Design infrastructure and applications to protect them against external or internal malicious adversaries.

Performing information security monitoring, threat analysis and vulnerability management.

Forensic analysis, incident response and internal formation about advanced developpement security practice.

Pentest of web and mobile applications, internal infrastructures of Leboncoin Group.

Defensive activity, development of tools to automate the detection of malicious domain names, public exposure of our assets and vulnerabilities on our infrastructure.

Forensic analysis, incident response, technology intelligence, support for developers on the correction of identified vulnerabilities.

Safety awareness of Leboncoin employees and IT.

The GIAC Advisory Board is made up of GIAC certified professionals who want to take a more active role in the GIAC community. The Advisory Board provides a forum where information security professionals can exchange ideas and advice, and discuss issues directly related to GIAC and SANS business, such as training and certification.

I worked with multiple features teams and helped them to deploy and in a high availability environment:

• FT Authentication & Security (2019)
• FT Identity: Identity and Access Management (IAM) (2017-2018)
• FT Ads: Ad deposit and Ad view (2017-2018)

With Authentication & Security:

• Implement OAuth2 flow for a Leboncoin SSO and preserve users personal identifiers information
• Blue: Observe, Alert and Mesure security events (NIDS Suricata, HIDS, Security dashboard Patrowl)
• Red: Web Application mostly

As a SRE/devops/sysadmin :

• Manage a large IaaS (OpenNebula) and PaaS (Kubernetes)
• Security improvement (authentication with CASSH, IDS)
• Fireman

Within the system administrator team, we were responsible of a large number of servers located in several datacenters.

Automated infrastructure deployment via Puppet
Monitoring and log managment
Fireman

Set up of a RADIUS server in a large infrastructure (>1000 employees)