À propos de Jean
I help software teams ship secure code faster by integrating security directly into their CI/CD pipelines — without slowing down delivery.
With 8+ years of experience in application security and DevSecOps, I work as an independent consultant (EURL, France) with clients across France, the UK, and North America.
Core expertise:
Web & API Penetration Testing — OWASP Top 10, Burp Suite, OWASP ZAP, SQLMap
DevSecOps & CI/CD Security — SAST, DAST, SCA integration (GitHub Actions, GitLab CI, Jenkins, Azure DevOps); secrets management; supply chain security
Cloud Security — Azure, GCP, secure IaC deployments (Terraform, Ansible)
Reporting & Training — actionable vulnerability reports for dev teams; security enablement workshops
Fully remote | Occasional on-site limited to the Bordeaux area
French native | English bilingual C1 — experienced with US, UK & Canadian clients
Français
Bilingue ou natif
Anglais
Bilingue ou natif
En télétravail uniquement
Travaille majoritairement à distance
Expériences
- Freelance (EURL)Application Security & DevSecOps ConsultantAGENCE & SSIIjanvier 2023 - Aujourd'hui (3 ans et 5 mois)Bordeaux, France▸ Conduct application security audits and Web/API penetration tests (OWASP Top 10, SAST, DAST, SCA) across client environments▸ Design and integrate security gates into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins), including automated SAST/DAST tooling (OWASP ZAP, Burp Suite, SonarQube)▸ Secure cloud application deployments using Infrastructure as Code (Terraform, Ansible) on Azure and AWS environments▸ Deliver actionable vulnerability reports and remediation guidance tailored for development teams; conduct security training and workshops▸ Multiple engagements under NDA with major French companies (Newspaper, retail…) FR/EU/UK/US clients▸ Led DevSecOps and DevSecMLOps implementation projects, integrating security practices into existing CI/CD pipelines▸ Performed application security audits and cloud deployment reviews on Azure environments▸ Produced client-facing security reports and provided guidance to development teams on secure coding practices▸ Supported client upskilling through hands-on security training sessions
- AvanadeApplication Security ConsultantAGENCE & SSIIjanvier 2023 - août 2023 (7 mois)Bordeaux, France▸Led DevSecOps and DevSecMLOps implementation projects, integrating security practices into existing CI/CD pipelines▸Performed application security audits and cloud deployment reviews on Azure environments▸Produced client-facing security reports and provided guidance to development teams on secure coding practices▸Supported client upskilling through hands-on security training sessions
- SIBLUDevSecOps Systems & Network AdministratorDIVERTISSEMENTS & LOISIRSjanvier 2018 - janvier 2022 (4 ans)33600 Pessac, France▸ Managed systems and network infrastructure across 30+ European campsites (Windows/Linux, AD, VPN, firewalls)▸ Spearheaded migration to DevOps/DevSecOps practices: automated provisioning, CI/CD deployment pipelines, security monitoring▸ Hardened application and infrastructure security: WAF deployment, vulnerability assessments, incident response▸ Led cross-functional technical projects; coordinated with external providers and internal IT teams
Recommandations
Soyez le premier à recommander Jean
Contribuez à la réussite de ce freelance en partageant votre expérience de collaboration avec lui.
Ces profils de freelance correspondent également à vos critères
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Formations
- Master Information Systems SecurityUTT Troyes2023MSc Information Systems Security
- MSc Systems & Network Eng. (DevOps)CESI2020MSc Systems & Network Eng. (DevOps)
Certifications
- Comptia Security +Comptia2024
- AZ900Microsoft2023