Product Security Lead
CurrentSecuring products of Brokerage, Depository and Trading Platforms. Achievements:- redesigned security of 7 outdated business processes and 5 legacy systems in transition to microsevices.- managed to justify the need for centralised authentication, authorisation, audit and logging. - justified single sign-on (SSO) solution, as well as OAuth 2.0 and MFA.- required mandatory verification of investors’ phone numbers and e-mails, reducing the risk of identity theft.- secured a revocation of unjustified access of users to investors’ personal data.- promoted and implemented OWASP standards and guidelines, such as SAMM, ASVS, WSTG, Cheat Sheets, etc.