Milos Zivadinovic, Developer in Belgrade, Serbia
Milos is available for hire
Hire Milos

Milos Zivadinovic

Verified Expert  in Engineering

Software Developer

Belgrade, Serbia

Toptal member since June 6, 2022

Bio

Milos is a highly versatile security engineer with a focus on AI security and a background in software engineering, besides working on his PhD degree. He focuses on cybersecurity and has a holistic approach, including social engineering, infrastructure, and CI/CD. Milos is knowledgeable in various languages, such as JavaScript, .NET, and Python. Currently, he is focused on AI security, model security, and ISO 27001 certification.

Portfolio

Oracle
Security, Artificial Intelligence (AI), Databases, APEX Code, Data Protection...
Synapsec
Security, Application Security, Artificial Intelligence (AI)...
United.Cloud
.NET, SonarQube, Static Application Security Testing (SAST)...

Experience

  • IT Security - 10 years
  • Security - 5 years
  • Security Analysis - 5 years
  • Web Security - 4 years
  • Application Security - 4 years
  • Cybersecurity - 4 years
  • Security Design - 4 years
  • Architecture - 4 years

Availability

Full-time

Preferred Environment

Windows, Linux, Web Security, Application Security, Blockchain, Security Design, IT Security, Artificial Intelligence (AI), ISO 27001, Large Language Models (LLMs)

The most amazing...

...thing I've done is working as a blockchain network security lead with over 10,000 monthly users.

Work Experience

Senior Solutions Engineer

2021 - PRESENT
Oracle
  • Handled the development of the Serbian data center following necessary software deployment and security posture.
  • Performed a security analysis for a government client, which involved handling personally identifiable information.
  • Developed a low-code proof of concept for a financial services company.
  • Handled the deployment and development of AI solutions with regard to the security of models and data.
Technologies: Security, Artificial Intelligence (AI), Databases, APEX Code, Data Protection, Data-level Security, AI Security, Source Code Review, Code Review, Google Cloud Platform (GCP), Google Cloud

Security Engineer (via Toptal)

2024 - 2024
Synapsec
  • Developed key AI and security strategies for a blockchain-based AI solution used by thousands of people.
  • Worked with Jira and Bittensor as the blockchain back end.
  • Did a security overview and analysis of the existing solution and future improvements. Performed code review and gave suggestions.
Technologies: Security, Application Security, Artificial Intelligence (AI), Vulnerability Assessment, Blockchain, Google Cloud Platform (GCP), Google Cloud

Senior Software Engineer

2019 - 2021
United.Cloud
  • Developed the Windows UWP application after the previous developer. I also led refactoring and optimization efforts to sustain the new infrastructure that was in place. In addition, I acted as a software architect for the application and supporting services.
  • Managed a team of three people to develop the Windows UWP application. We used Agile principles as well as Scrum with Jira as our service for tracking.
  • Performed security audits on the Windows UWP application with SAST and DAST testing. Besides the Windows app, I was responsible for the DevOps and DevSecOps processes related to the application and beyond.
Technologies: .NET, SonarQube, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Scrum, Agile, Python, Application Security, Cybersecurity, Security, IT Security, Vulnerability Assessment, Vulnerability Management, Authentication, Security Architecture, Vulnerability Identification, Network Security, Networks, Penetration Testing, Risk Management, Information Security, TCP/IP, Threat Modeling, Security Analysis, SIEM, Architecture, Identity & Access Management (IAM), Cloud Security, APIs, Cloud, SDKs, Hacking, Ethical Hacking, CSS, Vanilla JS, HTML, PostgreSQL, Kali Linux, C#, Data Protection, Data-level Security, Source Code Review, Code Review

Founder

2018 - 2021
Ignis Potentia
  • Developed a blockchain application running on Hyperledger Composer that handles transparency of donations coming from the donors, as well as allocation to people in need.
  • Did Ethereum analysis for a startup that was making their ERC20 compatible coin. The analysis consisted of ideas for implementation in their coin.
  • Performed security analysis on the blockchain for a downsizing application using Corda.
Technologies: Blockchain, Web Security, JavaScript, Python, Amazon Web Services (AWS), Vulnerability Assessment, Vulnerability Management, Security Architecture, Vulnerability Identification, Penetration Testing, Risk Management, Information Security, Security Analysis, SIEM, APIs, Cloud, SDKs, CSS, Vanilla JS, HTML, C#, Source Code Review, Code Review

Senior Back-end Developer

2018 - 2019
FIS Global
  • Performed development on FIS FrontArena software which is used by hedge funds. I worked on the reporting engine that would aggregate and develop new insights into the financial data provided by FrontArena.
  • Wrote plugins for the FrontArena PACE distributed grid in Python. I also worked with distributed computing teams to enable PACE to work with our custom code, as well as deployed custom Python code to clients.
  • Managed security analysis of all code inside of the team–both SAST and DAST. In addition, I did performance and application testing before release to the clients and provided recommendations for further software architecture and development.
Technologies: .NET, Python, REST APIs, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), JavaScript, Networks, System Administration, SIEM, Java, APIs, SDKs, CSS, Vanilla JS, HTML, Snort, C#, Source Code Review, Code Review

Solutions Engineer

2016 - 2018
NCR
  • Worked with sales team and account managers as a technical consultant in order to provide proofs of concept (POC) and MVPs to the respective clients. These POCs and MVPs were related to the part of the financial services pertaining to ATMs and ATM driving.
  • Developed a custom module for the NCR's Authentic banking host that would abstract cash cassettes. I also performed SAST and DAST security research on the module and other authentic configurations done by different team members inside of NCR.
  • Created ATM flows in NCR's Connections framework that allows rapid deployment and development of ATM software. I wrote mostly in JavaScript with Java and C# as back-end technologies.
Technologies: JavaScript, Node.js, Application Security, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Security Architecture, SIEM, APIs, Vanilla JS, HTML, Snort, C#, Security Research

Blockchain-based Document Change Tracking System

I created a document change tracking system utilizing blockchain tables from the Oracle database as a data store. Documents are in a tabular form and their integrity is tracked by blockchain tables. It is written for a scientific conference as a proof of concept (POC).

Windows UWP App Security Hardening

https://apps.microsoft.com/store/detail/eon-tv-beta/9P7JD7P4N5CG?hl=en-us&gl=US
Besides the Windows UWP app I was developing with one of my previous employers, I was also responsible for the security hardening of the application. I deployed the entire CI/CD infrastructure using Jenkins to perform automated builds of the application, eliminating human risk and lowering build times to two instead of 15 minutes. Due to the CI/CD infrastructure, I also implemented SonarQube SAST and unit and integration test execution. Furthermore, I handled the code review and dynamic application security testing (DAST) of the application daily with the developers I led.

Highly Redundant Application Deployment on Oracle Cloud

The client provided us with an application running on Microsoft stack (.NET, SQL Server) that had to be deployed onto the cloud. We selected Oracle Cloud due to its data redundancy and high performance, even for the Microsoft stack.

Deployed the application on multiple virtual machines per region, managed by a load balancer. Also, handled the security by deploying security lists and WAF, as well as code security by utilizing Terraform and developing a DevSecOps pipeline.

I was handling the whole architecture and infrastructure for the application deployment, as well as coordination between other people.
2016 - 2017

Master's Degree in Organizational Sciences

Faculty of Organizational Sciences - Belgrade, Serbia

2012 - 2016

Bachelor's Degree in Organizational Sciences

Faculty of Organizational Sciences - Belgrade, Serbia

Libraries/APIs

Node.js, REST APIs

Tools

Snort, SonarQube, Jenkins, Terraform

Languages

JavaScript, CSS, HTML, C#, Java, Python, APEX Code

Frameworks

Vanilla JS, .NET

Paradigms

DevOps, DevSecOps, Penetration Testing, Management, Scrum, Agile, HIPAA Compliance

Platforms

Linux, Kali Linux, Amazon Web Services (AWS), Google Cloud Platform (GCP), Windows, Blockchain

Industry Expertise

Cybersecurity, Network Security

Storage

PostgreSQL, Database Security, MongoDB, Google Cloud, Oracle Cloud, Databases

Other

Software Engineering, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), IT Security, Security, APIs, Threat Modeling, SDKs, Networks, Risk Management, Information Security, TCP/IP, Security Analysis, SIEM, Identity & Access Management (IAM), Ethical Hacking, Hacking, Encryption, Web Security, IT Administration, Security Design, Architecture, Cloud, Authentication, Security Architecture, Vulnerability Identification, Data Protection, Data-level Security, Vulnerability Assessment, Vulnerability Management, Network Protocols, System Administration, Cloud Security, ISO 27001, Large Language Models (LLMs), Source Code Review, Code Review, Application Security, Social Engineering, CI/CD Pipelines, Load Balancers, Web Application Firewall (WAF), Artificial Intelligence (AI), AI Security, Security Research, GDPR

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring