Bio
Independent DevSecOps since 2015. Scaling stuff, tracking down hot code paths and hunting vulnerabilities always get me excited.
I'm known to be an automation addict and a tireless traveler.
Skills
- Blueteam
- Threat intelligence
- Intrusion detection
- Incident response
- Forensics
- Redteam
- Assessment
- Network analysis
- Vulnerability research
- Malware engineering
- Automation
- Docker
- Kubernetes
- Infra as a Code
- CI/CD
- Development
- Python
- C/C++
- Cryptography
- ASM
Education
IT Engineer from École des Mines d'Albi-Carmaux (2009)
Languages
- French (Native)
- English (Full proficiency)
- Spanish (Full proficiency)
- Arabic (Survival)
Interests
- Travel
- Climb
- Surf
Experience
DevSecOps Engineer
Freelance, Sept. 2015 - Now
Completed various DevOps and SecOps missions.
- Designed continuous deployment pipelines
- Set up log collection and monitoring architectures
- Pentested external and internal infrastructures
- Responded to cybersecurity incidents
Security Operation Center specialist
BNP Paribas, Feb. 2018 - Sept. 2020 (2.5 years)
Manage SOC use cases and engines and handle level 3 incident response.
- Improved SOC detection and reaction capabilities in Paris
- Deployed new SOC in New-York and Singapore
- Defined new reaction plans
- Run investigation and forensic analysis
- Participated in redteam exercises and threat hunting
Chief Information Security Officer and DevOps
Startin'blox, Jan. 2018 - Nov. 2021 (3 years part-time)
Ensure assets protection and code validation.
- Built the components validation pipelines
- Built the provisionning and monitoring platforms for production
- Researched on decentralized system security (SOLID OIDC)
Cybersecurity R&D expert
French Ministry of Defense, Nov. 2012 - Sept. 2015 (3 years)
Design stealth communication devices.
- Realized strong security products with embeded linux
- Implemented custom cryptography in C
- Developed and maintained a Public Key Infrastructure
Lecturer on Information Security Management System
Ecole des Mines d'Albi-Carmaux, 2011 - 2015 (5 hours / year)
Teaching risk analysis and security management processes to engineers.
- Wrote conference materials
- Lectured in amphitheater
Head of Operational Security
French Ministry of Finance, Oct. 2009 - Oct. 2012 (3 years)
Ensure the safety of economic intelligence information.
- Led a team of 5 SecOps specialists
- Secured interconnections between departement networks
- Managed incident response
- Designed and tested the disaster recovery plan
- Manage DNS servers, firewalls and proxies
Deputy Information Security Officer
French Ministry of Defense, Feb. 2009 - Sept. 2009 (8 months)
Homologate the interconnection network and simulation platform for scientific computing.
- Analyzed security risks by EBIOS method
- Wrote an approval application for each subsystem
- Audited the critical elements