Acerca de Jean
I help software teams ship secure code faster by integrating security directly into their CI/CD pipelines — without slowing down delivery.
With 8+ years of experience in application security and DevSecOps, I work as an independent consultant (EURL, France) with clients across France, the UK, and North America.
Core expertise:
Web & API Penetration Testing — OWASP Top 10, Burp Suite, OWASP ZAP, SQLMap
DevSecOps & CI/CD Security — SAST, DAST, SCA integration (GitHub Actions, GitLab CI, Jenkins, Azure DevOps); secrets management; supply chain security
Cloud Security — Azure, GCP, secure IaC deployments (Terraform, Ansible)
Reporting & Training — actionable vulnerability reports for dev teams; security enablement workshops
Fully remote | Occasional on-site limited to the Bordeaux area
French native | English bilingual C1 — experienced with US, UK & Canadian clients
Francés
Bilingüe o nativo
Inglés
Bilingüe o nativo
Solo teletrabajo
Lleva a cabo sus proyectos principalmente en remoto
Experiencia
- Freelance (EURL)Application Security & DevSecOps ConsultantAGENCIAS DE SUBCONTRATACIÓNenero de 2023 - Hoy (3 años y 5 meses)Bordeaux, Francia▸ Conduct application security audits and Web/API penetration tests (OWASP Top 10, SAST, DAST, SCA) across client environments▸ Design and integrate security gates into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins), including automated SAST/DAST tooling (OWASP ZAP, Burp Suite, SonarQube)▸ Secure cloud application deployments using Infrastructure as Code (Terraform, Ansible) on Azure and AWS environments▸ Deliver actionable vulnerability reports and remediation guidance tailored for development teams; conduct security training and workshops▸ Multiple engagements under NDA with major French companies (Newspaper, retail…) FR/EU/UK/US clients▸ Led DevSecOps and DevSecMLOps implementation projects, integrating security practices into existing CI/CD pipelines▸ Performed application security audits and cloud deployment reviews on Azure environments▸ Produced client-facing security reports and provided guidance to development teams on secure coding practices▸ Supported client upskilling through hands-on security training sessions
- AvanadeApplication Security ConsultantAGENCIAS DE SUBCONTRATACIÓNenero de 2023 - agosto de 2023 (7 meses)Bordeaux, Francia▸Led DevSecOps and DevSecMLOps implementation projects, integrating security practices into existing CI/CD pipelines▸Performed application security audits and cloud deployment reviews on Azure environments▸Produced client-facing security reports and provided guidance to development teams on secure coding practices▸Supported client upskilling through hands-on security training sessions
- SIBLUDevSecOps Systems & Network AdministratorENTRETENIMIENTO & TIEMPO LIBREenero de 2018 - enero de 2022 (4 años)33600 Pessac, France▸ Managed systems and network infrastructure across 30+ European campsites (Windows/Linux, AD, VPN, firewalls)▸ Spearheaded migration to DevOps/DevSecOps practices: automated provisioning, CI/CD deployment pipelines, security monitoring▸ Hardened application and infrastructure security: WAF deployment, vulnerability assessments, incident response▸ Led cross-functional technical projects; coordinated with external providers and internal IT teams
Recomendaciones
Sé el primero en recomendar a Jean
Ayuda a este freelance a destacar compartiendo tu experiencia.
Estos perfiles de freelance también coinciden con tus criterios
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Formación
- Master Information Systems SecurityUTT Troyes2023MSc Information Systems Security
- MSc Systems & Network Eng. (DevOps)CESI2020MSc Systems & Network Eng. (DevOps)
Certificados
- Comptia Security +Comptia2024
- AZ900Microsoft2023