Vadym R, Security Engineer & Penetration Tester
Summary
- Bachelor's and Master's degree in Cybersecurity with a focus on application design, coding, static and dynamic analysis.
- Expertise in full-cycle testing of mobile applications, web applications, and AWS cloud environments.
- Identifying and exploiting vulnerabilities in mobile systems using both automated and manual techniques, whitebox and blackbox testing.
- Proficient in a wide range of testing tools and frameworks, including Frida, Jeb, Burp Suite, OWASP ZAP, Ghidra, and Metasploit.
- Possesses a deep understanding of the latest mobile and web application security threats, trends, and best practices.
- Experience in reverse engineering of mobile applications and APIs, blackbox testing, and dynamic and static analysis.
Main Skills
Security
Programming Languages
Mobile Frameworks and Libraries
JavaScript Libraries and Tools
Cloud Platforms, Services & Computing
Industry Domain Experience
QA, Test Automation, Security
iOS Libraries and Tools
Other Technical Skills
Work Experience
Mobile/Api Security Engineer, Mesh (ex Font Finance)
Duration: 2023 - now
Summary:
- Reverse engineering of mobile applications and APIs, blackbox testing, dynamic and static analysis.
- Experience with native applications, React Native, Xamarin, Flutter.
Mobile Security Pentester, Red Team Activities (Samsung Electronics Ukraine)
Duration: 2019 - 2021
Summary: Full cycle of Red Team activities aimed at finding vulnerabilities in web applications and cloud infrastructure
- Was a part of the team that created and checked the tasks for SCTF 2021/2022
- Pentested the trust zone of the mobile processor
- Participated in planning and conducting Red Team assessment of the entire mobile operating
system and creating POCs from the chains of found vulnerabilities
Responsibilities: Pentesting, Red Team assessment
Technologies: Web Application Security, Cloud Infrastructure
Mobile Security Pentester, Android Application Testing (Samsung Electronics Ukraine)
Duration: 2017 - 2019
Summary:
- Full cycle of Red Team activities aimed at finding vulnerabilities in web applications and cloud
infrastructure. - The activity required a full process: from OSINT to full takeover of cloud accounts.
- Experience in blackbox and whitebox applications testing created for Android OS. Using OWASP MSTG at work. Created exploits for found vulnerabilities.
Responsibilities: Application Testing, Exploit Creation
Technologies: OWASP MSTG
Software Developer, IoTivity (Samsung Electronics Ukraine)
Duration: 2016 - 2017
Summary: Membership of the security team in an open source project called IoTivity.
Responsibilities: Software Development
Technologies: IoT, Software Development
Education
- Master Degree in Cyber Security
2021 - 2023 - Bachelor's Degree in Cyber Security
2017 - 2018