Vadim Derevyanko
About Vadim Derevyanko
Vadim Derevyanko is an Application Security Analyst at Kinaxis in Ottawa, Ontario, Canada, where he has worked since 2020. He has extensive experience in application security, penetration testing, and compliance with security regulations.
Work at Kinaxis
Vadim Derevyanko has been employed at Kinaxis as an Application Security Analyst since 2020. In this role, he focuses on ensuring the security of applications through various methods, including penetration testing and threat modeling. He conducts assessments using tools such as Burp Suite, OWASP ZAP, and Kali Linux. His responsibilities also include preparing manual pentest environments for both on-premises hosts and Microsoft Azure. Additionally, he assists with compliance related to security certifications and regulations, including GDPR and ISO/IEC 27001.
Previous Experience at Sitecore
Prior to his current position, Vadim Derevyanko worked at Sitecore as a Security Specialist from 2012 to 2020. During his tenure, he initiated automated security regression testing for the Sitecore Experience Platform. This involved maintaining test cases and automated tests that addressed fixed vulnerabilities. His role contributed to enhancing the overall security posture of the Sitecore platform.
Background in Engineering and Technology
Vadim Derevyanko's career began at INTERPIPE/ИНТЕРПАЙП, where he served as a Senior System Engineer from 2010 to 2012. He also briefly worked as an Electrician in 2009. His educational background includes studying Computer Systems and Networks at Dnipro University of Technology, where he earned a Specialist degree from 2002 to 2007. Additionally, he studied Computer Science at Dnipropetrovsk Lyceum of Information Technologies from 1999 to 2002.
Technical Expertise in Application Security
Vadim Derevyanko possesses extensive expertise in application security. He conducts penetration testing of web applications and runs threat modeling for new and existing products using the Microsoft Threat Modeling tool. His skills include integrating Veracode SAST/DAST/SCA into the company's build pipeline for security testing. He also has experience in stress testing using JMeter and custom solutions written in C#.
Compliance and Security Certifications
In his role, Vadim Derevyanko assists Kinaxis with achieving compliance related to various security certifications and regulations. He is knowledgeable in standards such as GDPR, SOC2, and ISO/IEC 27001. His contributions help ensure that the company meets necessary security requirements and maintains a robust security framework.