cv

Software security expert
code JM-CH-201512-458 on mode.enligne-ch.com en Suisse

Providing services to build security in your software: - Mobile - Web - Cloud - Internet of Things Services are: * Threat Modeling * Security and privacy requirements * Design analysis * Security and privacy features implementation * Code review * Security and privacy testing

MR Jé... M...

...

NYON 1260 Ch

Expertise :

In the following industries:
Télécommunications, Retail, Santé, Luxe

Fields of practice:
Software security, Threat Modeling, Code review

Management teams your interventions may concern:
Direction Securite Informatique Direction securite Web Industrie

Types of interventions:
Conseil pour améliorer la sécurité des logiciels

Training courses attended:
Master en informatique et automatique des Mines de Paris (ISIA)

Education:
Ecole Centrale de Lyon


Others

Led training courses:

Computer skills:


Languages: Fr En Es

Some references:
Références sur demande pour garantir la confidentialité des missions

Presentation sheet cretaed / updated on: 2015-12-28 11:30:59

pdfClick here to edit the CV in PDF
(Anonymous)

Presentation

I have been working in building secure software for almost 10 years.

With an initial academic background as a developer, I have a clear
insight of what is a software development lifecycle in practice.
It also enables me to gain the trust of other programmers by
speaking the same language and understanding their day-to-day
activities, providing an efficient channel to increase their security
awareness.

Designing and developing for a two-factor authentication product
during 6 years made me deal with challenging threat models,
particularly when delivering a public mobile application.
And also practice extensively secure coding guidelines, as the
solution was regularly reviewed and penetration tested by 3rd parties.

Being responsible for the integration and deployment with customers
was for me a great opportunity to work with diverse production
infrastructures and security providers,
in critical sectors such as banking, health or industry.
Understanding the various stakeholders constraints was key to reduce
operational costs as much as possible.
My experience was used in both internal and external consulting
roles. I helped in the security requirements definition and
implementation, including cryptographic protocols,
for applications where the insider is the enemy. I also led code
reviews and security validation activities for companies exposed to
reputation damage.

In addition, I participated in research projects to mitigate Man-In-The-Browser and Man-In-The-Mobile attacks.

pdfClick here to edit the CV in PDF
(Anonymous)
FREE entrust a mission to that expert.