Who am I?
Hi! I’m Sergiu, welcome to my profile
I am a Full-stack developer that in the years has expanded his horizons into Cybersecurity, especially in web application security. When I’m not coding or learning something new, I enjoy exploring mountain trails, discovering the latest game releases, and catching new films at the cinema. With experience spanning both small family businesses and the European Central Bank, I have developed a degree of flexibility and adaptability to diverse work environments. Throughout my career, I’ve had multiple instances where quick thinking under pressure was necessary for solving issues and reduce to a minimum the impact on the business. I work well within a team as I strive to achieve engagement and cooperation with everyone involved, yet I’m equally effective working autonomously. I worked with people from varied backgrounds and with differing perspectives, which strengthened my abilities in clear communication, creative problem-solving, and critical decision-making, especially when aligning solutions with client needs while still defending my choices. I strive to give my best in all the projects I work on and I am proud of the results I deliver, and am committed to leaving behind a clean, well-documented legacy. If you believe we could collaborate or if you want to discuss exciting opportunities, feel free to reach out. Cheers!
Education
The course offers a mostly theoretical yet diverse curriculum in Cybersecurity, with topics such as Ethical Hacking, Biometrics and Risk Management. Initially I had chosen this path as a way to broaden my knowledge in web application security, and then I quickly realized how vast the Cybersecurity panorama really is. Over time I have merged what I learned as a developer and an IT security specialist; I believe the two are complementary and can benefit each other. Studies continue to this day alongside my professional career.
The programme combined computer science and communications courses, leaving the choice to the student on which specialization to focus and earn the degree. This option was chosen over a more traditional path since I believe that, while having a strong technical knowledge is vital, the tools that I develop serve people, therefore communication is as important.
Work Experience
Starting first as a Trainee and later as a Specialist in the SOC team, my main responsibility involved maintaining and further developing an internal tool designed to manage the complete lifecycle of security detections, from ideation, through deployment to the SIEM, and ultimately retirement.
- The technology stack primarily consisted of Django, Gitlab CI/CD tools, Vue.js, Bootstrap and Docker.
- DevSecOps practices were implemented by having unit testing, static code analysis, linting, package auditing and SBOM analysis to name a few.
- Implemented SAML Single sign-on and a Role-based access control system.
- I was responsible for migrating the tool to a cloud-native environment on AWS using Terraform (IaC).
- Had the opportunity to coordinate an international working group that involved multiple partner institutions in the context of a joint project effort.
- Additionally I supported my team in various other tasks with different degrees of involvement, such as dashboard development in Splunk, automating incident responses through the SOAR platform, detection engineering and investigative work.
The development team consisted of just two people, so in addition to core development tasks, operational responsibilities related to DevOps were also undertaken.
- I was involved in all phases of the software development lifecycle across multiple products, including client support and training.
- The main technology stack was composed by Laravel, Vue.js, MySQL, Bootstrap and/or Tailwind CSS depending on the project.
- Implemented SAML Single sign-on (SPID) and a Role-based access control system.
- Operational duties involved managing our Linux based hosting environments via either Plesk or command line in order to patch the systems, configure the firewall, manage the IDS/IPS and WAF rules, set the backup plans, configure and monitor the logs of system and apps.
- I started working with AWS, particularly in designing and implementing a translation system using AWS Lambda, Translate, and API Gateway, along with planning the migration of existing platforms to a cloud-native environment.
In the brief time I worked here as an Intern I’ve learned the basics of web development by creating a small application in Laravel, which later on was used as the subject of my bachelor degree thesis.
Certifications
Certified OSWEs have a clear and practical understanding of white box web application assessment and security. They’ve proven their ability to review advanced source code in web apps, identify vulnerabilities, and exploit them.