Seyed Farhad Miri - Senior Product Security Engineer

Q: Where is Seyed Farhad based?

Seyed Farhad is based in Berlin, Germany .

Q: What languages does Seyed Farhad speak?

Seyed Farhad speaks the following languages: English (Native), German (Intermediate) .

Q: How many years of experience does Seyed Farhad have?

Seyed Farhad has at least 14 years of experience. During this time, Seyed Farhad has worked in at least 4 different roles and for 4 different companies . The average length of individual experience is 4 years and 7 months . Note that Seyed Farhad may not have shared all experience and actually has more experience.

Q: What is Seyed Farhad's latest experience?

Seyed Farhad's most recent position is Senior Product Security Engineer at Delivery Hero .

Q: What companies has Seyed Farhad worked for in recent years?

In recent years, Seyed Farhad has worked for Delivery Hero , Ernyka Holding , and MCI .

Q: Which industries is Seyed Farhad most experienced in?

Seyed Farhad is most experienced in industries like Information Technology , Professional Services , and Food and Beverage . Seyed Farhad also has some experience in Transportation and Telecommunication .

Q: Which business areas is Seyed Farhad most experienced in?

Seyed Farhad is most experienced in business areas like Information Technology and Quality Assurance .

Q: Which industries has Seyed Farhad worked in recently?

Seyed Farhad has recently worked in industries like Information Technology , Professional Services , and Food and Beverage .

Q: Which business areas has Seyed Farhad worked in recently?

Seyed Farhad has recently worked in business areas like Information Technology and Quality Assurance .

Recommended expert

Berlin, Germany

Experience

Nov 2022 - Present

3 years 5 months

Berlin, Germany

Senior Product Security Engineer

Delivery Hero

Developed a custom tool using the Mistral 7B LLM to scan, validate and report security vulnerabilities.
Security tested AI agents, bots, and other LLMs with a focus on prompt injection, model inversion, data poisoning, EDR/AV bypass and evasion techniques, membership inference, model evasion, overfitting to malicious inputs and contextual manipulation.
Onboarded repositories to SAST solutions for security scanning, implemented secrets scanning, DAST, SCA, and utilized ZAP for DAST in CI/CD pipelines.
Engaged in security awareness trainings, developed CTF challenges and training materials to enhance developer security knowledge.
Planned and executed bi-annual red teaming operations based on the MITRE ATT&CK framework and led internal and external pentests based on the OWASP Top 10 framework for 70+ applications worldwide, resulting in detection, reporting, and remediation of hundreds of vulnerabilities.
Triaged HackerOne reports.

Nov 2021 - Nov 2022

1 year 1 month

Senior Offensive Security Engineer - RedTeam

Ernyka Holding

Executed red team exercises on a six-month basis.
Conducted web, API, network, and mobile pentesting of assets.
Audited and implemented hardenings on services and performed vulnerability scanning using CIS standards.
Delivered blockchain security assessments including smart contract security.
Provided secure code trainings and capture the flag events.
Implemented cloud security for Microsoft Azure domestic cloud solutions.
Integrated DevSecOps processes using Snyk, SonarQube, and GitLab.

Jun 2015 - Jul 2016

1 year 2 months

Penetration Testing / Vulnerability Development Projects Assessment / Hardening

Rightel

Developed a security scanner with a local LLM to analyze, validate, correlate, and report results.
Created an AI-driven triage bot to assess, analyze, and prioritize security issues and tickets.
Developed an anti-ransomware framework to detect and alarm ransomware activities.
Built a firewall rule assessment tool for network devices.
Automated a web vulnerability scanner designed for bug bounty hunting.
Conducted vulnerability assessments and penetration testing across Windows and *nix environments, identifying and remediating OWASP Top 10 vulnerabilities.
Implemented and automated CIS hardening best practices on OS, web server, and database services.
Strengthened defenses against social engineering and client-side attacks via simulated assessments and security awareness courses.

Dec 2011 - Nov 2021

10 years

Senior Penetration Tester/Red Teamer

MCI

Simulated advanced persistent threats (APTs) and post-exploitation activities using CobaltStrike, Empire, and BloodHound aligned with MITRE ATT&CK TTPs.
Performed targeted penetration testing and security assessments using OWASP Top 10 guidelines with tools including Burp Suite Enterprise, Metasploit, and Nmap.
Secured DevSecOps pipelines with Jenkins, Kubernetes, Terraform, AWS, GitLab SAST, GitGuardian for secrets scanning, and OWASP Dependency-Check for dependency analysis.
Conducted comprehensive vulnerability management, identifying, prioritizing, and remediating vulnerabilities across systems using Jira for tracking remediation efforts.

Industry Experience

See where this freelancer has spent most of their professional time.

Experienced in Information Technology, Professional Services, Food and Beverage, Transportation, and Telecommunication.

Information Technology

Professional Services

Food and Beverage

Transportation

Telecommunication

Business Area Experience

See which departments and functions this freelancer has contributed to most.

Experienced in Information Technology and Quality Assurance.

Information Technology

Quality Assurance

Summary

I have been working in security industry since 2010 (15+ years). I started as penetration tester(4+ years), continued as a red teamer(6+ years), I've also been involved in Shift Left Security initiatives such as DevSecOps, Security Awareness programs, Secure Code Training, and Capture the Flag (CTF) events.

Leading and operating 2 squads to execute red teaming and penetration testing projects. Recently, I have made it my primary focus to utilize LLM-powered AI agents in various security activities and services. I write code in many languages but have Strong preference for Python and also do Bug Bounties myself and triage HackerOne reports too. I have over 200,000 students with 4 security focused courses on Udemy and achieved Guru rank on Hackthebox CTF platform. I am passionate about solving problems.

Skills

Red Teaming
Adversary Emulation
Post-exploitation
Privilege Escalation (Windows/linux)
Ai Agents/llm Security
Social Engineering & Phishing Campaigns
Shift-left Security
Exploit Development
Edr/av Bypass & Evasion Techniques
Mitre Att&ck
Cobaltstrike
Kali Linux
Devsecops
Sast, Dast, Sca
Owasp Top 10
Zerotrust Architectures
Webapp Security
Api Security
Mcp
Ci/cd Security
Mobile App Security
Secure Code Review
Terraform
Cloud Security (Aws, Gcp, Azure)
Kubernetes Security
Container Security (Docker, Podman)
Llm Vulnerabilities
Infrastructure As Code (Iac) Security
Threat Modeling
Identity And Access Management (Iam)
Vulnerability Mgmt
Active Directory Security
Atomic Redteam
Cis Hardenings
Vulnerability Scanning
Blockchain Security
Smart Contract Security
Secure Code Trainings
Capture The Flags (Ctf)

Languages

English

Native

German

Intermediate

Education

QIAU

Software Engineering · Qazvin, Iran, Islamic Republic of

Certifications & licenses

Mci Rpt Crtp - Certified Red Team Professional

Acrtp - Aws Certified Red Team Professional

Aws Security Specialty

Ceh V8: Certified Ethical Hacker

EC Council

Gcrp - Gcp Certified Red Team Professional

Mcrta - Multi Cloud Red Teaming Analyst

Mcrtp - Microsoft Azure Red Team Professional

Python Certified Programmer

Udemy

Statistics

Experience

Total positions 4

Experience in Information Technology 11 y

Avg length 3 y 10 m

Longest experience 9 y 11 m

Global Experience

Countries worked in 1 (Germany)

Primary country Germany

Expertise

Recent roles Senior Product Security Engineer, Senior Offensive Security Engineer - RedTeam, Penetration Testing / Vulnerability Development Projects Assessment / Hardening

Main industries Information Technology, Professional Services, Food and Beverage

Main business areas Information Technology, Quality Assurance

Qualifications

Highest degree Bachelor

Certifications earned 8

Profile

Created

October 2025

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Seyed Farhad based?

Seyed Farhad is based in Berlin, Germany.

What languages does Seyed Farhad speak?

Seyed Farhad speaks the following languages: English (Native), German (Intermediate).

How many years of experience does Seyed Farhad have?

Seyed Farhad has at least 14 years of experience. During this time, Seyed Farhad has worked in at least 4 different roles and for 4 different companies. The average length of individual experience is 4 years and 7 months. Note that Seyed Farhad may not have shared all experience and actually has more experience.

What roles would Seyed Farhad be best suited for?

Based on recent experience, Seyed Farhad would be well-suited for roles such as: Senior Product Security Engineer, Senior Offensive Security Engineer - RedTeam, Penetration Testing / Vulnerability Development Projects Assessment / Hardening.

What is Seyed Farhad's latest experience?

Seyed Farhad's most recent position is Senior Product Security Engineer at Delivery Hero.

What companies has Seyed Farhad worked for in recent years?

In recent years, Seyed Farhad has worked for Delivery Hero, Ernyka Holding, and MCI.

Which industries is Seyed Farhad most experienced in?

Seyed Farhad is most experienced in industries like Information Technology, Professional Services, and Food and Beverage. Seyed Farhad also has some experience in Transportation and Telecommunication.

Which business areas is Seyed Farhad most experienced in?

Seyed Farhad is most experienced in business areas like Information Technology and Quality Assurance.

Which industries has Seyed Farhad worked in recently?

Seyed Farhad has recently worked in industries like Information Technology, Professional Services, and Food and Beverage.

Which business areas has Seyed Farhad worked in recently?

Seyed Farhad has recently worked in business areas like Information Technology and Quality Assurance.

What is Seyed Farhad's education?

Seyed Farhad holds a Bachelor in Software Engineering from QIAU.

Does Seyed Farhad have any certificates?

Seyed Farhad has 8 certificates. Among them, these include: Mci Rpt Crtp - Certified Red Team Professional, Acrtp - Aws Certified Red Team Professional, and Aws Security Specialty.

What is the availability of Seyed Farhad?

Seyed Farhad is immediately available for suitable projects.

What is the rate of Seyed Farhad?

Seyed Farhad's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.