Open for remote job opportunities. Contact me if you're interested.
Hello, my name is Roman Rott!
I'm a Full-Stack Ruby developer with a strong interest in ethical hacking, penetration testing and vulnerability analysis. I have 15 years of IT experience and 8 years experience dedicated to web-development.
Ruby is my favorite when it comes to following TDD and OOP best practices, while EcmaScript and TypeScript are the best one for front-end.
I do enjoy building everything from small OSS aps and libs, landing pages, business sites to rich interactive web apps, single page applications, etc.
I'm working remotely on web projects for clients all over the world and from time to time I take part in bug-bounty programs.
Web Developer
Over the 9 years I occupied different positions in different departments in a big Shared and Cloud Hosting company, IxWebhosting.com. 5 of them were in Tech Support department and 4 in IT as a Ruby/Rails developer. There I've gained experience dealing with someone else's code, debugging it, as well as with catching security flaws and bugs.
For the last 5 years I've been working as a full-stack ruby developer, where I've got extended experience in React, Redux, TypeScript and Svelte.
I also design and develop vulnerable applications for CTF hacking games that give an opportunity for security enthusiasts to practice their skills. Below is a portfolio that contains a list of such apps and web services.
All of these sites and services were developed using Ruby, JS/ES6, TypeScript, CoffeeScript, React, Redux, Svelte, Sinatra, Padrino and RoR frameworks. Some of them handles large amounts of traffic on daily basis.
My Full-Stack web developer portfolio is a brief summary of the projects samples that I've accomplished during the last years.
Take a look at my portfolio
Cybersecurity Enthusiast
I enjoy testing websites for security vulnerabilities (both white-box and black-box) independently or on the platforms like BugCrowd I held several internal Web Application Security Assessments for the products I've been working on as a developer, preparing reports and/or fixing found bugs and issues. My interest in the Ethical Hacking has resulted in dozens of found and reported security issues in such services as rubygems.org, ZeroMail, tagged.com, cater2.me, etc.
I am a member of NoNameCon 2021 core team - the Ukrainian community-built practical cybersecurity conference.
I also used to design, deploy and support vulnerable web and mobile applications for CTF hacking games organized or supported by the «Berezha Security Group» for:
- BruCON 0x0B (2019) — (only assisted with creating UI for a vulnerable website)
- NoNameCon (2018) — Practical Cybersecurity Conference (created admin interface, was one of the Game Masters)
- UISGCon #10, #11, #12 (2014-2016) — Ukrainian InfoSec conference held by Non Government Organization «Ukrainian Information Security Group»
- The Cybersecurity Olympiad «HackIT-2015»
- International forum «Cybersecurity: Ukraine and the world»
Community Development
Contributing to open source projects:
I am working on my own open source pet-project on Electron(using React and TypeScript) react-toolbox gitlab-org/gitlab-ce floere/phony dnesteryuk/site_prism.vcrVolunteering:
- Was working as a full-stack developer, creating, configuring CI/CD and maintaining website for the «NoNameCon #2» Practical Cybersecurity Conference (2019)
- Did the same for the annual «OWASP Ukraine» Cybersecurity Conference held by OWASP Lviv Chapter (2019)
- Almost all apps/sites created by me for the CTFs, were prepared for students, non-profit organizations or just for fun.
Developing local community:
- Held «Ruby for Pentesters» presentation on the OWASP Kyiv Chapter Kick-off Meeting.
- Held «Ruby Security Tips» presentation on the OWASP Kyiv Summer 2019 Meetup
- Had a talk on the 11th Ruby Meditation meetup.
- Partnered with 4 friends of mine to plan and execute several frontend Meetups and the very first Hackathon in Zaporizhzhya city — «24Hack»