Slobodan "Bob" Horvat

Architect and enforce security across Private Cloud (bare-metal, OpenStack) and AWS, with Kubernetes as the primary workload platform. Lead infrastructure security reviews and threat-model new product designs. Deployed Zero Trust micro-segmentation using Illumio in Private Cloud. Engineered ModSecurity WAF as a Kubernetes sidecar. Operate and tune endpoint and cloud security tooling: Palo Alto Cortex XDR, CrowdStrike Falcon, Wiz Sensor, and Wiz Advanced.

Spearheading security for agentic LLM deployments across the enterprise AI platform. Define guardrails and evaluation harnesses to assess LLM models for security compliance, prompt injection resistance, and data leakage. Apply the OWASP LLM Top 10 framework to AI workload threat modelling and red-team exercises.

Expanded Zero Trust coverage across Private and Public Cloud. Drove the infrastructure security review programme and developed security design patterns adopted platform-wide.

Joined Workday Security Engineering. Hardened Private Cloud (bare-metal, OpenStack) and AWS infrastructure. Conducted security assessments and contributed to the team's design-review methodology.

Led network and security engineering for an automotive aftermarket distributor with 100+ branch locations. Architected and operated the full server estate (Windows, Linux, VMware). Designed private cloud on VMware 5/6 and orchestrated phased migration to AWS S3/EC2, Azure, and Digital Ocean. Administered MS SQL 2008/2012 with AlwaysOn HA cluster backing Navision ERP. Developed a C# DLL integrating EFT POS terminals directly with the ERP system.

Engineered and maintained network connectivity for a retail bank spanning 30+ branches, 2 NOCs, and 100+ servers. Designed corporate LAN segmentation (VLANs, routing). Deployed and managed UTM platforms (Fortigate, Palo Alto). Operated ATM/Frame Relay WAN links on Cisco 800–3600 series. Administered Swift infrastructure.

Built the company NOC from the ground up for a telecom service integrator. Deployed and hardened Linux servers (Debian, RedHat, Suse) with iptables, VPN, and IDS. Instrumented network monitoring via SNMP/MRTG. Administered Oracle 8i/9i RAC. Automated operations with Bash, Python, and Perl.

Part of the core ISP team operating a multi-technology network (Frame Relay, ATM, DSL) across Cisco, RAD, and Zyxel platforms. Implemented MPLS and VPN services. Supervised NOC equipment health via SNMP. Delivered a Call Center solution on Intel Dialogic and Cisco Call Manager.

Administered Novell Netware servers and IPX/SPX network for a manufacturing plant. Designed TCP/IP transition to replace legacy IPX/SPX. Produced design guides and documentation for Scala ERP rollout. Developed a G-Code application for a 5-axis CNC mill producing industrial feed screws.

Ported a CA-Clipper DOS POS system to CA-Visual Object (Windows) for a major supermarket chain in Hamburg. Integrated a CTI application with an Oracle database.

Delivered Novell Netware (IPX/SPX) network solutions for SMB clients. Built CA-Clipper financial software for accounting and banking. Designed Oracle databases and wrote PL/SQL for core banking software. Implemented the company's first CTI system with IVR and ACD on Intel Dialogic.

Čakovec, Croatia. Specialised technical high school with computer labs and programming courses. Foundation in computer science, electronics, and networking.