Kirill Korovin

English, Russian
đź’ľ PDF Version
✉️ r00t@skvoter.xyz
đź’¬ telegram
👨🏻‍💼 linkedin
👨🏻‍💻 github.com

Software/Security Engineer


I’m an engineer with 9 years of experience across different tech roles, from software development to penetration testing and everything in between. I’ve worked with a lot of different technologies and stacks, but Python is my go-to. I’ve been part of teams of all sizes—from small 5-person startups to 3,000-strong corporations—and have worked on systems ranging from monolithic to microservices and serverless (which I prefer). I’ve also led projects and small teams, taking ownership of tech decisions and development.

On the security side, I’ve worked as a penetration tester, doing security audits for web and mobile apps (AppSec). I’ve got a solid understanding of different attacks, tools, and audit frameworks (like OWASP). While working as a developer, I also brought security into the spotlight for my teams—integrating security checks into CI/CD and helping teammates understand secure coding practices.

Skills


🏷 backend engineering
python rest asyncio fastapi typescript graphql postgresql cloud computing aws lambda django flask rabbitmq celery redis
🏷 infra
linux git docker continious integration/deployment jenkins travis ci
🏷 other
system architecture owasp penetration testing pyqt c# unity3D trunk development

Experience


Altdevlab

Software Engineer / Techlead (Nov 2023 - Present)
python fastapi taskiq litestar microservices k8s docker

Led multiple fintech and crypto-related projects. Initially stabilized a complex legacy system for one project (processing platform), ensuring smooth operation and scalability. For another project, built the appeal service from scratch with a small team of two, later becoming the lead developer responsible for technical improvements and product development. Oversaw architecture decisions, optimized performance, and coordinated with cross-functional teams (e.g DevOps and TechSupport).

Welltory

Backend Developer (Oct 2022 - Oct 2023) 1 yr
python django celery aws s3 microservices postgresql docker

Been a part of a neewsfeed team, supporting and developing one of the core features of the app. Helped optimitizing the microservice architecture, dealing and refactoring with legacy (both features and the whole architecture parts) while maintaining the current system and doing team duty responsibilities (incident response etc)

Freelancing

Backend Developer (May 2022 - Sep 2022)

Helping different companies and teams with their needs.

As an example of recent projects, implemented a cache function (and a warm up strategy also) for a couple of the Trackingplan critical endpoints, which speeded the response time from average 8-10s up to 1-3s. As a result, this cache was also applied to 4 more endpoints, thanks to it's generic and customizable architecture and very small additional cost overhead.

Seez

Backend Developer (Jan 2021 - Apr 2022) 1 yr 4 mos
python typescript graphql aws lambda serverless postgresql docker trunk development

Developed some of the key integrations (such as car listings providers) which helped marketplace to get 600+ cars to the inventory soon after launch

Sensorium

Backend Developer (Feb 2020 - Jan 2021) 1 yr
python django drf docker redis rabbitmq nginx postgresql celery travis ci

Set up and maintained CI/CD at early stage of the product development which reduced a lot of manual work for developers, decreased the human error risk and gave more space for the team to scale properly (including hiring a DevOps).

Group-IB

Penetration Tester (May 2018 - Feb 2020) 1 yr 10 mos
burp suite python poc development scripting metasploit owasp openwrt

Implemented a lot of web application security audits, finding vulnerabilities in both front-end and backend, as well as infrastructure, explaining and providing fix recommendations for clients, so I have the knowledge of how to write secure code and teach others to do so
Read a tone of source code of various quality, complexity and languages while doing whitebox audits, familiarizing myself with a lot of different development patterns as well as anti-patterns, also variety of technologies i had to work with made me a faster learner
Researched systems of different scales from webapps to external and internal infrastructure clusters, so i have a solid understanding of infrastructure architectures and networking

Social Systems disbanded, website is down

Junior -> Middle Backend Developer (Jun 2017 - May 2018) 1 yr
python django drf nginx postgresql celery django-channels websockets

Aside from my main responsibilities, introduced secure development principles to the team and fixed a couple of security code issues in other company products (not being a developer of them), some of them saved the company from the possible abuse of in-app currency.

Kaspersky Lab

Technical Writer (Jun 2015 - Dec 2016) 1 yr 7 mos
english communication skills general computer knowledge tfs word

In close collaboration with administrators and developers provided and maintained documentation for some of the critical internal infrastracture services, such as corporate mail, corporate cloud etc. for all the support tiers, from Service Desk to the Monitoring and even admins and devs themselves which helped me to get broad technical base in the start of the career.

Education

Higher School of Economics Moscow, Russia


Master's degree (2017 - 2019)

Computer and Information Systems Security / Information Assurance

Bachelor's degree (2013 - 2017)

Computer Engineering


And, among other things and being a developer, i am also an open-minded interesting guy who just likes talking to the people and knows that communication is the key, so let's just talk!