Save browser page to PDF
candidate-photo

Mariia T.

Mobile Developer
DevOps

Experience: 14 years

About Me

Effective and efficient Security professional. Experienced in a large enterprise environment and a rapidly growing company. Capable of organizing, facilitating, and performing Security services, managing customers’ and stakeholders’ expectations. Proven ability to work autonomously and deliver results in line with organization and department goals.
Toolset:
– Burp.
– Netsparker.
– Qualys SSL labs.
– Scripting languages: PowerShell, Python.
– Experience with serverless solutions.
– API testing.
OWASP member. Certified in AWS.

Education

01

Akademia Pedagogiczna im. Komisji Edukacji Narodowej w Krakowie

2016-2019

Bachelor’s degree in Mathematics

Work and Experience

01

Information Security Analyst

October | 2020 - July | 2021

OANDA

– Work with on-prem and cloud-native security tools (Splunk, CIS scanner, etc.).
– Help build a culture of security through continual advocacy and knowledge-sharing sessions with my technical and non-technical colleagues.
– Run regular security awareness sessions. Designed training plan for onboarding.
– Work with the development teams to set up automation tooling as part of DevSecOps process.
– Manage vendors through engagements such as third-party vulnerability assessments.
– Designed business-process of remediation of security findings and communicated it to stakeholders.
– Validate remediations of vulnerability findings (toolset: nmap, sqlman, burp, burp collaborator)
– Involved in internal and external audits.

02

Volunteer

October | 2016 - July | 2021

Dr.Clown Founation

Contributed to Poland wide volunteer program related to visiting ill kids in hospitals in clown costume.

03

InfoSec Analyst System Integration

December | 2018 - September | 2020

Philip Morris International

Providing IT security expertise throughout the implementation of new cloud-based SaaS/PaaS systems by:
– Performing security due diligence of potential vendors.
– Designing and documenting authorization concept (users and roles definition) in line with security requirements and best practices.
– Integrating with company’s identity and access management (IAM) system.
– Identity and access management implementation.
– Performing criticality and risk assessments of services and systems together with business customers and embedding mitigating controls.
– Performing vulnerability scans / penetration tests for web-based applications inline with OWASP methodology.
– Facilitating security scans performed by third party contractors: set-up scope, review the results, follow up remediation steps.
– Assuring system compliance with corporate policies & procedures, FDA GxP regulations or/and EU General Data Protection Regulation (GDPR).
Experience with security design for below systems:
– AWS based solutions (including serverless solutions).
– SAP Power Designer.
– Power BI.
– Qualtrics.
– Telegram Bots.
Trainer for programming and informatics.

04

Trainer for programming and informatics

December | 2017 - December | 2018

EduExe

– Provide beginners programming training courses in Python, Java, Pascal and C++ to Polish pupils.
– Showing basic principles of HTML and JavaScript.
– Use Scratch and code.org resources for smallest kids (from 4 to 13 y.o.).

05

Mathematics Teacher

March | 2009 - December | 2018

Freelance

Personal tutoring in areas of higher Math, Informatics, Statistics and Programming for Students

06

Volunteer

January | 2008 - May | 2012

Advita Fund USA

Took part in fundraising activities for cancer patients in Russia

Skills

Request Details

Mariia T.

    Array ( [en] => Array ( [widget_display] => yes [phone_number] => +972515319830 [call_to_action] => Let's Chat [message] => Let's Chat [size] => normal [position] => right ) )
    Let's Chat
    TimelinesAI