Marek Haičman is a Product Owner and former senior quality engineer with 11 years' experience in security-focused engineering and test automation, currently based in Brno. At Red Hat he progressed from Quality Engineer working on OpenSCAP and RHEL security compliance to leading the product direction of related subsystems, blending hands-on QA and product stewardship. His open-source contributions include test automation and security hardening for widely used projects like OpenSCAP and ComplianceAsCode, where he implemented remediation scripts and protocol checks (SSH/Kerberos). Comfortable with Python, Bash and CI-driven tooling from his earlier telecom and systems work, he specializes in turning compliance requirements into automated, auditable fixes. Colleagues know him for bridging deep technical detail with pragmatic product decisions, often uncovering subtle test and architecture issues that improve release confidence.
11 years of coding experience
8 years of employment as a software developer
Bachelor's degree, Mathematics and Informatics with view of education, Bachelor's degree, Mathematics and Informatics with view of education at Masarykova univerzita Brno
Security automation content in SCAP, Bash, Ansible, and other formats
Role in this project:
Security Engineer
Contributions:6 reviews, 222 commits, 147 PRs in 5 years 8 months
Contributions summary:Marek primarily focused on security hardening and automation within the repository. Their contributions include fixing typos in remediation scripts to ensure proper GPG key installation, implementing basic checks for SSH and Kerberos authentication, and refactoring snapshot names and domain configurations within a test suite. They also contributed to a new script for profile-based remediation, indicating a focus on automated security compliance checks.
Contributions:30 commits, 17 PRs, 7 pushes in 3 years 6 months
Contributions summary:Marek primarily contributed to the testing of the OpenSCAP toolkit. They implemented tests for features such as the separation of stdout and stderr streams in the SCE module, XCCDF evaluation with absolute OVAL paths, and generation of fix scripts in various scenarios, including those involving CPE. The user also addressed architectural issues by fixing sysctl tests for s390 architecture and improved the clarity of existing guide tests.
nistdata-streamxccdfovalsecurity
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.