SUMMARY

For two decades, I've collaborated to create, secure, and launch robust, scalable software solutions and platforms across diverse teams and industries in global hubs including Sydney, London, New York, and Paris. I have a passion for the Go ecosystem which I have been deploying in production for the last 12 years. I teach production Go through my own hands-on workshops based on real life content. My expertise also extends to security where I provide tooling, automation and consultancy (here is a dedicated page filtering on security work only).

On a daily basis, I
  • Design, build and deploy large platforms, high-volume services/APIs/backend, tooling, automation and pipelines
  • Lead, manage and scale heterogeneous teams, advanced projects and recruitment processes
  • Oversee and evaluate the security of software products, APIs, applications, platforms and infrastructure
  • Teach, train and evangelize Go, Security and eXtreme Programming techniques
Industries I worked for
  • Finance & Fintech, P2P streaming platform, Sports & Gaming
  • Cybersecurity, Internet Service Provider, Insurance, E-Learning
  • NFT, Blockchain (Ethereum), Social Networking
Positions I Held
  • Principal Engineer, Principal Scalability Engineer, Platform Engineer, Technical Lead, Staff Engineer
  • Senior Offensive Security Engineer, Security Lead Engineer, DevSecOps Engineer
  • Lead Rails Developer, Senior Agile Java Developer, Backend Developer, Scrum Master, Agile & XP Coach
Practices I favor
  • Pragmatism, Simplicity, Know your tools, Don't break the customer/user
  • Collective code ownership, Test-driven development, Pair programming, Continous refactoring
  • Egoless programming, Lead by example, Inclusive Teams
Go (12 years in Production) Kubernetes AWS, GCP, Azure Platform Engineering Offensive Security Software Architecture/Design DevSecOps DevExperience Automation Scalability
Team Lead Tech Lead Technical Writing Mentorship Agile Methodologies Scrum Master Extreme Programming Coach
Go Fuzzing ML AppSec CloudSec CNCF Containers KubeInternals Blockchain Ethereum DevEx TDD ExtremeProgramming

EDUCATION

OPEN SOURCE

Most of my engineering, blockchain and security work has been done in privately owned repositories. But here are some open code projects I can show.

Also, my GitHub profile

ENTREPRENEURIAL

Via my own freelance entity REKON, I provide software architecture, security consultancy, and automation. Here is what some companies have said about my security work and consultancy:

“Simon's security audit on our wallet component saved us money before going to any ANSSI certification.” - Fred de Matos - VP of Engineering, Rockside
“Rekon tools and analysis allowed Edulib to detect and remove a open redirect to a phishing website.” - Emilie Barreau - Director, Edulib
“Rekon gave us a complete overview of our public infrastructure so that we could simplify greatly its architecture and remove obsolete resources” - Eric Herve - CTO, Edulib
“We have strengthened and formalized our SDLC thanks to Simon. It enabled us to bump the security of our processes and set-up tools to ensure it stays secured” - Jeff - Security Engineer, Hivebrite

WORKSHOPS & TRAINING

I provide advanced Go workshops for engineers. Here is what developers say about them:

"Well balanced hands-on intro to Go with clear explanations and instructions. Overall, learned a lot and had fun!" - Developer at YLD
"Great balance of demonstrations vs practice, which worked well for a remote workshop." - Developer at YLD
"10 out of 10!" - Developer at YLD
"Très intéressant. Formateur très pro." - Developer at Ankama
"Bonne ambiance. Enrichissant. Permet de pratiquer différement." - Manager at Email Vision
"Beaucoup d'expérience perso sur le sujet avec un certains nombres d'anecdotes à remonter pour illustrer le sujet." - Developer at Amadeus
"Très instructif. Nouvelle vision sur les process de développements." - Developer at Email Vision
"Rien à redire. Présent. Disponible. À l'écoute." - Developer at Ankama

WORK EXPERIENCE

Staff Engineer & Individual Contributor - FlexAI

Our product ensures AI Workloads as a Service (WaaS) that dynamically scales, adapts, and self-recovers ensuring runs on sound infrastructure in regards to speed, cost, and reliability

  • Platform engineering, Architecture, Security management (SOC2, GDPR, etc.), Go implementation, Kubernetes, and Infrastructure.

Senior Offensive Security Engineer & Platform Engineer- Form3 (UK)

Our product is one of the most resilient, multi-cloud, high-volume transactions platforms in FinTech. It spans 3 clouds (AWS, GCP & Azure ) using Go, Kubernetes and Infrastructure as Code, with more than 60 internal services/middlewares/gateways and third-party integrations. Customers using our APIs: Loyds banking Group, Mastercard, Barclays, Stripe, JP Morgan, Nationwide, GoCardless, etc.

Part of the small offensive security team. Overall, my mission is to create new ways to consistently feed the risk framework of Form3 with novel and relevant vulnerabilities.

Direct responsibilities as Senior Offensive Security Engineer:

  • Provide expertise on Go, AppSec, CloudSec, and Kubernetes for our infrastructure, products, and services
  • Scale, improve and revamp our team's internal processes and vulnerabilities capture workflow
  • Ongoing review, pentesting of all services/middlewares, our 3 clouds subscriptions (AWS, Azure, GCP) and third party integrations (FeedzAI, Microsoft Copilot, etc.)
  • Create new and original reliable Go tooling for automation and discovery, exposing new areas for novel vulnerabilities
  • Research on new topics, vulnerabilities, bypasses, attack paths, TTP (Tactics Techniques and Procedures) relevant to our platform

Direct responsibilities as part of the Customers API team:

  • Daily design, development, and deployment of the large Go backend for the customer API
  • Introduce newly designed production Go services from scratch: an API event replayer, Kubernetes Job controls verifiers, etc.
  • Provide a continued stream of simplifications, improvements and refactor on codebase while maintaining delivery deadlines.
  • Create engineering proposals (company-wide) to increase awareness and change on specific topics
  • Bring Go and Test Driven experience, as well as my security background during implementation (i.e. threat modeling)
  • On call duty for the production platform, defining our SLO/SLI and weekly liaising with SRE

Freelance for UK/US companies (Security, Architecture, Development, Infra)

Via my own entity REKON, I offer concrete and extensive hands-on experience at various levels for challenging projects: design, build, architecture and infrastructure; security audits and threat modeling.

Candy (US) from Jan / December 2022

Working with Candy on their NFT Go platform that offers a first and second marketplace, and gamification of sports items

  • SecOps: build from scratch an encrypted delivery pipeline to locally integrate real production data for developers
  • Handle surface and perimeter security of the deployed platform and product
  • Make SQL DB support multi-brands, full gamification API & logic for NFT
  • New full marketplace search, third parties integration, as well as the everyday sprint stories
  • New code testing practices and introducing testing APIs, adopted quickly by the backend team
  • Dev Experience: key simplification/improvements for local platform bootstrap/run
  • Blockchain: patches on our Ethereum bridge
  • Constant and full reviews of all incoming PRs, pairing, and mentoring: for a new batch of five new Go junior developers freshly hired and existing Candy backend developers
Improbable (UK) from May / December 2021

Working with Improbable to implement collectively a brand new and modern Go orchestration platform for the multi-players industry

  • Initial security assets assessment and inventory of the product: perimeter, ratio of obsolete sowftares, cryptography used, etc.
  • Implement Kubernetes controllers (operator pattern), GRPC APIs, and AWS Lambda functions
  • Develop a mechanism for deploying, running, and scaling customer-provided Docker images in Kubernetes clusters
  • Use a combination of existing open-source tooling and bespoke software
Doctolib (Paris) from December 2020 / May 2021

Working with Doctolib within various teams to:

  • provide targeted implementations, solve technical and performance issues
  • audit various internal systems: customized internal CI built on Kubernetes, SMS sending pipeline, etc.

Contractor Technical Lead - Rockside (Development, Design, Ethereum, Blockchain, Security, Infra & Architecture)

Security
  • Defining a sound yet simple security model for the infrastructure and our operational side of it
  • Security audits of our various component notably our wallet before ANSSI review
  • Regularly teaching development security practices and performing continuous audit of our codebases and infrastructure
Core

  • Overall re-architecturing/designing/organizing of our Go codebase (importantly done along the way and not as a rewrite!)
  • Team development of a new Ethereum relayer and adjoining Ethereum Solidity contracts (ex: EIP-712, proxy, factory, meta transactions)
  • Designing the DB models and interactions (Mongo and PostgreSQL)
  • Implementing and introducing various levels of sound testing: unit, integration, and acceptance
  • Leveraging the library go-ethereum to simplify and make our code base more typed hence more robust and scalable
  • Teaching and implementing new team, development practices

DevOps

  • Meeting the required and short deadline for creating from scratch 3 full new environments and infrastructure for our new platform
  • New CI/CD pipeline with a brand-new original component bringing simplified automation.

Others
  • Implementing a pragmatic internal dashboard to understand our data
  • Implementing open source projects using our new Ethereum relayer for visibility

Contractor Technical Lead - Edulib (Design, Development, Security, Infra, Scalability)

  • Technical and security audit: backend code, infrastructure, development practices, tooling, etc.
  • Complete transfer under my sole responsibility of the code & platform (from the historical provider and implementor)
  • Expose, document, and explain current scalabilty and security issues with ad hoc threat modeling
  • Lay out plan and strategies for scaling, securing, and improving the product
  • Put in place new security procedures as well as small iterative and agile processes for the reduced technical team and the transition period
  • Ensure transition and transfer of knowledge for new hires
  • Port internal Edulib services to a newly created standardized and more secured AWS infrastructure
  • Fix historical concurrency bugs in the Edulib Production Studio in view of the upcoming deadlines with Albin Michel, Belin, etc.
  • Implement monitoring of internal services using in part Prometheus
  • Introducing the Go language in production: writing new necessary modules and pair programming with developers

Contractor Technical Lead - Hivebrite (Design, Development, Security, Infra & Middleware)

  • Global streamlining and rationalization of the Hivebrite infrastructure
  • Implement the solution to port and scale Hivebrite to a global multi-region platform
  • Migrate, rewrite modules/services to the Go language for performance, operational clarity, and simplicity
  • Implementation of a new PubSub Go server to avoid traffic contention
  • Introduce the Go language with workshops, pair programming, and evangelization
  • Help and coach to improve agile processes.
  • Initial security assessment with swift follow up actions taken to ensure a baseline security for our non production environments
  • Leading the security external review and implementing security controls for the Hivebrite platform
  • Security compliance point of contact and continuous liaison for our customers (Microsoft, etc.) regarding standardization and compliance: ISO, GDPR
  • Starting a SecOps team: threat modeling, audits, continuous security, tools and processes, version upgrade of key components

Security Lead - CyberSecurity firm WALLIX

  • Lead implementor and architect of the open source project for secure defaults in AWS: awless (on AWS internals) won Stackshare top 50 developers tools 2017, InfoWorld Bossie Awards 2017 category best cloud computing software
  • triplestore fluent library & in memory store to manage, query and store RDF triples.
  • Engineering and cryptography with the implementation of the Golang SDK for the DataPeps an end-to-end encryption WALLIX product
  • Full audits of internal products: WALLIX Bastion, DataPeps server, etc.

Principal Scalability Engineer - Streamroot (US backed company)

Talk (Slides | Video) on my work at Streamroot for Technical Paris Meetup: Go and Platform for Realtime processing

  • Backend architecture, design & scaling; complete rewrite of a platform in Go
  • Provide a new realtime processing pipeline for video data & customer metrics (Kafka)
  • Automate cloud migration AWS/Azure; simplifying app deployments
  • Implement XP practices; supervise scrum process for our SaaS product

Platform Engineer - PrePlaySports (US company)

  • In charge of a real time & social platform to allow sport's fan predictions on live games
  • Implement adjoining gamification modules, API & services
  • Collaborate in Features Teams with iPhone, Android, and Web developers

Contractor Lead Developer Ruby - Finexkap

Building a minimum viable product of a web portal verifying customers eligibility for financial factoring.

Contractor Ruby Developer - Hivebrite

Implementing full stack features for an application for private alumni communities. The online product is a white label for business & schools.

Senior Agile Software Consultant - Xebia

Mission as a Xebia consultant:

  • At Libon: Extreme programming and team lead for an overall refactoring with ongoing features of a live platform enabling chat, voicemail, messaging & free calls. Consumed by iPhone, Android and web browser.

Within Xebia firm:

  • Official Xebia trainer giving workshops, mentoring, and training on: XP, TDD, BDD, Refactoring, Craftmanship
  • Published articles written for Xebia (TDD, Craftmanship, etc.)
  • Member of the Craftmanship lead
  • Member of the Xebia's recruitment team to hire Xebia consultants

Agile Software Developer - Virgin Media (London)

Implementing back-end features for the Virgin e-commerce website offering broadband and adjacent services.

Agile Software Developer - Factset (London)

Overall refactoring with ongoing features of an online Outlook-like service for fund managers and investors.

J2EE Developer - Orbian (London)

Working on the back and front end of a supply chain finance platform that provides business-to-business finance and payment solutions.

GUI Developer & System Designer - Petards (London)

Solo work to create a full in-car detection and alerting system prototype for an upcoming European commission trial.