★ Google VRP Hall of Famer 2024

Carlo Gimpaya

Seasoned IT professional with expertise in enterprise systems, cloud infrastructure, and security research. Recognized by Google for responsibly disclosing critical vulnerabilities — an achievement earned by fewer than 1% of security researchers worldwide.

Download Resume
5+Years Experience
20+Projects Delivered
Top 5Google VRP 2024
3Companies Served

// who i am

About Me

Passionate IT professional bridging the gap between secure systems and business needs.

Google VRP Hall of Famer · Top 5 · 2024

I'm Carlo Gimpaya, an IT Systems Engineer based in Quezon City, Philippines. I combine deep technical expertise in software development, cybersecurity, and cloud infrastructure to design and deliver secure, scalable solutions for businesses of all sizes.

Recognized by Google for responsible vulnerability disclosure — an achievement earned by fewer than 1% of security researchers worldwide. I specialize in building enterprise systems from the ground up: HRIS platforms, SaaS applications, penetration testing frameworks, and data engineering pipelines.

My approach combines strong business analysis skills with technical execution — gathering requirements, architecting solutions, leading development, and ensuring security throughout every layer of the stack.

LinkedInGitHubBug Hunters Profile
Location

Quezon City, PH

Email

carlogimpaya@gmail.com

Education

BS Information Technology

College

Informatics College, 2020

Security Researcher

Google VRP Hall of Famer. Identified and responsibly disclosed critical vulnerabilities to Google.

Full Stack Developer

Built enterprise-grade systems: HRIS, POS, CRM, ticketing platforms, and SaaS applications.

Cloud & Infrastructure

AWS, Azure, VPS deployments, DNS/network management, server administration.

Data Engineering

PostgreSQL, SQL Server, data lakehouse architecture, ETL/ELT, and Power BI integration.

IT Consultant & Manager

Led end-to-end IT projects from business analysis and architecture through deployment and operations.

Certified & Recognized

Multiple industry awards including Employee of the Year and Most Outstanding Alumnus.

// career path

Work Experience

A track record of delivering enterprise solutions, leading IT operations, and building secure systems across multiple industries.

Jan 2026 – Present

IT Consultant / Founder

Falah Labs Technologies

Current
Clients:Elijah Construction Inc.E & C
  • Founded Falah Labs Technologies, an IT consulting firm delivering enterprise-grade software and infrastructure solutions.
  • Architected and developed a full HRIS platform for Elijah Construction Inc. supporting payroll, attendance, and reporting.
  • Designed SQL server database infrastructure with scalability, security controls, and audit logging.
  • Implemented biometric attendance ingestion pipelines and automated payroll rules engine.
  • Providing end-to-end IT consulting services to enterprise clients including E & C.
  • Established disaster recovery processes and enforced 3-2-1 backup strategy.
  • Defined system architecture, development standards, and security best practices.
HRISSQL ServerPostgreSQLSystem ArchitectureIT ConsultingPayroll SystemsDisaster Recovery
Jan 2023 – Dec 2025

Application Support Engineer / Data Engineer

Enshored Inc.

  • Provided L3 technical support for enterprise SaaS platforms including Oracle NetSuite.
  • Resolved complex technical issues across applications, databases, and infrastructure.
  • Served as application developer and escalation engineer for Zendesk IT ticketing platform.
  • Developed automation scripts using PowerShell within JumpCloud cloud environments.
  • Built automation via AppScript for Appsheet and Google Cloud environment.
  • Performed internal security vulnerability assessments and penetration testing.
  • Supported PostgreSQL and MySQL database administration.
  • Created technical documentation for troubleshooting procedures and workflows.
Oracle NetSuiteZendeskPowerShellAppScriptPostgreSQLMySQLJumpCloudL3 SupportPen Testing
2021 – 2023

Freelance Software Developer / IT Consultant

Catch Creative Labs

  • Delivered full-stack web applications and IT solutions for clients across government, education, and business sectors.
  • Developed QR-based attendance monitoring and e-voting systems for government and education clients.
  • Built POS, inventory, and business management systems tailored to client operations.
  • Consulted on document management systems and enterprise software architecture.
  • Managed end-to-end project delivery: requirements, development, deployment, and client training.
PHPJavaScriptMySQLQR SystemsE-VotingPOSConsultingFull Stack
Jan 2021 – Nov 2023

IT Head Administrator / Software Engineer

Thick & Thin Agri-Products Inc.

  • Managed company IT infrastructure including networking, servers, and cloud services.
  • Administered Google Workspace environment and enterprise software systems.
  • Developed internal business apps: inventory management, POS, and IT ticketing system.
  • Performed vulnerability assessments and security hardening across infrastructure.
  • Implemented automated backup systems and disaster recovery for servers and databases.
Network AdminGoogle WorkspacePOS SystemsInventory ManagementSecurity HardeningBackup Systems
2020 – 2021

DevSecOps Engineer

WG Technology Labs

  • Integrated development, security, and operations practices across software delivery pipelines.
  • Conducted security assessments, vulnerability testing, and code review for development teams.
  • Managed CI/CD pipelines and infrastructure automation for web applications.
  • Implemented security best practices and hardening measures across cloud and on-premise environments.
  • Collaborated cross-functionally between development, QA, and operations teams.
DevSecOpsCI/CDSecurity TestingInfrastructureAutomationCloud
2019 – 2020

IT Network and Systems Engineer

Sinag Technologies

  • Designed, deployed, and maintained network infrastructure for enterprise clients.
  • Administered servers, workstations, and IT systems across multiple environments.
  • Performed network troubleshooting, configuration, and optimization.
  • Managed hardware and software installations, updates, and life-cycle planning.
  • Provided technical support and documentation for IT systems and processes.
Network EngineeringSystems AdministrationTCP/IPServer AdminIT SupportInfrastructure

// what i've built

Projects

A selection of enterprise systems, security tools, and web applications I've designed and built for clients and organizations.

🏢
Enterprise Software
Featured
in-progress

Enterprise HRIS Platform

Full-scale Human Resource Information System for a construction company with payroll, attendance, and reporting.

PHPJavaScriptSQL Server+3
🛠️
SaaS Customization
Featured
completed

IT Ticketing & Support Platform

Custom Zendesk-based ticketing and escalation system for enterprise L2-L3 IT support operations.

ZendeskJavaScriptREST API+2
🌐
Web Application
Featured
completed

QR-Based Attendance Monitoring System

Real-time QR code attendance tracking system for government agencies and educational institutions.

PHPJavaScriptMySQL+3
🌐
Web Application
Featured
completed

E-Voting System

Secure digital voting platform for government and education sectors with audit trail and results management.

PHPJavaScriptMySQL+3
📱
SaaS Development
Featured
in-progress

CoreDesk / Company Core — CRM Platform

Custom CRM application for managing client relationships, pipelines, tickets, and business operations.

PHPJavaScriptPostgreSQL+4
💼
Business Software
Featured
completed

POS & Inventory Management System

Full-featured point-of-sale and inventory management system for retail and business operations.

PHPJavaScriptMySQL+3
⚙️
DevOps & Automation
completed

PowerShell Automation Suite

Enterprise automation scripts for JumpCloud cloud environments covering provisioning, monitoring, and compliance.

PowerShellJumpCloudCloud Automation+2
🔐
Cybersecurity
Featured
ongoing

Enterprise Security Assessment & Hardening

Penetration testing, vulnerability assessments, and security hardening for enterprise infrastructure.

Penetration TestingOWASPAPI Security+3
🔐
Security Research
Featured
completed

Google VRP — Critical Vulnerability Disclosure

Responsibly disclosed critical vulnerabilities to Google, earning recognition in the Google VRP Hall of Fame 2024.

Bug BountyGoogle VRPResponsible Disclosure+2
📱
Automation
completed

Google AppScript & AppSheet Automation

Workflow automation connecting Google Workspace, AppSheet apps, and cloud services.

AppScriptAppSheetGoogle Workspace+3

// toolbox

Skills & Technologies

A comprehensive toolkit built across software development, cybersecurity, cloud infrastructure, and enterprise systems.

💻

Software Development

PHPJavaScriptTypeScriptPythonSQLHTML/CSSTailwind CSSREST API DesignFull Stack Web DevelopmentSaaS DevelopmentMulti-Tenant ArchitecturePostgreSQLSupabaseAuthentication SystemsGit / GitHubCRUD Systems
🔐

Cybersecurity

Penetration TestingVulnerability AssessmentAPI Security TestingOWASP AwarenessAuthentication SecuritySPF ConfigurationDKIM ConfigurationDMARC ConfigurationEmail SecuritySecurity HardeningAccess Control ReviewCAPTCHA ImplementationPostman Security TestingOffensive SecuritySecurity Validation
☁️

Cloud & Infrastructure

AWS (EC2, S3, Redshift)Microsoft AzureVPS DeploymentServer AdministrationDNS ManagementDomain ManagementGoogle CloudJumpCloudEmail InfrastructureSMTP ConfigurationNetwork TroubleshootingTCP/IPVPNFirewall
🛠️

Systems & Tools

Oracle NetSuiteZendeskGoogle Workspace AdminZKTeco (Biometric Systems)JumpCloudZapier AutomationMailchimpActiveCampaignJaneAppPowerShellAppScriptAppSheetPower BICCTV & Surveillance Systems
📊

Data & Analytics

PostgreSQLMySQLMS SQLData ModelingERD DesignETL / ELT ConceptsData Lakehouse ArchitectureMedallion ArchitectureData Warehouse PlanningBusiness Intelligence ArchitecturePower BIAPI Data IngestionData Migration PlanningRelational Database Design
📋

Project Management & Business Analysis

Agile MethodologyWagile MethodologyRequirements GatheringBRD CreationFunctional Requirements AnalysisGap AnalysisProcess MappingStakeholder ManagementUse Case DevelopmentProject DocumentationVendor CoordinationClient ManagementBudget PlanningRisk AssessmentTechnical Team Leadership
🏢

Enterprise Systems

HRIS DevelopmentPayroll SystemsCRM PlatformsHelpdesk SystemsTicketing PlatformsInventory Management SystemsAttendance SystemsEmail Automation PlatformsMIS DevelopmentSaaS Architecture DesignMulti-Tenant ArchitectureHigh Availability PlanningDisaster Recovery Planning3-2-1 Backup Strategy

// recognition

Awards & Certifications

Credentials and recognition earned through technical excellence, security research, and professional contributions.

🏆2024

Google VRP Hall of Famer 2024

Google

Recognized by Google for responsibly disclosing critical security vulnerabilities through the Vulnerability Reward Program. A rare achievement earned by fewer than 1% of security researchers worldwide.

View Hall of Fame
🎓2024

Associate Data Engineer in SQL

DataCamp

Professional certification in SQL-based data engineering, covering data pipelines, warehousing, and database optimization.

🔐2021

Ethical Hacking: Web Servers & Applications

EC-Council / Online Platform

Certification covering web server and application penetration testing techniques, security assessment methodologies.

2022

Most Outstanding Alumnus Award

Informatics College

Recognized as the most outstanding alumnus of Informatics College for contributions to the IT industry and community.

🥇2022

Employee of the Year Award

Thick & Thin Agri-Products Inc.

Recognized as Employee of the Year for exceptional performance, technical leadership, and contributions to the company's IT transformation.

// featured achievements

Community Recognition

🏆
Facebook

Google VRP Hall of Fame Recognition

Featured post about being recognized in the Google Vulnerability Reward Program Hall of Fame.

View post
🔐
Facebook

Security Research Achievement

Post highlighting security research and vulnerability disclosure achievements.

View post
Facebook

IT Community Recognition

Recognition post from the IT community for technical contributions and expertise.

View post
🎯
Facebook

Professional Milestone

Announcement of a major professional milestone in IT and cybersecurity career.

View post
📣
Facebook

Community Feature Post

Featured by the IT community for outstanding contributions in security research.

View post

// client feedback

Testimonials

What clients say about working with me on their projects.

Carlo delivered an outstanding HRIS platform that completely transformed how we handle payroll and attendance. His attention to detail, security-first approach, and ability to translate complex business requirements into a seamless system exceeded all expectations.

Client Name

Project Stakeholder · Elijah Construction Inc.

The QR-based attendance and e-voting system Carlo built for us was exactly what we needed. Reliable, secure, and easy to use. He was professional throughout the entire project and delivered on time.

Client Name

IT Officer · Government Agency

Our POS and inventory system has made daily operations so much smoother. Carlo understood our business needs perfectly and built a solution that saves us hours of manual work every day.

Client Name

Business Owner · Retail Business

* Client names anonymized for privacy. Real testimonials available upon request.

// thoughts & insights

Blog

Technical write-ups, security research, IT insights, and lessons learned from the field.

// get in touch

Contact Me

Available for freelance projects, consulting engagements, and collaboration opportunities.

Whether you need a custom software system, security assessment, cloud infrastructure setup, or IT consulting — I'd love to hear about your project.

Location

Quezon City, Philippines

Find me on

Available for Work

Open to freelance projects, consulting engagements, and full-time/contract opportunities. Response time: within 24 hours.