask, Django REST Framework, MongoDB, MySQL, PostgreSQL, jQuery, JavaScript, Angular, AngularJS, CoffeeScript, TypeScript, Ruby, Ruby on Rails (RoR), PHP, Yii, Silex, Kibana, Logstash, Elasticsearch, Elastic, ELK (Elastic Stack), Docker Swarm, Docker, Google Cloud Platform (GCP), Azure, Azure Active Directory, Single Sign-on (SSO), Security, Web App Security, DevOps, DevSecOps, IT Security, OWASP, OWASP Zed Attack Proxy (ZAP), Heroku, Cryptography, OpenVPN, Web Architecture, Architecture, API Architecture, REST API Architecture, Code Architecture, API/Services Architecture, Python 3, Databases, API Applications, Python 2, Test-driven Development (TDD), SQL, Continuous Deployment, Continuous Delivery (CD), Continuous Integration (CI), Relational Databases, Express.js, Koa, Pytest
  • Software Developer

    2009 - 2017
    • Developed data visualization tools for sports analytics software and implemented computer vision algorithms for analysis of professional sports videos. .
    • Bootstrapped the back-end engine for a forex copy trading platform.
    • Designed, built, and maintained an automated email marketing platform with advanced segmentation and personalization capabilities. The platform is optimized for sending high-volume emails.
    • Developed a custom CMS for an international grocery store chain.
    • Built microsites for various athletes, sports teams, and brands.
    Technologies: HTML5, Caching, Ajax, HTTP, Google Analytics, APIs, Full-stack, Front-end, Back-end, OpenCV, C++, C, Python, Bash, JavaScript, CakePHP, PHP, MySQL, Apache, Linux, jQuery, CSS, Web Architecture, Architecture, Code Architecture, API Architecture, REST API Architecture, API/Services Architecture, Databases, SQL, Relational Databases


  • Much Better Adventures

    Much Better Adventures is a London-based adventure travel company that helps people organize their skiing, cycling, or road biking holiday directly with specialist independent operators. I implemented various features and third-party API integrations.

    As the lead engineer for the company, I played a key role in driving technical decisions, moving the system from a monolithic application toward a more modern microservice-based architecture, and ensuring high code quality standards.

  • Application Security Pipeline for Emarsys

    I built an automated AppSec pipeline that automatically discovers unauthenticated endpoints along with all the possible query/body parameters and regularly conducts an automated vulnerability scan on these endpoints.

  • Tesco Central Europe

    Software development projects for Tesco CE:
    - Designed, built, and maintained a fully personalized, automated email marketing platform with high throughput and advanced personalization and segmentation capabilities.
    - Built a custom CMS for tesco.hu, itesco.cz, tesco.sk, and tesco.pl.
    - Integrated the above-mentioned websites with the Tesco online grocery store webshop.
    - Built a product catalog management back end for Tesco online.
    - Built an automated PDF processing software to automate product catalog uploads.

  • Real Estate Portal

    As a junior software developer, I implemented several new product features for the region's market-leading real estate portal, and I participated in building a custom CMS for the client using PHP and MySQL.

  • Authentication Solutions for Emarsys Marketing Platform

    As an application security engineer, I played a key role in designing and building various authentication/SSO solutions for the Emarsys marketing platform, working on both in-house and client-facing authentication services.

  • Cryptographic Library for Python

    As an application security engineer at Emarsys, I designed and implemented an easy-to-use, secure by default, open-source cryptographic library for Python.
    Python Easy Crypto is fully compatible with other Easy Crypto implementations like Node Easy Crypto.


  • Languages

    Python, JavaScript, SQL, HTML, PHP, CSS, Ruby, TypeScript, C, C++, Bash Script, CoffeeScript, Bash, Java, Go, GraphQL, HTML5, Python 3, Python 2
  • Frameworks

    Django, Flask, Redux, Django REST Framework, JSON Web Tokens (JWT), Ruby on Rails (RoR), Yii, Silex, CakePHP, AngularJS, Angular, Express.js, Koa
  • Paradigms

    Test-driven Development (TDD), REST, DevSecOps, DevOps, Automated Testing, Web Architecture, API Architecture, REST API Architecture, API/Services Architecture, Continuous Deployment, Continuous Delivery (CD), Continuous Integration (CI)
  • Other

    Web App Security, Back-end, APIs, Full-stack, Gatsby, Serverless, Intercom, Single Sign-on (SSO), OWASP, Defect Management, Cryptography, GDPR, Forex, Algorithms, Data Structures, Mathematics, Physics, Linear Algebra, Calculus, Defect Logging, Vulnerability Assessment, Vulnerability Management, Vulnerability Identification, Applied Cryptography, Advanced Encryption Standard (AES), Front-end, API Design, Storybook, HTTP, Ajax, Caching, Code Review, Payment APIs, Payment Gateways, Architecture, Code Architecture, API Applications, Stripe Payments
  • Libraries/APIs

    React, Django ORM, Node.js, Stripe, SQLAlchemy, OpenCV, jQuery, Auth, Intercom API, Zendesk API, API Development, REST APIs, React Redux, Stripe API
  • Platforms

    Linux, Heroku, Docker, WordPress, LAMP, Google Cloud Platform (GCP), Azure, Oracle, Zendesk, Amazon Web Services (AWS), Contentful
  • Tools

    Elastic, Kibana, ELK (Elastic Stack), OWASP Zed Attack Proxy (ZAP), OpenVPN, Docker Swarm, Logstash, Apache, SendGrid, Git, Jira, Google Analytics, Sentry, Pytest
  • Storage

    NoSQL, PostgreSQL, MySQL, Azure Active Directory, Elasticsearch, MongoDB, Memcached, Redis, Databases, Relational Databases
  • Industry Expertise

    Security, IT Security


  • Bachelor's Degree in Computer Science and Engineering
    2005 - 2009
    Budapest University of Technology and Economics - Budapest, Hungary
  • Coursework Toward a Master’s Degree in Physics
    2005 - 2005
    Eötvös Loránd University (ELTE) - Budapest, Hungary

To view more profiles

Join Toptal
Share it with others