Save browser page to PDF

Mariia T.

Mobile Developer

Experience: 15.5 years

About Me

Effective and efficient Security professional. Experienced in a large enterprise environment and a rapidly growing company. Capable of organizing, facilitating, and performing Security services, managing customers’ and stakeholders’ expectations. Proven ability to work autonomously and deliver results in line with organization and department goals.
– Burp.
– Netsparker.
– Qualys SSL labs.
– Scripting languages: PowerShell, Python.
– Experience with serverless solutions.
– API testing.
OWASP member. Certified in AWS.



Akademia Pedagogiczna im. Komisji Edukacji Narodowej w Krakowie


Bachelor’s degree in Mathematics

Work and Experience


Information Security Analyst

October | 2020 - July | 2021


– Work with on-prem and cloud-native security tools (Splunk, CIS scanner, etc.).
– Help build a culture of security through continual advocacy and knowledge-sharing sessions with my technical and non-technical colleagues.
– Run regular security awareness sessions. Designed training plan for onboarding.
– Work with the development teams to set up automation tooling as part of DevSecOps process.
– Manage vendors through engagements such as third-party vulnerability assessments.
– Designed business-process of remediation of security findings and communicated it to stakeholders.
– Validate remediations of vulnerability findings (toolset: nmap, sqlman, burp, burp collaborator)
– Involved in internal and external audits.



October | 2016 - July | 2021

Dr.Clown Founation

Contributed to Poland wide volunteer program related to visiting ill kids in hospitals in clown costume.


InfoSec Analyst System Integration

December | 2018 - September | 2020

Philip Morris International

Providing IT security expertise throughout the implementation of new cloud-based SaaS/PaaS systems by:
– Performing security due diligence of potential vendors.
– Designing and documenting authorization concept (users and roles definition) in line with security requirements and best practices.
– Integrating with company’s identity and access management (IAM) system.
– Identity and access management implementation.
– Performing criticality and risk assessments of services and systems together with business customers and embedding mitigating controls.
– Performing vulnerability scans / penetration tests for web-based applications inline with OWASP methodology.
– Facilitating security scans performed by third party contractors: set-up scope, review the results, follow up remediation steps.
– Assuring system compliance with corporate policies & procedures, FDA GxP regulations or/and EU General Data Protection Regulation (GDPR).
Experience with security design for below systems:
– AWS based solutions (including serverless solutions).
– SAP Power Designer.
– Power BI.
– Qualtrics.
– Telegram Bots.
Trainer for programming and informatics.


Trainer for programming and informatics

December | 2017 - December | 2018


– Provide beginners programming training courses in Python, Java, Pascal and C++ to Polish pupils.
– Showing basic principles of HTML and JavaScript.
– Use Scratch and resources for smallest kids (from 4 to 13 y.o.).


Mathematics Teacher

March | 2009 - December | 2018


Personal tutoring in areas of higher Math, Informatics, Statistics and Programming for Students



January | 2008 - May | 2012

Advita Fund USA

Took part in fundraising activities for cancer patients in Russia


Request Details

Mariia T.