소개
폴란드 출신의 풀스택 엔지니어
API 우선 아키텍처
모든 시스템은 잘 정의된 REST 경계를 중심으로 설계됩니다. 프론트엔드는 API를 소비하며 — 백엔드 내부에 결합되지 않습니다.
재사용 가능한 CMS 및 예약 코어
Headless CMS + 여러 속성을 지원하는 예약 엔진. 동일한 코어, 다른 테넌트.
안전한 관리자 패널
RBAC, 범위 지정 권한, httpOnly 세션, CSRF 보호. 관리자 표면이 공격 벡터로부터 격리됩니다.
PostgreSQL / Prisma 데이터 모델링
관계형 무결성 우선. Prisma를 통한 타입 안전 쿼리, 마이그레이션 및 스키마 진화.
Docker / nginx / Linux 배포
프로덕션 등급 VPS 스택. Docker Compose, nginx 리버스 프록시, 자동화된 SSL, fail2ban.
AI / LLM 자동화 워크플로우
문서 생성, 양식 자동화, 저장소 분석. 일관된 대규모 출력을 위한 프롬프트 기반 파이프라인.
프로젝트
설계하고 제공한 시스템
Headless CMS Platform
Headless CMS + booking engine ecosystem. Multi-property scheduling, real-time availability, and content management delivered via REST API.
Booking & Payments Platform
Stripe and BLIK integration with invoice generation, availability calendar, and multi-currency support. End-to-end payment lifecycle.
Admin Panel / RBAC CMS
Role-based access control with granular permissions. Media management, content editing, pricing rules, and real-time analytics dashboard.
AI/LLM Automation Layer
Document generation, form automation, repository analysis, and prompt-driven workflows. Designed for consistent output at scale.
WordPress / Gravity Forms Automation
Custom plugins for event registration, exhibitor management, and conditional form logic with automated PDF delivery.
VPS Production Stack
Docker Compose orchestration with nginx reverse proxy, PostgreSQL persistence, automated SSL via Certbot, and hardening from first principles.
기술
사용하는 기술과 도구
Frontend
- TypeScript
- React
- Next.js
- Tailwind CSS
- Framer Motion
- HTML/CSS
Backend
- PHP
- Node.js
- REST APIs
- Express
- Prisma ORM
Databases
- PostgreSQL
- MySQL
- Prisma
- SQLite
DevOps / Infra
- Docker
- nginx
- Linux/VPS
- SSL/Certbot
- CI/CD
- fail2ban
Security
- RBAC
- Input Validation
- XSS/CSRF Prevention
- API Key Management
- Server Hardening
CMS / Integrations
- WordPress
- Gravity Forms
- Stripe
- BLIK
- PDF Generation
AI / Automation
- OpenAI API
- Prompt Engineering
- LLM Pipelines
- Document Generation
Testing / QA
- Automated Testing
- QA Scripts
- Data Validation
- Integration Testing
보안
안전한 시스템 구축에 대한 접근 방식
Admin / Public Separation
Strict boundary between authenticated admin surface and public-facing endpoints. Admin routes isolated behind auth middleware.
RBAC & Permissions
Role-based access control with granular permissions per resource. No god-mode accounts — every action is scoped.
API Key Management
Keys stored as environment secrets, never committed. Rotation strategy in place. Third-party keys isolated per service.
Session & Auth
HttpOnly secure cookies, CSRF tokens, session invalidation on role change. No local storage tokens.
Input Validation
Zod schemas on every API boundary. No raw SQL. Parameterized queries via Prisma. Content Security Policy headers.
Service Isolation
Docker Compose networks isolate services. Admin panel not reachable from public network. Database no external ports.
Firewall & nginx
UFW + fail2ban for brute-force protection. nginx rate limiting, request size caps, and security headers.
Attack Surface Reduction
Minimal exposed ports. Unused services removed from production images. Health-check endpoints behind auth.
Monitoring Readiness
Structured logging, health-check endpoints, and alert-ready architecture. Ready for Prometheus/Grafana or Datadog integration.
자격증
지속적인 학습과 검증
Exploitation and Penetration Testing with Metasploit
IBM
Vulnerability assessment, exploitation techniques, and post-exploitation strategies using the Metasploit framework.
Network Traffic Analysis with Wireshark
SkillUp Online
Deep packet inspection, traffic filtering, and network protocol analysis using Wireshark for security auditing and incident response.
Transformer Models and BERT Model
Transformer architecture, attention mechanisms, and BERT fine-tuning for NLP tasks and semantic understanding.
Ethical Hacking with Kali Linux
IBM
Offensive security methodology, reconnaissance, enumeration, and privilege escalation with Kali Linux tooling.
Python for Data Science, AI & Development
IBM
Python programming fundamentals applied to data analysis, visualization, and AI/ML development workflows.
Introduction to Ethical Hacking Principles
SkillUp Online
Foundations of ethical hacking, security assessment methodologies, and responsible disclosure practices.
Artificial Intelligence Essentials V2
IBM
Core AI concepts, machine learning workflows, and practical applications across industries.
Generative AI: Prompt Engineering
IBM
LLM orchestration, prompt design patterns, and generative AI integration for production automation pipelines.
Generative AI Essentials
IBM
Fundamentals of generative AI, model capabilities, and ethical considerations for enterprise adoption.
연락처
다음 프로젝트에 대해 이야기해봐요