Andriy Rudyk

Product Security Engineer

Work Experience

Product Security Engineer IV Aug 2023 – Present
Intuit Credit Karma · Charlotte, NC
  • Architected and built Raptor, a centralized vulnerability management and triage platform (Go/React): ingests findings from Snyk, Twistlock, Semgrep, Traceable, Data Theorem, GitHub secret scanning, and custom scanners; auto-creates and routes tickets to owning teams; provides security engineers a full manual triage and review workflow with dashboards.
  • Deployed an enterprise-wide Burp Suite DAST scanner and authored a custom Burp extension (Java) to handle GraphQL introspection and automated attack dispatch.
  • Architected and developed an automated third-party library review and approval platform, reducing manual security review overhead.
  • Perform internal application-layer penetration tests on new features undergoing security review.
  • Conduct security design reviews of technical design documents (TDDs) and provide code-level security consultations to product engineering teams.
  • Promoted from Product Security Engineer III in August 2023.
Product Security Engineer III 2021 – Aug 2023
Intuit Credit Karma · Charlotte, NC
  • Launched and managed Intuit Credit Karma's HackerOne bug bounty program: triaged and validated submissions, coordinated remediation with engineering, performed CVSSv3 scoring and scope management.
  • Performed internal penetration tests on new product features and reported findings through the security review process.
  • Delivered security consultations to product teams: reviewed TDDs and provided actionable security recommendations.
Software Engineer III Nov 2018 – 2021
Intuit Credit Karma · Charlotte, NC
  • Scala / Java / TypeScript / PHP, Finagle, Spring, Kubernetes, Kafka.
  • Developed microservices supporting the home/mortgage vertical; worked on the tax integration team for OCR, TaxHub, and IRS transcript retrieval services.
  • NightsWatch (internal cybersecurity program) member, top-5 CTF nominee.
  • Promoted to Senior Engineer III in 2020.
Software Engineer Jun 2014 – Nov 2018
Premier Inc. · Charlotte, NC
  • Designed and coded full-stack enterprise medical data processing applications using agile methodologies.
  • Java / Groovy / Go, Spring / Grails / Ratpack with Hadoop map/reduce, Solr, Kafka, and a Vue.js front-end.
  • Used Docker for simple app management and deployment; experience with event-driven Go APIs.
  • Promoted from Associate Software Engineer in 2015.
  • 2017 Premier Values team award winner.
Application Engineer Intern May 2013 – Aug 2013
Premier Inc. · Charlotte, NC
  • Worked on a summer-long project creating a configuration comparator tool.
  • Python / Django / bash.
  • Received a job offer at the end of the internship.

Skills

  • Languages: Go, TypeScript, Java, Scala, Groovy, Python, JavaScript, SQL, bash, C, LaTeX
  • Frameworks: ReactJS, Go gin, Twitter Finagle, Spring / Spring Boot, Grails, Flask, Kafka
  • Tools: Burp Suite, git, Docker, Kubernetes, GitHub Actions, Snyk, Semgrep, Twistlock, HackerOne, JIRA, IDEA suite, VS Code, vim, Linux (Debian/RHEL) / Mac / Windows
  • Security: Vulnerability management, application pentesting, DAST/SAST tooling, bug bounty management, security design review, GraphQL security, CVSSv3
  • Misc: Pursuing OSCP certification. Trilingual: English, Ukrainian, Russian. Strong communicator with experience bridging security and product engineering teams.

Education

OSCP (Offensive Security Certified Professional) — In Progress Expected 2026
Offensive Security · Remote
B.S. in Computer Science 2010 – 2014
Western Carolina University · Cullowhee, NC
  • Vice President of the Computer Science ACM club.
  • PiBot capstone: a Raspberry Pi remote tour robot controlled via a Flask web app.
  • Coursework: Algorithms, Networking, Computer Graphics, Databases, MIPS Assembly, Operating Systems, Software Engineering.