GO BACK
available
Oana C.
Sysops Engineer

Romania-Bucharest

9+ years experience

Interested in this profile?

620€/day

PROPOSE A MISSION

MY EXPERIENCE

Fitbit

Jun 2018

Security Engineer

- Part of the Product Security team - performing penetration testing (web, mobile, infrastructure) and application security tasks (architecture reviews, code reviews, security testing) - Consulting on architectural design decisions: web applications, SSO for mobile apps, account unification for a newly acquired app (web and mobile) and security monitoring tools integration

Amgen

Feb 2016 - Feb 2018

IS Security Engineer

- In the first year I was a SecureWorks contractor (Security Systems Senior Advisor) for Amgen and after that worked directly for Amgen - Penetration testing of critical systems (web and mobile applications, web services, internal network servers) - Implementing a secure development lifecycle process and provide application security consulting - Leading the penetration testing and vulnerability management teams - Occasionally participate in incident response investigations - Participation on the security awareness program

RAIFFEISEN ROMANIA

Apr 2015 - Feb 2016

Security Analyst

- Perform risk assessments, architecture reviews and security testing for both network and applications (web and the mobile banking app) - Analyze security policies and recommend changes - Firewall audit - WAF configuration - Security awareness (conduct presentations for employees regarding application security and company security; run a phishing campaign)

ELECTRONIC ARTS ROMANIA

Jul 2012 - Apr 2015

Application Security Analyst

Application penetration tester.  - Involved in application security testing process. (web, mobile, web services, thick client, console for internal and external applications and major EA titles)
- Performed pentests on the API infrastructure for the mobile games - Contributed to the initial OWASP iOS Application Security Testing Cheat Sheet (which is now part of the mobile testing guide) - Evaluated security of applications and services that used various technologies. Knowledge of web technologies and vulnerabilities: HTML5, PHP, .NET, Java, JavaScript, jQuery, XML, JSON - Worked on internal testing methodology and the risk scoring model.  - Performed architecture reviews, manual testing and vulnerability scanning with automated tools like Qualys, WebInspect and Acunetix

Leader of the OWASP chapter in Bucharest

May 2013 - Apr 2015

-

Volunteering - Organized local chapter meetings and events: https://www.owasp.org/index.php/Bucharest

ISEC ASSOCIATES SRL

May 2010 - Jul 2012

Security consultant

Penetration tester  - Involved in projects that required network and application security assessments. Used tools like: Acunetix Vulnerability Scanner, Nessus - Familiar with RSA SecurID solution

Spoken languages

GERMAN: Beginner

ENGLISH: Advanced

Newest members that made a profile

ACCESS OUR FREELANCERS

CONTACT US

OK