À propos de Liang
Expert en cybersécurité offensive et en sécurité applicative avec un passif de développeur, j'ai pu travailler à la fois avec des grands comptes qu'avec des petites structures sur des sujets de test d'intrusion, red team, audit de code ainsi qu'appsec et devsecops.
Français
Bilingue ou natif
Anglais
Capacité professionnelle complète
Chinois
Bilingue ou natif
Espagnol
Notions
Néerlandais
Notions
Accepte de travailler sur site
Paris (jusqu’à 50 km)
Expériences
- Saint-GobainOffensive Security Engineerjanvier 2025 - Aujourd'hui (1 an et 5 mois)Courbevoie, FrancePerformed internal penetration tests and full-scope red team engagements for multiple clients, focusing on realistic adversary emulation and post-exploitation paths• Collaborated closely with development, DevOps and business teams to prioritize and validate remediation actions — produced step-by-step remediation plans, replayable PoCs, and verification checks to reduce time-to-fix• Delivered detailed technical reports and executive summaries adapted to stakeholder audience; ran remediation verification retests and provided risk re-assessments after fixes• Built and maintained custom tooling and automation for reconnaissance, exploitation workflows and post-exploitation persistence to improve engagement efficiency• Ran hands-on knowledge-transfer sessions and secure-coding workshops for engineering teams and held remediation walkthroughs with product owners to ensure fixes were operational and aligned with business constraints
- FORMINDOFFENSIVE SECURITY CONSULTANTnovembre 2020 - janvier 2025 (4 ans et 2 mois)France• Led comprehensive penetration tests, focusing on identifying critical vulnerabilities and providing actionable remediation steps• Directed red team operations, including social engineering, physical intrusion testing, and custom malware development• Oversaw internship programs, managing and mentoringjunior consultants, and providing ongoing training on offensive security• Taught secure development and penetration testing courses to internal teams and clients• Spoke at cybersecurity conferences, sharing insights on application security and public vulnerabilities.• Collaborated with the pre-sales team, scoping security engagements and ensuring alignment with client expectations
- Edenred BeluxAPPLICATION SECURITY ENGINEERjuillet 2018 - octobre 2020 (2 ans et 3 mois)Brussels, Belgium• Managed vulnerability and patch management programs, coordinating remediation across teams• Led application security reviews and integrated SAST/DAST tools into DevOps for continuous security testing throughout the SDLC• Integrated OpenSAMM into the SDLC to enhance security governance and ensure secure development practices• Participated in the incident response during a ransomware attack, focusing on malware analysis and Active Directory forensics• Supervised pentest campaigns, providing detailed reports and presenting findings to senior management and stakeholders.• Directed security awareness programs, training internal teams on secure coding practices, security best practices and thereby foster ing a security-focused culture
Recommandations
Soyez le premier à recommander Liang
Contribuez à la réussite de ce freelance en partageant votre expérience de collaboration avec lui.
Ces profils de freelance correspondent également à vos critères
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Formations
- Bachelor of Science in Computer ScienceEPFC2017Bachelor degree in Computer Science
- Bachelor of ScienceUniversité libre de Bruxelles2010Bachelor degree in Social Sciences
Certifications
- OSCPOffsec2020
- OSWEOffsec2022