Muhammed Kılıç

Muhammed Kılıç

Senior Software Engineer in Malta


An accomplished software engineer with experience developing robust and scalable applications across the full technology stack. Skilled at designing and implementing high-performing REST and GraphQL APIs and microservices using C#, .NET, .NET Core, Node.js, Express and other technologies.

Implemented and shipped automated penetration testing capabilities, including injections for MongoDB, Log4J, Spring4Shell, SQLite and other vulnerabilities. Passionate about application security and writing secure code. Committed to iterative development processes, continuous integration/delivery, and evolving engineering best practices.

Strong DevOps skills around building CI/CD pipelines, infrastructure-as-code, and observability. Experience containerizing services with Docker and managing deployments across diverse environments, including Azure, AWS, and on-prem.

Works extensively with Python, Golang, C#, .NET, .NET Core, Node.js, Express, React, MongoDB, MSSQL, MySQL, Docker, Azure, AWS, Git, and more.

Work Experience

2020 — Now
  • Implemented automated penetration testing capabilities in .NET/C# and JavaScript against MongoDB to find vulnerabilities like injections, Log4J, Spring4Shell, SQLite SQLi, and XSS. Enhanced security testing by 20%.

  • Built integrations with GitHub Actions, DefectDojo, IBM JazzTeam, YouTrack, Azure Pipelines, and IBM UrbanCode from the ground up in languages like C#, Python, GoLang, and JavaScript. Studied diverse application architectures and documentation to enable seamless integrations. Reduced integration development time by 50%.

  • Acted as Scrum Master to guide agile/Scrum transformation workshops. Led team to bi-weekly production releases of security features.

  • Led branching strategy, code reviews, and merge process for penetration testing features. Instituted secure SDLC framework and processes for the team.

  • Delivered security check releases for Standard and Enterprise products, coordinating across multiple teams. Gained release management and DevOps experience.

  • Joined a voluntary task-force to deliver WCAG compatibility for Invicti Enterprise in a 2 month period

  • I learned how to organize and distribute +1,000 tasks among +15 developers. Achieved compliance 3 weeks ahead of deadline.

  • Consulted with customers to resolve escalated support issues and gather integration requirements.

  • Organized meetings with customers for escalated support issues or for integration requirements.

  • Led DevRel guild and hosted biweekly technical talks to share knowledge.

2020 — 2020
  • Managed a team of 5 mobile developers, overseeing all development processes end-to-end. Increased on-time task completion by 50% through strong project oversight.

  • Maintained InCommerce API and C# services for payments, delivery, etc. Cut average API response time from 1s to 300ms, improving performance by 300%.

  • Built Bizim Toptan API from scratch and deployed to production. Reduced development time by 2 months.

  • Delivered payment and notification microservices for Project Phantom. Managed deployments across production, staging, and QA. Resolved 35+ critical production issues, improving uptime by 20%.

  • Created multi-database diagram to organize customer modification requests, enhancing communication and coordination. Diagram still used today.

  • Led adoption of Scrum methodologies.

  • Gained hands-on experience with .NET/Core, MySQL, MS SQL, Azure, Jenkins, GitHub, Vagrant, Docker, and more. Contributed to 10+ customer projects using these technologies.

2019 — 2020
  • Enabled communication between multi-brand and in-house DSRC (Dedicated Short Range Communication) devices.

  • Implemented ETSI (European Telecommunications Standards Institute) standards for Intelligent Transportation System communication.

  • Developed a GUI application using Java for vehicle monitoring.

  • Developed On-Board-Unit (OBUs) and Road-Side-Unit (RSUs) applications using C and C++ for emergency vehicle, signal violation, roadwork, and collision risk warnings.

  • Worked as the sole software developer on the management console for the Long Range Acoustic Device (LRAD), also known as an ultrasonic cannon.

  • Contributed to the design of a fingerprint project for the government.



LoL AI is a simple app that uses the Ampt platform to create a simple application that enables you to play with different AI models.


Go module for Turkish Banks.


GitHub Actions that searches for given keyword in your codebase path like console.log etc.

Side Projects

  • Implemented hybrid API architecture on Google Cloud.
  • Dockerized services developed with .NET 5 and Express.
  • Fixed bugs on React Native application.
  • Managed one backend/devops and one mobile application developer.
  • Delivered MVP to founder of Bulbunu.


2017 — 2017


Startup School Future Founders from Y Combinator
Stack Overflow