2, not married) Birth date: 09-09-1984 Phone: 40726754720 Mobile phone: 40726754720 Email: tiron_adrian@yahoo.com Driving license: Yes Objective - Targeted job: Full time Desired job locations: BUCURESTI Mobility: Only abroad Willing to travel: Up to 50% of my working time Experience Experience by domains: IT / Telecom Software / Programming - 8 years Senior IT Security Consultant (Full time) Period: 2012-05 <> present Company and location: KPMG ROMANIA SRL, BUCURESTI Job domain / occupation: Software / Programming Web Application Security Specialist (Strong knowledge in PHP language and PHP internals) Network Penetration Testing and exploitation. OSCP (Offensive Security Certified Professional, OSCE is next) OWASP top 10 follower. Modifying exploits in ruby/perl/python. Performed manual/automatic pentesting for web applications, internal pen-testing and mobile applications. Created a patch for beef which allows proxying on a ssl hooked domain (basicaly sslstrip functionality) Created an action script POC for sending requests crossdomain where crossdomain.xml allows it (started from MalaRia Proxy project) Basic reverse engineering on malware. Research on php internals and php security (MOPS 2007 & MOPS 2010). -used tools like Burp suite, w3af, arachni, Appscan together with manual checks. Now I'm studying reverse engineering, writing exploits for the windows platform and also php exploits from MOPB by Steffan Esser. -pentesting mobile applications, especially android apps, modifying smali code. -DEFCAMP 2012 Speaker "On PHP Random numbers" -keeping up to date with the latest news from conferences around the world, blogs, twitter etc. ps: i have started to learn the german language (using duolingo.com and german.about.com)but i am a beginner so i would prefer the interview to be in english. Sr. Web Developer at PRO TV(CME) (Full time) Period: 2008-03 <> 2012-05 Company and location: PRO TV SA, BUCURESTI www.BestJobs.ro - Cel mai popul ar servi ci u de recrutare onl i ne di n Romani a! Job domain / occupation: Software / Programming - developer, Architect, Security guy. - co Team-leader since Dec 2010 - i have developed/optimized/secured the following high traffic websites (250-300K unique visitors daily each): www.stirileprotv.ro www.protv.ro www.sport.ro etc - scanning our websites for bugs, did code reviews and worked together with the sysadmins in case of incidents (used Acunetix, w3af, wpscan etc). - contributed with patches to WPscan/bug fixing. - project manager in Slovenia to facilitate the migration to the common 'cme-cms' platform - various patches in Zend Frameowork. - modules developed: Agreggator class for css/js, 2nd level cache system, extending Zend's Model, Request(with Sanitization), Controller etc -RE some exploits packs like Phoenix and Eleonore (javascript/php/java etc). -small patches to OWTF/bug fixing -digging trough code of open source projects like sqlmap, metasploit, whatweb, w3af, nessus plugins(nasl language) etc. - mentoring team members on coding best practices and security problems. Senior Web Developer (Full time) Period: 2007-03 <> 2008-01 Company and location: LIBRA BANK, BUCURESTI Job domain / occupation: Software / Programming PHP/Mysql/Javascript Developer: Websites: www.librabank.ro www.internetbanking.ro www.paginamedicala.ro -intranet application to ease the work-flow of the Sales Team Cms used: Drupal Template System: Smarty Web developer and SysAdmin (Full time) Period: 2004-09 <> 2007-03 Company and location: Two Rasty SRL, BUCURESTI Job domain / occupation: Software / Programming -this company created the first payment processor in Romania, www.leuvirtual.ro(unfortunately the company went bankrupt and you won't find these websites online) -here i started working and learning about the Security field, XSS, Sql Injection, logical bugs etc, because we were building an aplication which used real money and we had to be very careful. www.leuvirtual.ro www.smith.com.ro www.bidding.ro www.smith.com.ro www.lionexchange.net -sysadmin job, managing servers like apache, mysql, ftp, dns,iptables etc. -optimizations on apache and mysql. www.BestJobs.ro - Cel mai popul ar servi ci u de recrutare onl i ne di n Romani a! Education University (graduate) Dimitrie Cantemir University, Finance, Banks and Economics (2006 - 2009), BUCURESTI Major: Banks Finances University (graduate) Politehnica University, (2003 - 2005), BUCURESTI Major: Computer Science Skills Programming languages php 5/c/c++/asm/Java PDF format Javascript for Adobe Acrobat RDBMS: Mysql,Mssql,Pgsql N0-SQL Redis,Mongodb Scripting languages: python, ruby, rails, perl, bash scripting, nasl Foreign languages English - Advanced Competencies Hobbies ZFCE certified http://www.zend.com/store/education/certification/yellow-pages.php#show- ClientCandidateID=ZEND010805 Books i've read: Extending and Embedding PHP Sql Injections Attacks and Defense The Web Application Hacker's Handbook 1&2 The shellcoder's handbook Gray Hat Hacking 3rd Edition etc. www.BestJobs.ro - Cel mai popul ar servi ci u de recrutare onl i ne di n Romani a!