Lazar Milic
Belgrade
Summary
Product security engineer with years of experience in Security. Specialized in Web Application Penetration Testing. Built several security focused programs in Python. Managing several different enterprise security tools.
Overview
3
3
years of professional experience
1
1
Certification
Work History
Product Security Engineer
BlackRock
09.2024 - Current
- Regular Web application and AI penetration testing
- Managing Akamai WAF rules and Bot protection
- Part of the DDOS protection project, using various tools to test the WAF and internal infrastructure
- Leading the development and usage of several tools, including API security scanners, and an AI Penetration Tester (XBOW)
- Managing penetration tests done by external clients
- Leading the usage of Noname API security, allowing us to react to malicious API queries in real time, and perform regular scans using Noname Active Testing
Application Security Engineer
United.Cloud
10.2022 - 09.2024
- Part of a small team responsible for protecting the entire infrastructure, and improving pipelines and CI/CD
- Regular Web and Android penetration tests (Eon.tv and many more internal web applications)
- Administration and analysis of Crowdstrike Falcon EDR platform
- Phishing simulations and education of teams
- Administration of the company's docker repository (Harbor)
- Regular source code reviews (Java, Python, Javascript)
- Built a Slack bot in Python that generates dynamic credentials for our databases using Hashicorp Vault. Application was dockerized and deployed in Kubernetes, Jenkins and Gitea
- Built a tool for internal port scanning, website discovery and vulnerability scanning. The program would store the results in a MongoDB database and return differences for each scan, allowing us to proactively work on new ports and web applications being open
System Analyst
Euronet Worldwide
05.2022 - 10.2022
Education
Bachelor of Science - Computer Science
Faculty of Management, Economics And Finance (MEF)
Belgrade01-2024
Skills
Web application penetration testing
Android penetration Testing
Application Security
CICD
Python
Akamai/Noname API security
Crowdstrike
Product security
Certification
API Security Certified Professional - https://www.credly.com/badges/1c530e1d-2ec5-40a8-92ec-753ff4c9de00/linked_in?t=slpsr0
Timeline
Product Security Engineer
BlackRock
09.2024 - Current
Application Security Engineer
United.Cloud
10.2022 - 09.2024
System Analyst
Euronet Worldwide
05.2022 - 10.2022
Bachelor of Science - Computer Science
Faculty of Management, Economics And Finance (MEF)
Similar Profiles
Entisar AbdulkadirEntisar Abdulkadir
Cyber Security Engineer at BlackRockCyber Security Engineer at BlackRock
POONAM GANGWARPOONAM GANGWAR
Transaction Management - Claims and CSDR Penalty at BlackRockTransaction Management - Claims and CSDR Penalty at BlackRock
James D Sichenzia CFAJames D Sichenzia CFA
Director, Product Specialist at BlackRockDirector, Product Specialist at BlackRock
Stan TwedtStan Twedt
Heavy Equipment Operator at Big Sky Land ManagementHeavy Equipment Operator at Big Sky Land Management
Tracy WrightTracy Wright
Elementary General Music Teacher at Augusta SchoolsElementary General Music Teacher at Augusta Schools