About Vasyl
Security engineer with 10+ years of experience securing cloud-native, fintech, and AI/ML environments. Specialized in secure architecture design, SSDLC enablement, and DevSecOps automation. Proven success embedding security into developer workflows, leading secure design reviews, and building scalable AI/ML defense architectures. Drives adoption of security guardrails aligned with SOC 2, ISO 27001, PCI DSS, and GDPR. Experienced in leading Security Champions programs, developer security training, and product security strategy. Passionate about trustworthy AI, data security, and engineering culture transformation.
English
Native or bilingual
Can work on-site
Rzeszów (up to 50km)
Experience
- RailsrSenior Product Security EngineerJanuary 2025 - October 2025 (9 months)• Lead secure architecture reviews across fintech microservices and multi-cloud environments (AWS/GCP).• Established a mature SSDLC framework with automated SAST/DAST/IAST integrations in CI/CD pipelines.• Designed and implemented policy-as-code for IAM, encryption, and network segmentation.• Enabled systematic threat modeling for financial APIs and payment data flows.• Participated in compliance readiness for PCI DSS, SOC 2, and ISO 27001 certifications.• Initiated and managed a Security Champions Program to scale product security culture across engineering teams.• Developed developer security training and workshops to embed secure coding practices.• Built security metrics dashboards to measure and communicate product security KPIs to leadership.• Collaborated with product and engineering leaders to align security controls with business objectives.• Drove adoption of threat intelligence and vulnerability management workflows integrated into Jira and CI/CD.
- Get-AnswerCo-Founder & CTO & CISO (Part-time)October 2023 - Today (2 years and 8 months)• Built secure AI automation platform integrating LLMs with browser-based execution.• Designed AI security architecture addressing prompt injection, data leakage, and model integrity risks.• Developed a secure authentication and authorization system.• Implemented OAuth2.0, encryption at rest/in transit, and runtime anomaly detection with ML-based models.• Established security-by-design principles and code review.• Led privacy risk assessments and established internal security policies.
- Chegg Inc.Senior Application Security EngineerJanuary 2022 - February 2025 (3 years and 1 month)• Designed secure architecture for fraud detection systems and large-scale API integrations.• Integrated CI/CD-based scanning (SAST, DAST, IaC, dependency) into developer pipelines.• Implemented security SLAs and risk scoring for findings management.• Developed fraud detection telemetry through behavioral analytics.• Conducted regular threat modeling and design reviews for new features and infrastructure changes.• Collaborated with engineering managers to build and mentor a global Security Champions network.• Managed bug bounty triage and responsible disclosure program.
Recommendations
Be the first to recommend Vasyl
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master's degree, Computer and Information Systems Security/Information AssuranceNational Aviation University2015Master's degree, Computer and Information Systems Security/Information Assurance