WORK EXPERIENCE
Senior Platform Engineer & Senior Offensive Security Engineer - Form3
Our product is one of the most resilient, multi-cloud, high volume transactions platform in FinTech. It spans 3 clouds (AWS, GCP & Azure ) using Go, Kubernetes and Infrastructure as Code, with more than 30 internal services/middlewares/gateways and third-party integrations.
Customers using our APIs: Loyds banking Group, Mastercard, Barclays, Stripe, JP Morgan, Nationwide, GoCardless, etc.
Direct responsibilities as part of the Customers API team:
- Daily design, development and deployment of the large Go backend for the customer API
- Introduce newly design production Go services from scratch: an API event replayer, Kubernetes Job controls verifiers, etc.
- Provide a continued stream of simplifications, improvements and refactor on codebase while maintaining delivery deadlines.
- Create engineering proposals (company wide) to increase awareness and change on specific topics
- Bring Go and Test Driven experience, as well as my security background during implementation (i.e. threat modelling)
I become then part of the small offensive security team. Overall my mission is to create new ways to consistently feed the risk framework of Form3 with novel and relevant vulnerabilities.
Direct responsibilities as Senior Offensive Security Engineer:
- Provide expertise on Go, AppSec, CloudSec and Kubernetes for our infrastructure, products and services
- Scale, improve and revamp our team's internal processes and vulnerabilities capture workflow
- Ongoing review, pentesting of all services/middlewares, our 3 clouds subscriptions (AWS, Azure, GCP) and third party integrations (FeedzAI, Microsoft Copilot, etc.)
- Create new and original reliable Go tooling for automation and discovery, exposing new areas for novel vulnerabilities
- Research on new topics, vulnerabilities, bypasses, attack paths, TTP (Tactics Techniques and Procedures) relevant to our platform
Technical Lead for UK/US companies (Design, Development, Security, Infra)
Via my own entity REKON, I offer concrete and extensive hands-on experience at various levels for challenging projects: design, build, architecture and infrastructure; security audits and threat modeling.
Candy (US) from Jan / November 2022
Working with Candy on their NFT Go platform that offers a first and second marketplace, and gamification of sports items
- SecOps: build from scratch an encrypted delivery pipeline to locally integrate real production data for developers
- Handle surface and perimeter security of the deployed platform and product
- Constant and full reviews of all incoming PRs, pairing and mentoring: for a new batch of 5 new Go junior developers freshly hired + existing Candy backend developers
- Make SQL DB support multi-brands, full gamification API & logic for NFT
- New full marketplace search, third parties integration, as well as the everyday sprint stories
- New code testing practices and introducing testing APIs, adopted quickly by the backend team
- Dev Experience: key simplification/improvements for local platform bootstrap/run
- Blockchain: patches on our Ethereum bridge
Improbable (UK) from May / November 2021
Working with Improbable to implement collectively a brand new and modern Go orchestration platform for the multi-players industry
- Initial security assets assessment and inventory of the product: perimeter, ratio of obsolete sowftares, cryptography used, etc.
- Implement Kubernetes controllers (operator pattern), GRPC APIs and AWS Lambda functions
- Develop a mechanism for deploying, running and scaling customer-provided Docker images in Kubernetes clusters
- Use combination of existing open-source tooling and bespoke software
Principal Engineer - Doctolib
Immersion in various teams to provide targeted implementations, solve technical & performance issues, and audit various internal systems (customized internal CI built on Kubernetes, SMS sending pipeline, etc.).
Technical Lead Contractor - Rockside (Development, Design, Blockchain, Security, Infra & Architecture)
Security
- Defining a sound yet simple security model for the infrastructure and our operational side of it
- Security audits of our various component notably our wallet before ANSSI review
- Regularly teaching development security practices and performing continuous audit our codebases and infrastructure
Core
- Overall re-architecturing/designing/organizing of our Go codebase (importantly done along the way and not as a rewrite!)
- Team development of a new Ethereum relayer and adjoining Ethereum Solidity contracts (ex: EIP-712, proxy, factory, meta transactions)
- Designing the DB models and interactions (Mongo and PostgreSQL)
- Implementing and introducing various level of sound testing: unit, integration and acceptance
- Leveraging the library go-ethereum to simplify and make our code base more typed hence more robust and scalable
- Teaching and implementing new team, development practices
DevOps
- Meeting the required and short deadline for creating from scratch 3 full new environments and infrastructure for our new platform
- New CI/CD pipeline with a brand new original component bringing simplified automation.
Others
- Implementing a pragmatic internal dashboard to understand our data
- Implementing open source projects using our new Ethereum relayer for visibility
Technical Lead Contractor - Edulib (Design, Development, Security, Infra, Scalability)
- Technical and security audit: backend code, infrastructure, development practices, tooling, etc.
- Complete transfer under my sole responsibility of the code & platform (from the historical provider and implementor)
- Expose, document and explain current scalabilty and security issues with ad hoc threat modeling
- Lay out plan and strategies for scaling, securing and improving the product
- Put in place new security procedures as well as small iterative and agile processes for the reduced technical team and the transition period
- Ensure transition and transfer of knowledge for new hires
- Port internal Edulib services to a newly created standardized and more secured AWS infrastructure
- Fix historical concurrency bugs in the Edulib Production Studio in view of the upcoming deadlines with Albin Michel, Belin, etc.
- Implement monitoring of internal services using in part Prometheus
- Introducing the Go language in production: writing new necessary modules and pair programming with developers
Technical Lead Contractor - Hivebrite (Design, Development, Security, Infra & Middleware)
- Initial security assessment with swift follow up actions taken to ensure a baseline security for our non production environments
- Leading the security external review and implementing security controls for the Hivebrite platform
- Security compliance point of contact and continuous liaison for our customers (Microsoft, etc.) regarding standardization and compliance: ISO, GDPR
- Starting a SecOps team: threat modeling, audits, continuous security, tools and processes, version upgrade of key components
- Global streamlining and rationalization of the Hivebrite infrastructure
- Implement the solution to port and scale Hivebrite to a global multi-region platform
- Migrate, rewrite modules/services to the Go language for performance, operational clarity and simplicity
- Implementation of a new PubSub Go server to avoid traffic contention
- Introduce the Go language with workshops, pair programming and evangelization
- Help and coach to improve agile processes.
Security Lead - CyberSecurity firm WALLIX
- Lead implementor and architect of the open source project for secure defaults in AWS: awless (on AWS internals) won Stackshare top 50 developers tools 2017, InfoWorld Bossie Awards 2017 category best cloud computing software
- triplestore fluent library & in memory store to manage, query and store RDF triples.
- Security engineering and cryptography with the implementation of the Golang SDK for the DataPeps an end-to-end encryption WALLIX product
- Security full audits of internal products: WALLIX Bastion, DataPeps server, etc.
Principal Scalability Engineer - Streamroot (US backed company)
Talk (Slides | Video) on my work at Streamroot for Technical Paris Meetup: Go and Platform for Realtime processing
- Backend architecture, design & scaling; complete rewrite of a platform in Go
- Provide a new realtime processing pipeline for video data & customer metrics (Kafka)
- Automate cloud migration AWS/Azure; simplifying app deployments
- Implement XP practices; supervise scrum process for our SaaS product
Platform Engineer - PrePlaySports (US company)
- In charge of a real time & social platform to allow sport's fan predictions on live games
- Implement adjoining gamification modules, API & services
- Collaborate in Features Teams with iPhone, Android and Web developers
Lead Developer Ruby Contractor - Finexkap
Building a minimum viable product of a web portal verifying customers eligibility for financial factoring.
Ruby Developer Contractor - Hivebrite
Implementing full stack features for an application for private alumni communities. The online product is a white label for business & schools.
Senior Agile Software Consultant - Xebia
Mission as a Xebia consultant:
- At Libon: Extreme programming and team lead for an overall refactoring with ongoing features of a live platform enabling chat, voicemail, messaging & free calls. Consumed by iPhone, Android and web browser.
Within Xebia firm:
- Official Xebia trainer giving workshops, mentoring and training on: XP, TDD, BDD, Refactoring, Craftmanship
- Published articles written for Xebia (TDD, Craftmanship, etc.)
- Member of the Craftmanship lead
- Member of the Xebia's recruitment team to hire Xebia consultants
Agile Software Developer - Virgin Media (London)
Implementing back-end features for the Virgin e-commerce website offering broadband and adjacent services.
Agile Software Developer - Factset (London)
Overall refactoring with ongoing features of an online Outlook-like service for fund managers and investors.
J2EE Developer - Orbian (London)
Working on the back and front end of a supply chain finance platform that provides business-to-business finance and payment solutions.
GUI Developer & System Designer - Petards (London)
Solo work to create a full in-car detection and alerting system prototype for an upcoming European commission trial.