Андрій Ветеран

[Andrii]
QA Automation | Security Analyst | DevOps
📧 [открыть контакты](см. выше в блоке «контактная информация») | 📱 [WhatsApp:[открыть контакты](см. выше в блоке «контактная информация») ]

Professional Summary

Highly versatile QA Automation Engineer, DevOps Engineer, and Security Analyst with 7.5
years of experience across the full Software Development Life Cycle (SDLC). Proven track record of
taking full ownership of high-stakes projects—from gathering client requirements and backend
development to executing complex risk mitigation plans. Accomplished in building scalable
frameworks (PHP, Python), managing containerized infrastructure, and implementing NIST 800-
53 controls to ensure secure, high-performing applications.

Technical Skills

•Testing & Automation: Codeception, Selenium, pyTest, PHPUnit, End-to-End (E2E) Testing.
•Security & Compliance: NIST SP 800-53, OWASP ASVS, Threat Modeling, SCA Analysis,
HashiCorp Vault, Suricata IDS, DependencyTrack, OWASP ZAP.

•Development & DevOps: PHP, Python, Git, Docker, Kubernetes, Linux SysAdmin.
•Monitoring & Databases: Prometheus, Grafana, Postgres, MySQL.

Professional Experience

Software Developer, QA Automation & DevOps Engineer | 6 Years

•Ownership & Product Delivery: Actively participated in the product development lifecycle by
gathering client needs and translating them into technical requirements, ensuring final delivery
met both user expectations and quality standards.

•Backend Development: Developed and optimized server-side logic and database schemas
using PHP and Python, focusing on high availability and secure data processing.

•Containerization & Infrastructure: Orchestrated microservices and managed deployment
environments using Docker and Kubernetes.

•Framework Development: Built and maintained robust automated test suites
using PHPUnit and Codeception (PHP) alongside pyTest (Python).

•UI/UX Quality: Developed end-to-end automated tests with Selenium to ensure seamless user
experiences across multiple web applications.

Security Analyst | 2.5 Years

•Compliance & Risk: Conducted comprehensive risk assessments and implemented
security/privacy controls based on the NIST SP 800-53 framework for high-stakes projects.

•Cross-Functional Leadership: Created detailed security tasks for Dev and DevOps teams to
protect data at rest/transit and integrated SCA (Software Composition Analysis) into the CI/CD
pipeline.
•Incident Response & Tooling: Built a restricted shell tool for support teams and established
custom Prometheus/Grafana alerts for resource exhaustion and suspicious activity.

•Stakeholder Liaison: Orchestrated third-party penetration testing and served as the primary
liaison between external security teams and internal management to translate findings into
actionable remediation.

Professional Strengths

End-to-End Project Ownership | Client Requirement Gathering | Security-First
Development | Cross-functional Collaboration