Milos Zivadinovic, Developer in Belgrade, Serbia
Milos is available for hire
Hire Milos

Milos Zivadinovic

Verified Expert  in Engineering

Software Developer

Location
Belgrade, Serbia
Toptal Member Since
June 6, 2022

Milos is a highly versatile security engineer with a focus on AI security and a background in software engineering, besides working on his PhD degree. He focuses on cybersecurity and has a holistic approach, including social engineering, infrastructure, and CI/CD. Milos is knowledgeable in various languages, such as JavaScript, .NET, and Python. Currently, he is focused on AI security, model security, and ISO 27001 certification.

Software EngineeringSecurityInformation SecurityIdentity & Access Management (IAM)JavaScriptNode.jsVanilla JSLinuxCybersecurityNetwork SecurityCSSKali LinuxDevOpsSnortWeb SecurityDynamic Application Security Testing

Portfolio

Oracle
Security, Artificial Intelligence (AI), Databases, APEX Code, Data Protection...
United.Cloud
.NET, SonarQube, Static Application Security Testing (SAST)...
Ignis Potentia
Blockchain, Web Security, JavaScript, Python, Amazon Web Services (AWS)...

Experience

Security - 5 yearsSecurity Analysis - 5 yearsArchitecture - 4 yearsWeb Security - 4 yearsApplication Security - 4 yearsIT Security - 4 yearsCybersecurity - 4 yearsSecurity Design - 4 years

Availability

Part-time

Preferred Environment

Windows, Linux, Web Security, Application Security, Blockchain, Security Design, IT Security, Artificial Intelligence (AI), ISO 27001, Large Language Models (LLMs)

The most amazing...

...thing I've done is working as a blockchain network security lead with over 10,000 monthly users.

Work Experience

Senior Solutions Engineer

2021 - PRESENT
Oracle
  • Handled the development of the Serbian data center following necessary software deployment and security posture.
  • Performed a security analysis for a government client, which involved handling personally identifiable information.
  • Developed a low-code proof of concept for a financial services company.
  • Handled the deployment and development of AI solutions with regard to the security of models and data.
Technologies: Security, Artificial Intelligence (AI), Databases, APEX Code, Data Protection, Data-level Security

Senior Software Engineer

2019 - 2021
United.Cloud
  • Developed the Windows UWP application after the previous developer. I also led refactoring and optimization efforts to sustain the new infrastructure that was in place. In addition, I acted as a software architect for the application and supporting services.
  • Managed a team of three people to develop the Windows UWP application. We used Agile principles as well as Scrum with Jira as our service for tracking.
  • Performed security audits on the Windows UWP application with SAST and DAST testing. Besides the Windows app, I was responsible for the DevOps and DevSecOps processes related to the application and beyond.
Technologies: .NET, SonarQube, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Scrum, Agile, Python, Application Security, Cybersecurity, Security, IT Security, Vulnerability Assessment, Vulnerability Management, Authentication, Security Architecture, Vulnerability Identification, Network Security, Networks, Penetration Testing, Risk Management, Information Security, TCP/IP, Threat Modeling, Security Analysis, SIEM, Architecture, Identity & Access Management (IAM), Cloud Security, APIs, Cloud, SDKs, Hacking, Ethical Hacking, CSS, Vanilla JS, HTML, PostgreSQL, Kali Linux, C#, Data Protection, Data-level Security

Founder

2018 - 2021
Ignis Potentia
  • Developed a blockchain application running on Hyperledger Composer that handles transparency of donations coming from the donors, as well as allocation to people in need.
  • Did Ethereum analysis for a startup that was making their ERC20 compatible coin. The analysis consisted of ideas for implementation in their coin.
  • Performed security analysis on the blockchain for a downsizing application using Corda.
Technologies: Blockchain, Web Security, JavaScript, Python, Amazon Web Services (AWS), Vulnerability Assessment, Vulnerability Management, Security Architecture, Vulnerability Identification, Penetration Testing, Risk Management, Information Security, Security Analysis, SIEM, APIs, Cloud, SDKs, CSS, Vanilla JS, HTML, C#

Senior Back-end Developer

2018 - 2019
FIS Global
  • Performed development on FIS FrontArena software which is used by hedge funds. I worked on the reporting engine that would aggregate and develop new insights into the financial data provided by FrontArena.
  • Wrote plugins for the FrontArena PACE distributed grid in Python. I also worked with distributed computing teams to enable PACE to work with our custom code, as well as deployed custom Python code to clients.
  • Managed security analysis of all code inside of the team–both SAST and DAST. In addition, I did performance and application testing before release to the clients and provided recommendations for further software architecture and development.
Technologies: .NET, Python, REST APIs, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), JavaScript, Networks, System Administration, SIEM, Java, APIs, SDKs, CSS, Vanilla JS, HTML, Snort, C#

Solutions Engineer

2016 - 2018
NCR
  • Worked with sales team and account managers as a technical consultant in order to provide proofs of concept (POC) and MVPs to the respective clients. These POCs and MVPs were related to the part of the financial services pertaining to ATMs and ATM driving.
  • Developed a custom module for the NCR's Authentic banking host that would abstract cash cassettes. I also performed SAST and DAST security research on the module and other authentic configurations done by different team members inside of NCR.
  • Created ATM flows in NCR's Connections framework that allows rapid deployment and development of ATM software. I wrote mostly in JavaScript with Java and C# as back-end technologies.
Technologies: JavaScript, Node.js, Application Security, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Security Architecture, SIEM, APIs, Vanilla JS, HTML, Snort, C#

Blockchain-based Document Change Tracking System

I created a document change tracking system utilizing blockchain tables from the Oracle database as a data store. Documents are in a tabular form and their integrity is tracked by blockchain tables. It is written for a scientific conference as a proof of concept (POC).

Windows UWP App Security Hardening

https://apps.microsoft.com/store/detail/eon-tv-beta/9P7JD7P4N5CG?hl=en-us&gl=US
Besides the Windows UWP app I was developing with one of my previous employers, I was also responsible for the security hardening of the application. I deployed the entire CI/CD infrastructure using Jenkins to perform automated builds of the application, eliminating human risk and lowering build times to two instead of 15 minutes. Due to the CI/CD infrastructure, I also implemented SonarQube SAST and unit and integration test execution. Furthermore, I handled the code review and dynamic application security testing (DAST) of the application daily with the developers I led.

Highly Redundant Application Deployment on Oracle Cloud

The client provided us with an application running on Microsoft stack (.NET, SQL Server) that had to be deployed onto the cloud. We selected Oracle Cloud due to its data redundancy and high performance, even for the Microsoft stack.

Deployed the application on multiple virtual machines per region, managed by a load balancer. Also, handled the security by deploying security lists and WAF, as well as code security by utilizing Terraform and developing a DevSecOps pipeline.

I was handling the whole architecture and infrastructure for the application deployment, as well as coordination between other people.
2016 - 2017

Master's Degree in Organizational Sciences

Faculty of Organizational Sciences - Belgrade, Serbia

2012 - 2016

Bachelor's Degree in Organizational Sciences

Faculty of Organizational Sciences - Belgrade, Serbia

Libraries/APIs

Node.js, REST APIs

Tools

Snort, SonarQube, Jenkins, Terraform

Frameworks

Vanilla JS, .NET

Languages

JavaScript, CSS, HTML, C#, Java, Python, APEX Code

Paradigms

DevOps, DevSecOps, Penetration Testing, Management, Scrum, Agile

Platforms

Linux, Kali Linux, Amazon Web Services (AWS), Windows, Blockchain

Industry Expertise

Cybersecurity, Network Security

Storage

PostgreSQL, Oracle Cloud, Databases

Other

Software Engineering, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), IT Security, Security, APIs, Threat Modeling, SDKs, Networks, Risk Management, Information Security, TCP/IP, Security Analysis, SIEM, Identity & Access Management (IAM), Ethical Hacking, Hacking, Web Security, IT Administration, Security Design, Architecture, Cloud, Authentication, Security Architecture, Vulnerability Identification, Data Protection, Data-level Security, Vulnerability Assessment, Vulnerability Management, Network Protocols, System Administration, Cloud Security, ISO 27001, Large Language Models (LLMs), Application Security, Social Engineering, CI/CD Pipelines, Load Balancers, Web Application Firewall (WAF), Artificial Intelligence (AI)

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring