BurpSuite Pro
Razvan Nitu
Senior Penetration Tester | Ethical Hacker
Bucharest
Summary
I'm a cybersecurity professional with over 6 years of experience, specializing in penetration testing and cyber security. I've had the opportunity to work with companies of all sizes across the globe, securing applications and infrastructures and guiding them to better security postures. My career started in security consulting companies, where I honed my skills as a penetration tester, working with numerous clients across Europe and the US on various projects.
In addition to penetration testing, I’ve led major security efforts, including managing, creating and driving a security roadmap from start to finish for a global product at WHO, as well as driving the SOC2 compliance efforts for multiple large-scale companies.
I believe that my experience with more than just penetration testing, but other security fields as well, provides me with a broader insight into how to assist a company with their security needs. I’m now looking to bring my skillset to other environments and challenges!
Overview
2025
2025
years of professional experience
4
4
years of post-secondary education
3
3
Languages
Work History
Senior Information Security Engineer
Orange Services
4 2023 - Current
- Conducted in-depth penetration tests on internal networks, applications, and systems, ensuring compliance with the company’s security standards and policies.
- Designed and implemented risk assessment strategies to evaluate the effectiveness of existing security protocols, recommending mitigation strategies that align with industry best practices and compliance requirements.
- Offered strategic insights and hands-on support to development teams, ensuring security best practices were integrated from the ground up, enhancing the overall security posture of new products.
- Acted as the main point of contact and security stream lead, providing early-stage guidance to identify and address potential security issues during the design and development phases of products.
- Created detailed reports and presentations tailored for both technical teams and executive stakeholders, highlighting security findings, potential impacts, and actionable remediation steps.
- Stayed up-to-date on the latest cybersecurity threats, trends, and technologies to evolve testing techniques and enhance security measures proactively.
Security Architect and Lead
World Health Organization, WHO
10.2023 - 10.2024
- Managed and implemented a comprehensive security roadmap for WHO's global learning and course platform intended to support over 10 million users, including integration with health service providers across the globe.
- Analyzed and strengthened the security of the platform’s architecture and infrastructure, ensuring that security best practices are implemented throughout the development lifecycle.
Conducted penetration tests and security audits at all stages of development, managed remediation efforts and ensured security hardening across all assets. - Developed alerts, monitoring, and logging capabilities to maintain continuous security oversight, leveraging Azure’s extensive functionalities to enhance the security of the assets.
- Led and coordinated cross-functional teams, providing guidance and oversight to ensure security objectives were met and integrated into the platform's development and operation.
- Managed a complex, large-scale Azure environment, overseeing security aspects for a diverse array of integrated technologies and tools.
Senior Penetration Tester
Cyber Smart Defence
11.2019 - 4 2023
- Conducted penetration tests, security audits, and vulnerability assessments across a wide range of companies, covering various industries and technologies.
- Performed black box and grey box audits on web and mobile applications, managed red team engagements, and conducted internal assessments, demonstrating a high level of autonomy and expertise.
- Played an active role in hiring and training new team members by offering mentorship, guidance, and hands-on learning experiences for aspiring penetration testers and new-hires.
- Utilized industry-standard security and vulnerability management tools such as BurpSuite Pro, Nessus Pro/Expert, SonarQube, and Qualys in day-to-day tasks and engagements.
Service Reliability Engineer
IDEMIA
10.2017 - 11.2018
- Monitored and maintained high availability of a Linux-based infrastructure, both for staging and production environments, with the incentive of avoiding or predicting negative impacts or outages for a vast range of clients, and reacting accordingly in case of such issues.
- Assisted in configuring and tweaking monitoring parameters, queries, checks and alerts for tools such as Prometheus, Grafana and Zabbix in order to improve the general day-to-day workflow.
- Created bash scripts for automation purposes for common tasks such as archival/storage and error logging for statistical purposes.
- Assisted in the investigation and troubleshooting of a wide range of problems pertaining to multiple different applications through log analysis, testing and researching the documentation of the application at hand.
- Maintained composure and professionalism in high pressure situations during critical incidents with several clients and cooperating with cross-functional teams in order to asses and remediate said issues.
Education
Bachelor of Science - Automatic Control And Systems Engineering
University Politehnica of Bucharest
Bucharest, Romania 10.2014 - 07.2018
Skills
Penetration Testing
Web Application Penetration Testing
Infrastructure/Network Penetration Testing
Mobile Penetration Testing
Cloud Security Audit
Vulnerability Management
Governance, Risk and Compliance
Security Architecture & Design
Information Security and Privacy
Software
Nessus Professional
Linux
Metasploit
Qualys
SonarQube
AWS
Azure
GCP
ISO 27001
SOC 2
Nmap
Drata
Vanta
Timeline
Security Architect and Lead
World Health Organization, WHO
10.2023 - 10.2024
Senior Penetration Tester
Cyber Smart Defence
11.2019 - 4 2023
Service Reliability Engineer
IDEMIA
10.2017 - 11.2018
Bachelor of Science - Automatic Control And Systems Engineering
University Politehnica of Bucharest
10.2014 - 07.2018
Senior Information Security Engineer
Orange Services
4 2023 - Current
Similar Profiles
Nora-Mohamed Fawzy Rashwan HelalNora-Mohamed Fawzy Rashwan Helal
Supervision Technician at Orange ServicesSupervision Technician at Orange Services
Bogdan TarusBogdan Tarus
Program Manager at Orange ServicesProgram Manager at Orange Services
Robert BârsanRobert Bârsan
Head of Data Governance, Delivery & Performance at Orange RomaniaHead of Data Governance, Delivery & Performance at Orange Romania