Worky Logo
Close this
Software Development
Cloud Computing
Database Management
DevOps and Tools
Mobile Development
Programming Languages
Quality Assurance and Testing
Web Development
Design
Branding and Identity
Graphic Design
Product Design
User Experience Design
User Interface
Web Design
Growth & Marketing
Content Creation
Digital Marketing
Marketing Analytics
Marketing Automation
Marketing Research
Product Marketing
Project Management
Tools
User Experience (UX) Design
Project Management
Agile Methodologies
Budgeting and Cost Control
Project Planning and Scheduling
Quality Management
Risk Management
Stakeholder Management
Product Management
Analytics and Metrics
Market Research and Analysis
Product Development Lifecycle
Product Strategy
User Experience
Financial Services
Compliance and Regulation
Financial Analysis
Financial Technology
Insurance
Investment Banking

At Worky, we redefine the talent selection process, delivering unparalleled value to our clients.

Start Hiring
Worky Logo
Close this
Worky FAQs Got Questions? No worries! Check out our FAQ guide for clear answers on how to apply and what to expect.

At Worky, we transform freelancing, connecting you with exceptional opportunities.

Apply now

Iliana Saer

Development
OR, United States
Hire Talent

Skills

Node.js
Cybersecurity
Computer & Network Security
Python

About

Cyber/Software Security Engineer with a background in development. Familiar with various languages & frameworks and have successfully identified exploitable vulnerabilities during the software development lifecycle. Well experienced in active threat hunting/assessment and have utilized various offensive and defensive security posture tools & techniques to verify network & software security concerns in addition to assessing the secure SDLC in accordance with frameworks such as NIST 800-53, NIST 800-171, ASVS, OWASP, and CIS.
View more

Acomplishments

Identified possible common malware frame during binary analysis using custom written python script to scan PE headers for malicious files identified by AI driven antivirus
Caught risky dependencies in deployed containers such as cURL and referenced java libraries which utilized vulnerable versions of log4j

Work Experience

Sr Application Security Engineer

GEICO
October 2023 - October 2023
  • During my brief time in this role I helped initiate changes in process for the AppSec org as well as create a roadmap and begin implementation for security scan aggregation from various current and proposed tools into DefectDojo.
  • Additionally, I performed research into various open source security aspects for various tools the AppSec org was considering.
  • Reason for departure: Shortly after I was hired, a decision was made to return remote workers into the office which was not possible in my situation.
  • Tools Used: - Veracode - Semgrep OSS - DefectDojo - Azure Devops - Docker - Dependency Tracker - OpenSSF Scorecard - Codality Skills Required: - Linux - Python scripting - Azure - AppSec Program Planning - Application security - Container security - Open-source security

Application Security Lead

Pearson VUE
November 2022 - February 2023
  • As an AppSec Lead at Pearson I was in charge of an AppSec team overseeing the VUE project within Pearson.
  • This consisted of about 5-20 development team engagements at any given time.
  • During this role I performed various functions within a secure SDLC aligning with security frameworks such as NIST 800-53, ASVS, CIS Benchmarks and OWASP standards and setup CI/CD pipelines and functions within Azure Devops, Github Actions, and TeamCity.
  • Development team engagements included manual code reviews, application security assessments, threat modeling exercises, architectural reviews and security scan findings triage/prioritization.
  • Many project teams operated within a FedRAMP or StateRAMP compliance environment where SLAs were strict and POA&M reports generated on a monthly basis.
  • Responsibilities Include: - Lead team of appsec engineers - Lead internal pentesting efforts - Conduct vendor assessments for potential security tools.
  • Implement threat modeling exercises with development teams.
  • Ensure security practices meet regulatory compliance requirements.
  • Configure IaC, SAST, DAST, IAST, SCA automated scans (via pipeline and direct).
  • Provide security education for advanced topics such as a Kubernetes.
  • Application code reviews - Use python scripting to achieve automation in CI/CD pipelines.
  • Skills Include: - Azure - Python / Java / .NET - Kubernetes - Contrast / Checkmarx / Blackduck / Checkov / Qualys / Kenna / Azure Defender - Windows & Linux OS.
  • Threat hunting / Pentesting - Infrastructure security - FedRAMP / StateRAMP - Python

Application Security Engineer

World Wide Technology
December 2020 - July 2022
  • In this role I worked with various security posture technologies and techniques.
  • These include application and network threat assessments, SAST/DAST/SCA and Container scanning tools with CI/ CD integration/automation, password cracking/brute force tools such as Hydra, offensive security OSes such as Kali and ParrotOS, binary decompilation and malware forensics tools such as IdaPro, and a plethora of others.
  • Tools used in this role: checkov, wizcli, Gitlab SAST, Polaris, Coverity, Veracode, MobSF, Xamarin security scanner, OWASP ZAP, Burp Suite, Passionfruit, BlackDuck, grype, docker scan, ECR container scan, Ghidra, idaPro, winDbg, nmap, metasploit, dig, curl, hydra, PEfile, adb, objection, frida, procdump

Sr Software Engineer

World Wide Technology
November 2019 - December 2020
  • While in this role I worked on a variety of different technologies for various clients of WWT. Notably I lead an effort to improve upon and fill in gaps (where any existed) in the DevOps, AppSec, and DevSecOps, in addition to regular engineer duties for our teams.
  • Technologies used: NodeJS, ReactJS, C#, JavaScript, .NET Core, PostgreSQL, Kubernetes, Azure, AWS, NGINX, Hashicorp Vault, Jenkins, Gitlab CI, Veracode, Kotlin, SpringBoot, ExpressJS, Entity Framework, Sequelize, CypressJS Lead Software Engineer IOTAS Acquired by ADT.

IOTAS I
April 2019 - September 2019
  • I worked on applications embedded at the edge as well as cloud applications and developed systems to help them facilitate an integrated smart home network.
  • Most notably I single-handedly revamped how we approach automation in a rules-based system to coordinate behaviour between smart devices across the field.
  • I also designed the architecture for our projected service-to-service cloud security solution with managed service-level JWT-based permissions, effectively limiting attack vectors across our entire system.
  • Technologies used: Java, NodeJS, Javascript, TypeScript, Microservice Architecture, AWS Lambda, TomCat, AWS S3, PostgresQL, SQL, NoSQL, MQTT, AWS IoT, Embedded Software, Docker, AWS ECS, AWS Fargate, AWS EC2, AWS KMS, AWS SQS, AWS DynamoDB, Z-Wave, Zigbee, AWS CloudWatch, Datadog, Terraform, AWS RDS, AWS API Gateway (w/ Custom Authorizers), AWS CloudFront, Swagger, OpenAPI.

Sr. Software Engineer

Nike
June 2018 - April 2019
  • Contract position while in this position I worked on a variety of different applications aimed at providing new means of automation where inventory management solutions are concerned. These projects are achieved in a cloud environment with many SaaS applications interacting with each other constantly.
  • The projects I worked on varied from RFID implementations with IoT, to writing scalable (to the millions) stress tests, to standing up infrastructure for QR encoding.
  • Notably, during my time at Nike, I was single-handedly implemented a cloud-based solution to our devops processes with significant improvements in terms of service reliability and resource management.
  • Technologies used: Microservice Architecture, AWS DynamoDB, AWS SQS, AWS ElasticSearch, Docker, Scala, Java, NodeJS, AWS Lambda, AWS EC2, Asgard, Akka, AWS Kinesis, OAUTH, Jenkins, GraphQL, Zebra (ZPL)

Software Architect

Cayuse
July 2017 - May 2018
  • At Cayuse I have designed multiple systems that have helped the business as a whole, most notably creating an SSO portal to work between two different authentication systems while we migrated from one to the other (which got specialize recognition from our end-users).
  • I had plenty of hands on experience managing our cloud infrastructure using AWS, including implementing AWS Lambdas to improve scalability and performance, using AWS CloudWatch to improve logging, implementing AWS S3 for report storage, as well as working with AWS Cognito to improve the way we authenticate our end-users.
  • Technologies used: Scala, NodeJS, Javascript, Microservice Architecture, AWS Lambda, AWS Cognito, Java, AWS S3, Spring, AWS DynamoDB, AWS ElasticSearch, Keycloak, SSO, Docker, NoSQL, Akka, Vert.x

Lead Developer

March 2016 - February 2017
  • In this position I manage a team of developers in order to accomplish goals in an effective and orderly manner. I manage both front-end, back-end, and full-stack developers as well as write code on projects that I oversee. Overview of technologies used: Ruby / Ruby on Rails / PostgreSQL / Bootstrap / CSS3 / HTML5 / jQuery / Javascript / SASS / Heroku / Git / CentOS / AWS / WordPress / PHP / MySQL / Apache / Rspec / Swift / Beacon Technology

Web Developer

VetPros Incorporated
January 2015 - December 2016
  • At VetPros, I was in charge of both server side and front end aspects of the website.
  • My initial role onto the team was a front end developer, using the technology stack Bootstrap/CSS3/HTML5/jQuery/ JavaScript.
  • Shortly after being brought on board to the team, I excelled in my position and began to thrive even on the back end of the web server, where I now maintain the additional code base using Scala, Play, PostgreSQL, and function and imperative programming paradigms.
  • I work in a team to produce satisfactory outcomes by expected deadlines in an orderly and concise fashion.
  • Overview of technologies used: Scala / Play Framework / PostgreSQL / Akka / Bootstrap / CSS3 / HTML5 / jQuery / Javascript / SASS / LESS / Heroku / Git
  • Global IT Support Engineer Feb 2013 - Nov 2015 (2 years 10 months):
  • While in this position I did chat support for mobile devices (via contract through Convergys) running one of the largest mobile platform OS systems on the market.
  • My primary role was fixing NT Kernel based mobile devices; This included apps, system errors, feature implementations, network connectivity, mail server issues, and user accessibility concerns. While this position was fairly straightforward, I did learn some pretty interesting things about some of the top mobile devices on the market.
  • Skills Windows, Windows Phone OS, Xbox Music, Xbox Marketing Strategys, Strong Communication abilities, Customer Service, LivePerson Adminstration, Avaya Systems Operation, 80+ WPM (Words per minute), Networking, Account Management & Integration, ASD Operation

Web Developer

January 2007 - December 2015
  • I design websites based on the following code: XHTML, CSS, PHP, Ruby and JavaScript.

Tech Support

Xerox Global Services
April 2011 - January 2013
  • This position required advanced knowledge of MacOS (up to 10.8).
  • During this position I fixed Mac computers (hardware and software).
  • Light use was made of the native Unix-based CLI within the system (mostly for bash scripts), as well as the systems Verbose mode upon bootup, perhaps more heavily used.

Education

Harvard University

Kennesaw State University

Bachelor Degree
Computer Science
Hire Specialized Talent
Better. Faster. On Demand.
Start Hiring
Get Hired
Hire Talent
Apply as Freelancer
Careers
Contact
About
Job Board
Insights
Privacy Policy
Data Processing Policy
© 2025 Worky LLC. All rights reserved.