WORK EXPERIENCE
Senior Offensive Security Engineer - Form3
I am part of the small offensive security team. Overall my mission is to create new ways to consistently feed the risk framework of Form3 with novel and relevant vulnerabilities.
Among my direct responsibilities:
- Providing Go, AppSec and Kubernetes expertise for the offensive approach of our product
- Continuous review, pentesting, and offensive technics against our Kubernetes clusters
- Ongoing and annual pentesting for our 3 clouds platform: AWS, Azure, GCP
- Automation of our internal processes and speed up our vulns reporting and verification processes
- Creating new internal tooling for automation, which uncovered new areas for novel vulnerabilities
- Monthly self research for new vulnerabilities, Tactics Techniques and Procedures
Our product is at the moment, the most resilient (multi-cloud), secured and high volume transactions platform for in FinTech: 3 clouds offers (AWS, GCP &Azure ), Go, Kubernetes, GitOps, Infrastructure as Code.
Technical and Security Lead - REKON
Via my freelancing entity REKON, I offer concrete and extensive hands-on experience at various levels for challenging projects using Go; team practices and testing strategies; product technical design, architecture and infrastructure; security audits and help in threat modeling.
Candy from Jan / November 2022
Working with Candy on their NFT platform that offers a first and second marketplace, and gamification of sports items
- Make SQL DB support multi-brands, full gamification API & logic for NFT
- Handle surface and perimeter security of the deployed platform and product
- New full marketplace search, third parties integration, as well as the everyday sprint stories
- New Go code testing practices and introducing testing APIs, adopted quickly by the backend team
- Constant and full reviews of all incoming PRs, pairing and mentoring: for a new batch of 5 new Go junior developers freshly hired + existing Candy backend developers
- Dev experience: key simplification/improvements for local platform bootstrap/run
- Devops: build an encrypted delivery pipeline to locally integrate real production data for developers
- Blockchain: patches on our Ethereum bridge
Improbable from May / November 2021
Working with Improbable to implement collectively a brand new and modern orchestration platform for the multi-players industry
- Develop a mechanism for deploying, running and scaling customer-provided Docker images in Kubernetes clusters
- Use combination of existing open-source tooling and bespoke software
- Implement Kubernetes controllers (operator pattern), GRPC APIs and AWS Lambda functions
Principal Engineer - Doctolib
Immersion in various teams to provide targeted implementations, solve technical & performance issues, and audit various internal systems (customized internal CI built on Kubernetes, SMS sending pipeline).
Technical and Security Lead Contractor - Rockside (Backend, Ethereum, Security, Infrastructure & Architecture)
Core Go
- Overall re-architecturing/designing/organizing of our Go code base (importantly done along the way and not as a rewrite!)
- Team development of a new Ethereum relayer and adjoining Ethereum Solidity contracts (ex: EIP-712, proxy, factory, meta transactions)
- Designing the DB models and interactions (Mongo and PostgreSQL)
- Implementing and introducing various level of sound testing: unit, integration and acceptance
- Leveraging the library go-ethereum to simplify and make our code base more typed hence more robust and scalable
- Teaching and implementing new team, development practices
DevOps
- Meeting the required and short deadline for creating from scratch 3 full new environments and infrastructure for our new platform
- New CI/CD pipeline with a brand new original component bringing simplified automation.
Security
- Defining a sound yet simple security model for the infrastructure and our operational side of it
- Security audit of our wallet component before ANSSI review
- Regularly teaching development security practices and auditing our codebases
Others
- Implementing a pragmatic internal dashboard to understand our data
- Implementing open source projects using our new Ethereum relayer for visibility
Technical and Security Lead Contractor - Edulib (Backend, Infra, Scalability & Security)
- Technical and security audit: backend code, infrastructure, development practices, tooling, etc.
- Complete transfer under my sole responsibility of the code & platform (from the historical provider and implementor)
- Expose, document and explain current scalabilty and security issues with ad hoc threat modeling
- Lay out plan and strategies for scaling, securing and improving the product
- Fix historical concurrency bugs in the Edulib Production Studio in view of the upcoming deadlines with Albin Michel, Belin, etc.
- Port internal Edulib services to a newly created standardized and more secured AWS infrastructure
- Implement monitoring of internal services using in part Prometheus
- Introducing the Go language in production: writing new necessary modules and pair programming with developers
- Put in place new security procedures as well as small iterative and agile processes for the reduced technical team and the transition period
- Ensure transition and transfer of knowledge for new hires
Technical and Security Lead Contractor - Hivebrite (Security, Infra & Middleware)
- Leading the security external review and implementing security controls for the Hivebrite platform
- Point of contact and liaising with customers on security issues
- Starting a SecOps team: threat modeling, audits, continuous security, tools and processes, version upgrade of key components
- Implement the solution to port and scale Hivebrite to a global multi-region platform
- Migrate, rewrite modules/services to the Go language for performance, operational clarity and simplicity
- Implementation of a new PubSub Go server to avoid traffic contention
- Global streamlining and rationalization of the Hivebrite infrastructure
- Introduce the Go language with workshops, pair programming and evangelization
- Help and coach to improve agile processes.
Security Lead - Security firm WALLIX
- Lead implementor and architect of the open source Golang projects: awless (on AWS internals) won Stackshare top 50 developers tools 2017, InfoWorld Bossie Awards 2017 category best cloud computing software
- triplestore fluent library & in memory store to manage, query and store RDF triples.
- Security engineering with the implementation of the Golang SDK for the DataPeps an end-to-end encryption WALLIX product
- Audits and reviews of the security of internal products: WALLIX Bastion, DataPeps server, etc.
Principal Backend Scalability Engineer - Streamroot
Talk (Slides | Video) on my work at Streamroot for Technical Paris Meetup: Go and Platform for Realtime processing
- Backend architecture, design & scaling; complete rewrite of a platform in Go
- Provide a new realtime processing pipeline for video data & customer metrics (Kafka)
- Automate cloud migration AWS/Azure; simplifying app deployments
- Implement XP practices; supervise scrum process for our SaaS product
Platform Engineer - PrePlaySports
- In charge of a real time & social platform to allow sport's fan predictions on live games
- Implement adjoining gamification modules, API & services
- Collaborate in Features Teams with iPhone, Android and Web developers
Lead Developer Ruby Contractor - Finexkap
Building a minimum viable product of a web portal verifying customers eligibility for financial factoring.
Ruby Developer Contractor - Hivebrite
Implementing full stack features for an application for private alumni communities. The online product is a white label for business & schools.
Senior Agile Software Consultant - Xebia
Mission as a Xebia consultant:
- At Libon: Extreme programming and team lead for an overall refactoring with ongoing features of a live platform enabling chat, voicemail, messaging & free calls. Consumed by iPhone, Android and web browser.
Within Xebia firm:
- Official Xebia trainer giving workshops, mentoring and training on: XP, TDD, BDD, Refactoring, Craftmanship
- Published articles written for Xebia (TDD, Craftmanship, etc.)
- Member of the Craftmanship lead
- Member of the Xebia's recruitment team to hire Xebia consultants
Agile Software Developer - Virgin Media (London)
Implementing back-end features for the Virgin e-commerce website offering broadband and adjacent services.
Agile Software Developer - Factset (London)
Overall refactoring with ongoing features of an online Outlook-like service for fund managers and investors.
J2EE Developer - Orbian (London)
Working on the back and front end of a supply chain finance platform that provides business-to-business finance and payment solutions.
GUI Developer & System Designer - Petards (London)
Solo work to create a full in-car detection and alerting system prototype for an upcoming European commission trial.