Available for new opportunities
Łukasz
Brodziak

Security-minded engineer with 14+ years in software development & QA, transitioning into DevSecOps and Cloud Security. I build things, break things, and automate the difference.

View Projects Get in Touch
Scroll to explore
Background
From Code to Cloud
to Security

I started as a software developer building medical applications in Delphi for 8 years, then transitioned into QA Engineering where I spent 6+ years automating tests and finding edge cases others missed. That adversarial mindset — always asking "how can this break?" — maps directly into security work.


Now I'm combining that foundation with hands-on projects in cloud infrastructure, penetration testing, and security automation — building the skills to work at the intersection of DevOps and Security.

Location
Śląsk, Poland
Currently
Senior QA Engineer @ Future Processing
Target Roles
DevSecOps · Cloud Security · DevOps Engineer
GitHub
github.com/lbrodziak
Capabilities
Skills &
Technologies
☁️ Cloud Platforms
AWS — VPC, EC2, S3, Lambda, API Gateway,
CloudFront, DynamoDB, IAM, KMS, GuardDuty
GCP (basics)
⚙️ DevOps & CI/CD
AWS CodePipeline · CodeBuild · CodeDeploy
CodeArtifact · Elastic Beanstalk
Terraform (basics) · Git
🔐 Security Tools
Nmap · Metasploit · OWASP ZAP
Wireshark · Gobuster · Burp Suite
Active Directory
💻 Programming
Python · SQL · Java · Bash
PowerShell · Delphi
🧪 Testing & QA
API Test Automation · UI Automation
Cypress · Postman/Newman
Manual & Exploratory Testing
🧠 Concepts
Penetration Testing · IAM & Least Privilege
Threat Detection · API Security · CORS
Agile/Scrum · Linux · Windows Server
Portfolio
Personal
Projects

Hands-on projects built in my own time. All source code on GitHub ↗

Security
AI Autonomous Pentesting Agent
An LLM-powered recon agent (Llama 3.1) that interprets natural language prompts and autonomously orchestrates multi-stage penetration testing workflows. Generates risk assessment reports and exports them as HTML.
Python Ollama Streamlit Nmap Gobuster
Security
Active Directory Home Lab
Virtualised AD environment with Windows Server 2022 Domain Controller and Windows 10 client. Automated bulk user creation via PowerShell. Foundation for attack/defence scenarios including privilege escalation and lateral movement.
Windows Server 2022 PowerShell VirtualBox
Security
Python Packet Sniffer
Low-level TCP/ICMP packet capture and parser built with raw sockets. Displays live network traffic and exports to file on exit. Built to develop practical understanding of network protocol internals.
Python Raw Sockets Ubuntu
AWS
Three-Tier Serverless Web App
Fully serverless three-tier architecture: static frontend via S3/CloudFront, business logic via API Gateway + Lambda, data layer in DynamoDB. Resolved complex CORS misconfiguration between CloudFront and API Gateway.
S3 CloudFront API Gateway Lambda DynamoDB
DevOps
AWS CI/CD Pipeline
End-to-end automated CI/CD pipeline built from scratch in 7 days. Covers source control, build, artifact management, and blue/green deployment to EC2 using native AWS developer tools.
CodePipeline CodeBuild CodeDeploy CodeArtifact EC2
AWS
AWS Cloud Security Suite
Implemented IAM least-privilege policies, KMS data encryption, and GuardDuty threat detection. Complemented with GCP Security Command Center web vulnerability scanning.
IAM KMS GuardDuty GCP SCC
Career
Work
Experience
Senior QA Engineer Future Processing Jul 2021 – Present
  • Security-oriented API testing covering authentication, authorisation, input validation, and error handling
  • Built and maintained API and UI automation frameworks integrated into CI/CD pipelines
  • Embedded quality and security thinking early in the development lifecycle within Agile teams
QA Engineer XCaliber Dec 2020 – Jul 2021
  • Implemented frontend test automation with Cypress; API automation with Postman/Newman
  • Conducted manual and exploratory testing focused on edge cases and failure modes
QA Engineer Asseco Poland Nov 2018 – Dec 2020
  • Designed and implemented QA processes from scratch for a regulated medical application
  • Led and mentored a 5-person QA team; introduced structured test case management
Software Developer Asseco Poland Jun 2010 – Oct 2018
  • Developed and maintained a Delphi-based medical application over 8+ years
  • Designed and managed PostgreSQL databases in a regulated healthcare environment
Credentials
Certifications &
Education
🛡️
Google Cybersecurity Certificate
Coursera · Verified Credential
🧪
ISTQB Foundation Level
Software Testing Certification
Master's Degree — Bioinformatics Silesian University, Sosnowiec 2008 – 2010
Bachelor's Degree — Bioinformatics Silesian Medical University, Sosnowiec 2004 – 2008
Get in touch
Let's Work
Together

Open to DevSecOps, Cloud Security, and DevOps Engineering opportunities. Feel free to reach out.

l.brodziak@proton.me github.com/lbrodziak LinkedIn