Software Engineer Security
Resume:
Irene Michlin
**A Tring Road
Wendover, Bucks HP*2 6NT
*********@*****.***
KEY BUSINESS COMPETENCIES:
● Experienced tech lead and architect, coming from OOD background, with more than 13
years in security industry
● Can quickly pick up new technologies and master new business areas.
● Excellent analytical and problem-solving skills, able to quickly digest issues/problems
encountered and recommend an appropriate solution.
● Track record of introducing Secure Software Development Lifecycle
● Ability to turn information on emerging threats into actionable items for the company
● Excellent interpersonal communication skills combined with a successful history of
working with different cultures
● Team player with strong ability to explain technical issues to business users
● Specialities: Threat modeling, architecture reviews, vulnerability analysis, security in the
SDLC, agile development process, analysis of industry trends, cryptography
EXPERIENCE:
7/2013 - current Vivastreet Scrum Master
Working with 3 cross-functional teams of developers, QA and UI designers developing e-
commerce products.
● Guiding continuous improvement of product development
● Introducing Secure Software Development Lifecycle
● Evaluating architecture and implementation for Cyber Threat resistance
10/2010 - 5/2013 Sophos Architect and Technical Lead
Responsible for all the aspects of development process and technology in the distributed team of
about 35 software developers and QA engineers. The team develops AntiVirus engine, DLP tools
and range of other desktop and gateway security applications, including cloud lookups based on
DNS and HTTP/HTTPS.
● Led development of new architecture across AV engine and a range of desktop and
gateway security products
● Designed and developed critical features for malware detection software (cross-platform
C/C Submitted patent application for innovative detection approach (prototyped in
Python)
● Followed security industry trends through conferences and professional groups, providing
technology overviews and actionable items for the company
● Led reviews of 3rd party code considered for inclusion, for standards compliance and
security vulnerabilities
● Created internal training program for C/C++ developers on recognising and avoiding
security bugs
● Led security architecture and design reviews for features and projects, identifying
security risks and mitigations
● Reviewed technical specifications and designs of proposed features and new products
● Introduced practices of Secure Software Development Lifecycle
● Created and reviewed threat models using SDL Threat Modeling Tool
● Analysed vulnerabilities using DREAD model
● Successfully introduced Agile development practices to the team, significantly reducing
lead time and cycle time. Served as Agile coach for other teams in product development.
Achieved CSP certification
● Worked with Product Management on OEM and technical partnership projects
● Created technology overviews for sales training programme
1/2002 – 10/2010 Mcafee Principal Software Engineer
● Performed Scrum master role in teams of 4-8 developers, QA engineers and anti-malware
researchers.
● Developed innovative malware research tool for clustering unidentified malware samples
(over LAMP stack with C/C++ plugins).
● Designed and developed antivirus and antispyware software to rigid standards of
application security, performance and stability (cross-platform C
● Developed new features for the compiler and the virtual machine of this language:
functions, loops, RPN calculator. Wrote development tools for the language users:
debugger, code coverage tools, profiling tools.
● Researched new algorithms to improve application performance. Suggested numerous
technological improvements (two patent applications).
● Developed new features for several releases of the software across the whole lifecycle –
from functional design to unit testing. Wrote documentation, technical notes, created
models in Enterprise Architect.
● Developed core features of Mcafee antispyware engine – application capable of
recognizing infection by complex spyware packages.
● Ported the complete antivirus engine to i5/OS, in the process learning about the iSeries
C++ development from scratch.
7/2001 – 12/2001 Marconi Senior Software Engineer
Porting of wireless planning software from Unix to Windows NT using MKS Toolkit.
10/1999 – 7/2001 Configate Ltd. Team Leader
Developed security system based on voice verification over multiple platforms: mobile, web,
telephony.
06/1997 – 09/1999 Applied Materials
Senior Software Engineer
Developed software for the reticle inspection system.
03/1995 – 06/1997 3Com Network Management Ltd
Software Engineer
Developed network management packages (C++ on various Unix platforms using SNMP).
03/1994 – 02/1995 Radway (from Rad-Bynet group)
Software Engineer
Participated in development of IP router connecting legacy LANs to FibreChannel network
(embedded C).
EDUCATION:
1992 - 1995 Tel-Aviv University Tel-Aviv, Israel
B.A., Computer Science and Economics
Professional training:
2013: Introduction to Data Science
2013: Pattern-Oriented Software Architectures for Concurrent and Networked Software
2013: CanSecWest security conference
2012: Functional Programming Principles in Scala, Coursera
2012: BlackHat and DefCon
2012: Cryptography I, Coursera
2011: Secure Software development practices, Sophos Internal
2011: BlackHat 2011
2010: Python 3.0 programming
2008: Certified Scrum Master (Danube)
2006: Introduction to Application Security, Mcafee Internal
2005: i5/OS (OS/400) Technical Introduction, IBM
2004: Secure Programming Workshop, Microsoft
2002: UML
1998: Migrating Applications to Solaris 2.X Workshop
1998: Clearcase (Applied internal)
1997: ATM international congress; “ATM technology” (3Com internal)
1996: “Introduction to modern data communication”
1995: “Object-oriented programming in C++”
Contact this candidate