Plup

Bio

Independent DevSecOps since 2015. Scaling stuff, tracking down hot code paths and hunting vulnerabilities always get me excited.

I'm known to be an automation addict and a tireless traveler.

Skills

Blueteam: Threat intelligence; Intrusion detection; Incident response; Forensics

Redteam: Assessment; Network analysis; Vulnerability research; Malware engineering

Automation: Docker; Kubernetes; Infra as a Code; CI/CD

Development: Python; C/C++; Cryptography; ASM

Education

IT Engineer from École des Mines d'Albi-Carmaux (2009)

Languages

French (Native)
English (Full proficiency)
Spanish (Full proficiency)
Arabic (Survival)

Interests

Travel
Climb
Surf

Experience

DevSecOps Engineer

Freelance, Sept. 2015 - Now

Completed various DevOps and SecOps missions.

Designed continuous deployment pipelines
Set up log collection and monitoring architectures
Pentested external and internal infrastructures
Responded to cybersecurity incidents

Metasploit
Forensics
ELK
Ansible
Docker
Kubernetes
Gitlab CI
Prometheus
Python
GCP

Security Operation Center specialist

BNP Paribas, Feb. 2018 - Sept. 2020 (2.5 years)

Manage SOC use cases and engines and handle level 3 incident response.

Improved SOC detection and reaction capabilities in Paris
Deployed new SOC in New-York and Singapore
Defined new reaction plans
Run investigation and forensic analysis
Participated in redteam exercises and threat hunting

Malware eradication
Threat hunting
Forensics
SIEM
SOAR
ELK
Python
Ansible

Chief Information Security Officer and DevOps

Startin'blox, Jan. 2018 - Nov. 2021 (3 years part-time)

Ensure assets protection and code validation.

Built the components validation pipelines
Built the provisionning and monitoring platforms for production
Researched on decentralized system security (SOLID OIDC)

CI/CD
Prometheus
Cryptography
Web components
Ansible
Python

Cybersecurity R&D expert

French Ministry of Defense, Nov. 2012 - Sept. 2015 (3 years)

Design stealth communication devices.

Realized strong security products with embeded linux
Implemented custom cryptography in C
Developed and maintained a Public Key Infrastructure

Cryptography
Embeded linux
Double VPN
PKI
Android
C/C++
Java
Python
Smartcard

Lecturer on Information Security Management System

Ecole des Mines d'Albi-Carmaux, 2011 - 2015 (5 hours / year)

Teaching risk analysis and security management processes to engineers.

Wrote conference materials
Lectured in amphitheater

ISSP
ISO 27005
Teaching

Head of Operational Security

French Ministry of Finance, Oct. 2009 - Oct. 2012 (3 years)

Ensure the safety of economic intelligence information.

Led a team of 5 SecOps specialists
Secured interconnections between departement networks
Managed incident response
Designed and tested the disaster recovery plan
Manage DNS servers, firewalls and proxies

Management
Risk assessment
Disaster Recovery
Splunk
Firewall
VPN
DLP
BYOD

Deputy Information Security Officer

French Ministry of Defense, Feb. 2009 - Sept. 2009 (8 months)

Homologate the interconnection network and simulation platform for scientific computing.

Analyzed security risks by EBIOS method
Wrote an approval application for each subsystem
Audited the critical elements

Risk assessment
Compliance
Technical writing