Gergely Kalman, Developer in Málaga, Spain
Gergely is available for hire
Hire Gergely

Gergely Kalman

Verified Expert  in Engineering

Python Developer

Location
Málaga, Spain
Toptal Member Since
April 4, 2016

Gergely is a versatile CTO with a wide variety of experience in a lot of different technologies. He is able to design systems from the ground up and carry them through their lifecycle. Having managed his own tech team, he does not shy away from managing others or advising business decisions.

UDPSSHLinuxDevOpsSecurityPythonOpenVPNDjangoJinjaCDockerAmazon EC2Amazon Web Services (AWS)Amazon S3 (AWS S3)Scrapy

Portfolio

NDA (via Toptal)
Crypto, Blockchain, Django, Python
Universal Music Group
Python, Google Cloud Platform (GCP)
Buffered.com
Linux, Kivy, wxPython, Python, Django, OpenVPN

Experience

DevOps - 15 yearsSecurity - 12 yearsPython - 10 yearsSoftware Architecture - 10 yearsDjango - 7 yearsDocker - 3 yearsAmazon Web Services (AWS) - 3 years

Availability

Part-time

Preferred Environment

Linux

The most amazing...

...challenge in my life has been singlehandedly writing all the code for my startup company.

Work Experience

Consultant and Blockchain Developer

2018 - 2019
NDA (via Toptal)
  • Refactored a large legacy codebase.
  • Helped guide business and architecture decisions.
  • Designed and implemented a distributed architecture.
  • Fixed lots of security bugs.
  • Uncovered business-level vulnerabilities.
Technologies: Crypto, Blockchain, Django, Python

Senior Consultant

2018 - 2018
Universal Music Group
  • Refactored a Python tool.
Technologies: Python, Google Cloud Platform (GCP)

Co-founder, CTO, CEO

2014 - 2018
Buffered.com
  • Singlehandedly designed and implemented the MVP.
  • Designed the network and APIs as well as desktop clients.
  • Ran the development team through the company's lifetime.
  • Ran the company as managing director (CEO).
Technologies: Linux, Kivy, wxPython, Python, Django, OpenVPN

Software Engineer, Interviewer

2011 - 2014
Toptal, LLC
  • Implemented several simple websites for personal projects using Django and Jinja2.
  • Implemented OpenVPN based desktop software using wxPython, OpenVPN, and OpenSSL.
  • Interviewed a large number of candidates and overhauled the interview process.
Technologies: Jinja, Django, OpenSSL, OpenVPN, wxPython

Head of Media Platform Development

2010 - 2011
DuoDecad, LLC, Media Platform Division
  • Worked as the only developer (for the first eight months) on an alternative video streaming platform to Adobe Flash Media Server (primary goal of the media platform division (MPD)).
  • Achieved our goal within a year using unofficial documentation of the protocol and manual reversing.
  • Designed and implemented livestream distribution and conversion architecture in Python 3.
  • Optimized to allow one node to serve more than 100 thousand clients using approximately 10Gbit/s.
  • Supported on-the-fly transcoding of incoming audio and video.
  • Benchmarked performance and moved heavy-lifting code to C.
  • Integrated several Libav libraries into Python for stream conversion.
  • Researched and assisted in hardware acquisitions for the project.
  • Devised a custom event-driven interface with custom socket handling for Python, including FLV format handlers.
  • Detected bugs in Adobe formats and in Libav format.
  • Administered MPD's machines (about 80).
  • Tuned machines for maximum network performance.
  • Lectured on IT security, MPD's project, and Python programming.
  • Iterated until peak performance of the cluster was almost 100Gb. With 30 machines, it would have been capable of completely taking over the existing streaming cluster (100+ nodes).
Technologies: AMF, RTMP, Linux, C, Python 3, Libav

IT Security Specialist

2008 - 2010
DuoDecad, LLC, IT Security Division
  • Performed software audits, penetration tests, and stress tests.
  • Implemented failover architecture for the main website.
  • Assisted our partner company in acquiring Payment Card Industry Data Security Standard (PCI-DSS) compliance.
  • Devised company policies for PCI-DSS, developed architecture, and held educational sessions as part of IT security staff.
  • Benchmarked Linux kernel's behavior when presented with high volumes of DDoS traffic. Tuned and patched the kernel to achieve maximum resilience.
  • Worked as a member of the incident response team.
  • Developed a network analyzer in C which created real-time statistics of incoming HTTP requests and pinpointed attackers.
  • Ported old OpenSSH fork modifications to the latest version.
Technologies: C, Linux Virtual Server (LVS), Keepalived, Iptables, Linux

IT Operator

2008 - 2008
DuoDecad, LLC, IT Security Division
  • Helped with administration of several hundred Linux machines.
  • Led support for kernel and network-related issues.
  • Wrote small scripts in bash for administrative purposes.
Technologies: Linux

PCI-DSS Consultant

Consultation and architectural help provided for Lalibco, which processed more than $500,000 daily for an Alexa top 50 website. Several bugs and security holes were uncovered in their systems. I prepared it for the PCI-DSS audit, which it passed successfully.

Online Payment Architect, PCI-DSS Consultant

Helped design Escalion's (Lalib successor) system architecture from networking to services to policies and procedures. Advised on secure software practices and developed policies and procedures to keep cardholder data secure. Escalion passed PCI-DSS test and took over Lalib's transactions, which were around $500,000 each day.

Real Estate Scraper

I wrote my own scraper for the largest Hungarian real estate website to get amazing deals.

Buffered.com

I have created my own VPN startup called buffered.com, which I ran as CTO for three years and CEO for one year.
Image of Fixing the “Heartbleed” OpenSSL Bug: A Tutorial for Sys Admins publication
Publication

Fixing the “Heartbleed” OpenSSL Bug: A Tutorial for Sys Admins

https://www.toptal.com/freelance/the-heartbleed-openssl-bug-what-you-need-to-know
Image of 10 Common Web Security Vulnerabilities publication
Publication

10 Common Web Security Vulnerabilities

https://www.toptal.com/cyber-security/10-most-common-web-security-vulnerabilities
Image of How I Made Porn 20x More Efficient With Python Video Streaming publication
Publication

How I Made Porn 20x More Efficient With Python Video Streaming

https://www.toptal.com/python/how-i-made-porn-20x-more-efficient-with-python
Image of Credit Card Hacks: With Some Tricks, Hacked Card Numbers Are Still, Still Googleable publication
Publication

Credit Card Hacks: With Some Tricks, Hacked Card Numbers Are Still, Still Googleable

https://www.toptal.com/web/with-a-filter-bypass-credit-card-numbers-are-still-still-google-able

Languages

C, Python, Bash, Python 3, C++, PHP, Assembler x86

Frameworks

Django, Scrapy, Jinja, Qt, Django REST Framework

Libraries/APIs

Libav, PyQt, OpenSSL, AMF, Kivy

Tools

OpenVPN, Scraping Hub, Git, Terraform, Ansible, Packer, wxPython, Keepalived, Linux Virtual Server (LVS)

Paradigms

REST, Object-oriented Programming (OOP), Imperative Programming, Event-driven Programming, DevOps, Penetration Testing

Platforms

Linux, Docker, Amazon EC2, Amazon Web Services (AWS), Raspberry Pi, Blockchain, Proxmox, AWS Lambda, Windows, Google Cloud Platform (GCP), MacOS

Storage

Amazon S3 (AWS S3), Memcached, Redis, MySQL

Industry Expertise

Security, Cybersecurity

Other

Freelancing, Ethernet, TCP, UDP, SSH, Code Auditing, Iptables, Software Architecture, Scraping, System Administration, SaaS, Web Development, System Security Developer, Leadership, Embedded Hardware, Internet of Things (IoT), Embedded Software, WordPress Plugins, Serverless, RTMP, Crypto

2005 - 2007

Bachelor's Degree in Computer Science

Eotvos Lorand Science University - Hungary

NOVEMBER 2019 - NOVEMBER 2022

AWS Certified Solutions Architect - Associate (SAA)

Amazon Web Services (AWS)