GIURCA, Petru-Lucian


Smart Contract Security Auditor

Smart Contract Security Auditor · DevSecOps Expert · Solidity Developer

Senior Security Professional with 15+ years of experience transitioning from Tier-1 DevSecOps (Deutsche Bank, Lego, GE) to Smart Contract Security Auditing. Specialized in Ethereum/EVM ecosystems, utilizing Foundry, Slither, and Fuzzing to secure decentralized protocols. Expert in building secure CI/CD pipelines and high-availability Kubernetes infrastructure.

Blockchain

Solidity, EVM, Foundry, Slither, Fuzzing, OpenZeppelin, Hardhat, Layer 2

DevSecOps

Kubernetes (RKE2/AKS/EKS), Terraform, GitHub Actions, Jenkins, Azure DevOps

Security

SAST/DAST (ZAP, SonarQube, Trivy), Pentesting, ISO 27001, SOC2, NIS2

Cloud / Data

Azure, AWS, GCP, OpenStack, Prometheus, Grafana, Python, Go, Bash

Certifications & Professional Development


Expert

Certified Blockchain Expert

Demonstrates a comprehensive understanding of blockchain technology, its underlying principles, and its potential applications across various industries.

Security Professional

Certified Blockchain Security Professional

Validates specialized skills in identifying and mitigating security vulnerabilities within blockchain networks and decentralized applications.

Cybersecurity Expert

Certified Cybersecurity Expert

Confirms advanced proficiency in cybersecurity strategies, threat intelligence, and defensive measures to protect digital assets and infrastructure.

Developer

Solidity Developer

Certifies expertise in developing secure and efficient smart contracts using the Solidity programming language for Ethereum Virtual Machine (EVM) compatible blockchains.

Auditor

Certified Smart Contract Auditor

Recognizes critical skills in conducting thorough security audits of smart contracts, identifying logical flaws and potential exploits before deployment.

Developer

Certified Smart Contract Developer

Confirms comprehensive ability to design, develop, test, and deploy robust and secure smart contracts on blockchain platforms.


Professional Experience

Blockchain Security Auditor | HCLTech (May 2023 – Present)

Perform comprehensive security audits of Ethereum/EVM-based smart contracts (Solidity), identifying critical logical flaws and economic attack vectors. Utilize Slither, Foundry, and custom fuzzing frameworks to mitigate reentrancy, access control issues, and flash-loan vulnerabilities. Deliver detailed audit reports with risk classification (Critical/High/Med) and reproducible PoCs. Collaborate with DeFi protocols to validate fixes and promote secure development lifecycles.

DevSecOps Expert | Deutsche Bank UK via HCLTech (Oct 2022 – Apr 2023)

Managed Rancher Kubernetes (RKE2) for high-availability containerized banking applications. Designed GitHub Actions CI/CD for Java/Spring Boot and Rust microservices, integrating automated security gates (SAST/DAST/SCA). Reduced production vulnerabilities by 92% through "Shift-Left" security integration and automated blocking of vulnerable artifacts (CVSS ≥ 7.0).

DevSecOps Engineer | UniCredit Spa Italy (Mar 2022 – Sept 2022)

Led vulnerability scanning and remediation patching for production Rancher clusters (120+ nodes). Achieved 99.98% uptime while ensuring compliance with PCI-DSS 4.0 and GDPR standards. Developed automated security frameworks using Python and Go to analyze network and infrastructure risks.

Senior DevOps Engineer | Lego Group Denmark (Sept 2021 – Feb 2022)

Architected secure GKE (Google Kubernetes) clusters and enforced network policies and IAM. Automated OS patching and kernel tuning for Red Hat OpenStack/OpenShift environments. Managed the lifecycle of CoreOS nodes, optimizing developer experience through Source-to-Image (S2I) workflows.

DevSecOps Specialist | GE Digital (July 2019 – Aug 2021)

Built secure RESTful/gRPC backend services in Go, ensuring high-load concurrency management. Implemented "Shift-Left" security in Azure DevOps, utilizing Secret Scanning and mandatory SAST gates. Managed ingestion and correlation of security data from Azure/On-prem into Microsoft Sentinel (SIEM).

Earlier Experience & Certifications

Earlier Career (Summarized)

IT System Engineer | BullGuard (2018–2019)

Cloud migration to Azure; deployed Prometheus/Grafana monitoring.

Linux Sys Admin | StarTechTeam (2014–2018)

Managed RHEL6 environments, VMware ESXi, and Puppet configuration.

Help Desk Support | Genpact (2009–2014)

Tier 1/2 technical support and incident lifecycle management.

Key Certifications

1

Cybersecurity & Compliance

  • ISO/IEC 27001:2022 Lead Auditor, ISO 31000 Risk Manager, ISO 22301 Business Continuity
  • EITCA Academy: Information Technologies Security Programme (EQF Level 6)
  • Global Tech Council: Certified InfoSec Executive, Pentesting Expert, White Hat Hacker
  • The Linux Foundation: Implementing DevSecOps (LFS262)
2

Cloud & DevSecOps

  • International DevOps Academy: Certified DevOps Professional / Operations Engineer
  • GSDC: Certified Full Stack Developer, DevSecOps Engineer
  • MongoDB: SQL Experts, Python, GenAI Apps; Conda Fundamentals

AI, Blockchain & Education

AI & Agentic Systems

EITCA Academy

Artificial Intelligence Programme/Information Security Programme (EQF Level 6)

Blockchain Council

Certified Agentic AI Developer, LLM Developer, & Generative AI Expert

Specialized

Google Cloud Machine Learning, TensorFlow Fundamentals, Deep Learning (PyTorch/Keras)

Blockchain & Smart Contracts

Blockchain Council

Certified Smart Contract Auditor/Developer, Solidity Developer, Blockchain Security Professional, & Blockchain Expert

Cyfrin Updraft

Solana Security, Rust Programming Basics, & Solidity Smart Contract Development

Education

Master's Degree in Law

Spiru-Haret University, Bucharest — 2010

Bachelor's Degree in Law

Spiru-Haret University, Bucharest — 2008

Languages

95%

English

Advanced

70%

Italian

Intermediate

70%

Spanish

Intermediate

100%

Romanian

Native