BulgariTech builds secure, scalable software and trains the teams that run it. From AI systems to cloud infrastructure — designed with a security-first mindset.
- AI Engineering
- Security-first SDLC
- Cloud & DevOps
Engineers who treat security as a product feature.
BulgariTech is a senior team of AI, security, and platform engineers. We design systems that are secure by default — and we share what we know through hands-on trainings for the people building and running them.
Cryptography & Identity
From hardware-backed keys to passkey-first auth, we build trust primitives that hold up under audit.
Observability by default
Tracing, metrics, and structured logs are wired in on day one — production is never a black box.
Developer Experience
Typed contracts, golden paths, and tight feedback loops — so your engineers ship with confidence.
Engineering teams build what they trust.
Five engagement pillars covering the entire lifecycle — from research-grade AI to production cybersecurity and platform engineering.
- 01
AI Solutions
LLM apps, RAG systems, and model engineering you can trust.
We design and ship production-grade AI products — from retrieval-augmented assistants to bespoke fine-tunes — with evaluation, guardrails, and observability baked in from day one.
- LLM-powered applications & assistants
- RAG systems with private knowledge bases
- Custom model fine-tuning & evaluation
- MLOps pipelines & inference infrastructure
- 02
Cybersecurity
Offensive testing meets secure-by-default engineering.
Red-team experience hardens every layer of your stack. We run penetration tests, threat-model new systems, and embed security controls directly into the SDLC so you ship resilient software.
- Penetration testing & red teaming
- Threat modeling & risk assessments
- Secure SDLC and code review
- Incident response & forensics
- 03
DevOps & Cloud
Reliable platforms on AWS, Azure, and Kubernetes.
We build the runways your product needs — automated, observable, and cost-aware. Infrastructure as code, golden CI/CD pipelines, and SRE-grade observability with FinOps insight.
- Infrastructure as code (Terraform, Pulumi)
- CI/CD with progressive delivery
- Kubernetes platform engineering
- Observability, SLOs, and FinOps
- 04
Frontend Engineering
Next.js, design systems, and interfaces that perform.
Modern React applications crafted for accessibility, performance, and scale. We deliver design systems, server-rendered experiences, and obsessively measured Core Web Vitals.
- Next.js & React product engineering
- Design systems & component libraries
- Accessibility (WCAG 2.2 AA)
- Core Web Vitals & performance tuning
- 05
Backend Engineering
APIs, distributed systems, and data at the edge.
From real-time APIs to event-driven pipelines, we engineer backends that scale predictably and degrade gracefully — with typed contracts, strong observability, and zero-trust defaults.
- Typed APIs (REST, GraphQL, gRPC)
- Distributed systems & event pipelines
- Data engineering & analytics platforms
- Edge & serverless architectures
Built by operators, for teams that ship.
Every recommendation comes with running code, runbooks, and a real plan for the long-tail of operating it.
Experienced Engineers
Senior consultants with two decades of combined experience shipping AI, security, and platform systems for regulated industries.
Modern Technologies
Next.js, Python, Go, Kubernetes, Terraform — we choose proven, well-typed tools and avoid lock-in.
Security-first mindset
Threat modeling, secure SDLC, and supply-chain hardening are part of every engagement — not an afterthought.
Enterprise-ready solutions
SOC 2, ISO 27001, and GDPR-aligned engineering practices, with documentation your auditors will actually thank you for.
Software in production
Tap below to browse every project we design, build, and operate.
People you’ll actually work with.
Senior engineers, not staff augmentation. Every BulgariTech engagement is led by experienced operators who write the code, run the workshops, and own the outcome.
20
People on the team
Elena Marinova
Head of AI Engineering
Builds production LLM systems end-to-end — retrieval, evaluation, guardrails, and observability for regulated workloads.
Stoyan Dimitrov
Head of Security
Former red-team lead. Threat modeling, penetration testing, and secure-SDLC programs across fintech and healthcare.
Iva Petrova
Principal Cloud Engineer
Kubernetes platform engineer focused on golden paths, FinOps, and progressive delivery for multi-cluster production estates.
Martin Georgiev
Senior Backend Engineer
Distributed systems specialist — event-driven pipelines, typed APIs, and data platforms that scale predictably.
Ana Todorova
Training Lead
Designs hands-on curricula for engineering teams. Two decades of workshop delivery across the EU.
Nikolay Stoev
Senior AI Engineer
RAG, fine-tuning, and inference infrastructure. Ships LLM products with rigorous evaluation harnesses.
Mira Ivanova
Staff Frontend Engineer
Design-system specialist. Accessible React, Core Web Vitals obsessive, and tooling author.
Boris Nikolov
DevSecOps Engineer
Bridges security and platform engineering — supply-chain hardening, policy-as-code, and zero-trust deployments.
Yana Koleva
Engineering Manager
Coaches senior engineers, runs the discovery sprints, and keeps every engagement aligned with business outcomes.
Dimitar Hristov
Senior Penetration Tester
Offensive security specialist — web, cloud, and network red-team engagements with detailed remediation guidance.
Radoslava Angelova
MLOps Engineer
Productionises ML pipelines end-to-end — feature stores, model registries, eval harnesses, and continuous training.
Petar Iliev
Site Reliability Engineer
Owns SLOs, error budgets, and incident response. Loves observability stacks that surface real signal.
Tsvetelina Vasileva
Staff Data Engineer
Streaming pipelines, lakehouse architectures, and analytics platforms built for compliance from day one.
Lyubomir Pavlov
Senior Platform Engineer
Internal developer platforms — golden paths, paved roads, and developer experience that actually saves time.
Gergana Stancheva
Product Designer
Ships interfaces that respect users and codebases. Strong opinions on accessibility, motion, and design tokens.
Andrey Kostov
Senior Security Engineer
Application security, cryptography reviews, and secure code review programs at scale.
Veronika Atanasova
Compliance & GRC Lead
Translates SOC 2, ISO 27001, and GDPR into engineering practice — no theatre, just controls that fit the SDLC.
Hristo Mihaylov
Senior Full-stack Engineer
Comfortable from database schemas to React component trees. Typed contracts everywhere, edge runtimes optional.
Kalina Nedeva
Delivery & Engagement Lead
Keeps engagements on rails — scoping, communication, and the unglamorous work that makes great projects happen.
Avatars are illustrated portraits generated by DiceBear. Swap in real headshots whenever you’re ready.
Programs thatchange practice
notjust slides
Security
From €2,500
per 1-day cohort · up to 25 participants
DevOps
From €2,900
2-day workshop · lab cluster included
Corporate
Custom quote
Fixed fee after discovery call
Online
From €1,000
1-day live session · online or EU on-site
Hands-on, opinionated, and tailored to the systems your team actually runs — from secure coding to Kubernetes operations.
From €2,500
per 1-day cohort · up to 25 participants
Track 01From €2,500per 1-day cohort · up to 25 participantsSecurity Trainings
OWASP, threat modeling, and secure code review for engineers.
- Investment
- From €2,500per 1-day cohort · up to 25 participants
- Format
- 1–3 day intensive · hands-on labs
- Audience
- Engineers, tech leads, security champions
Outcomes
- Recognise and remediate OWASP Top 10 in real code
- Run lightweight threat modeling sessions
- Apply secure code review checklists
- Build a security-first engineering culture
From €2,900
2-day workshop · lab cluster included
Track 02From €2,9002-day workshop · lab cluster includedDevOps Trainings
Kubernetes, CI/CD, IaC, and production observability.
- Investment
- From €2,9002-day workshop · lab cluster included
- Format
- 2–4 day workshop · lab cluster included
- Audience
- Platform & DevOps engineers, SREs
Outcomes
- Operate production-grade Kubernetes clusters
- Design CI/CD pipelines with progressive delivery
- Author idempotent infrastructure as code
- Instrument services with SLOs and tracing
Custom quote
Fixed fee after discovery call
Track 03Custom quoteFixed fee after discovery callCorporate Workshops
Bespoke multi-day programs tailored to your stack.
- Investment
- Custom quoteFixed fee after discovery call
- Format
- Custom curriculum · 2–10 days
- Audience
- Whole teams, departments, or engineering orgs
Outcomes
- Curriculum designed around your codebase
- Outcomes mapped to business KPIs
- Optional follow-up coaching and reviews
- Executive read-out and team retro
From €1,000
1-day live session · online or EU on-site
Track 04From €1,0001-day live session · online or EU on-siteOnline & On-site
Flexible delivery wherever your team works.
- Investment
- From €1,0001-day live session · online or EU on-site
- Format
- Live online or on-site · EU & global
- Audience
- Distributed and co-located teams
Outcomes
- Live, interactive sessions with senior trainers
- Recorded modules for asynchronous review
- On-site delivery across the EU
- Time-zone friendly cohort options
The stack we trust in production.
Battle-tested tooling, proven across consultancy engagements, training labs, and our own products.
TypeScript
Python
Go
Rust
React
Next.js
Node.js
AWS
Azure
Google Cloud
Vercel
Docker
Kubernetes
Terraform
GitHub Actions
PostgreSQL
Redis
Apache Kafka
OpenAI
Hugging FaceBuilding on the best tools in the industry.
We integrate with the vendors and platforms that power modern software — cloud, observability, security, and AI infrastructure.
- Amazon Web Services
- Microsoft Azure
- Google Cloud
- Vercel
- Cloudflare
- HashiCorp
- GitHub
- GitLab
- Datadog
- Sentry
- Grafana
- Snyk
- Auth0
- 1Password
- OpenAI
- Anthropic
- Hugging Face
- Supabase
- MongoDB
- Elastic
Logos are the property of their respective owners and shown for identification only.
Quiet, expert work — heard from the people who hired us.
CTOs, security leaders, and platform directors from fintech, healthcare, energy, and SaaS — all with one thing in common.
“BulgariTech rebuilt our risk pipeline end-to-end. The team's depth on cryptography and distributed systems is genuinely rare — and they shipped six weeks ahead of plan.”
Elena Marinova
CTO · Northwind Financial
“We brought BulgariTech in for a red-team engagement and ended up keeping them on as our secure-SDLC partner. Every recommendation came with working code and clear metrics.”
Marcus Reinhardt
Head of Security · Halberd Cloud
“Their AI engineers understand the production side of LLMs — evaluation, guardrails, observability. We went from a brittle prototype to a real product in one quarter.”
Sara Lindqvist
VP of Engineering · Vektor Health
“The Kubernetes training program reshaped how our platform team operates. Hands-on, opinionated, and tuned to our exact stack — the best workshop we've ever run.”
Tomáš Horák
Director of Platform · Lumen Industrial
“BulgariTech's threat modeling sessions surfaced risks our internal team had missed for two years. The remediation roadmap they produced was clear enough to present directly to the board.”
Isabelle Fontaine
CISO · Arclux Energy
“Rarely do you find engineers who can speak to regulators in the morning and then tune a Kubernetes autoscaler in the afternoon. BulgariTech's team does both without blinking.”
Daniel Osei
Engineering Director · PrimeCare Systems
“They took our RAG prototype from 61% retrieval accuracy to 94% in eight weeks, then instrumented the whole thing with traces and dashboards before handoff. Outstanding.”
Yuki Tanaka
Head of AI Product · Synaptic Labs
“We engaged BulgariTech for a GDPR technical readiness review. Their engineers actually understand the regulation — not just the checkbox version. Invaluable for our Series B.”
Klara Johansson
Head of Engineering · Forma Commerce
Have a project, an audit, or a team that needs training?
Tell us what you’re building. We’ll reply within one business day with a concrete plan, references, and a fixed-fee proposal where it makes sense.