CV MITRE ATT&CK : Les nouveaux profils inscrits

Aperçu des emplois d'Elias,
freelance MITRE ATT&CK résidant dans les Hauts-de-Seine (92)

• Penetration Tester (Pentester)

  SNCF
  Jan 2024 - Jan 2025

  Executed comprehensive penetration tests on SNCF's digital infrastructure, identifying and mitigating vulnerabilities, which led to a 50% decrease
  in potential security breaches using tools like Metasploit Pro and Burp Suite.
  •
  Conducted in-depth security assessments on web applications, APIs, and internal networks, leveraging industry standards such asOWASP Top Ten
  and MITRE ATT&CK.
  •
  Automated vulnerability scanning processes using tools like Nuclei and custom scripts, significantly reducing the time required for routine
  assessments.
  •
  Demonstrated proficiency in exploiting vulnerabilities such as RCE, SQL injection, XSS, and privilege escalation, providing detailed proof-of-concept
  reports to stakeholders.
  •
  Collaborated with developers and IT teams to implement security patches and improve system architecture, ensuring long-term resilience against
  cyber threats.
  •
  Delivered technical and non-technical reports summarizing findings, risk levels, and actionable remediation strategies, enhancing overall
  organizational security awareness.

• System Administrator

  OptilianMontrouge
  Jan 2023 - Jan 2024

  System Deployment and Maintenance: Managed and maintained the organization's IT infrastructure, ensuring high availability and optimal
  performance of servers and network systems.
  •
  Server Administration: Configured and monitored Unix/Linux servers, performed regular updates, and implemented security measures to protect
  against vulnerabilities.
  •
  User Support: Provided technical support and troubleshooting for internal users, resolving system issues and ensuring smooth day-to-day
  operations.
  •
  • Backup and Recovery: Implemented robust backup strategies and disaster recovery plans to safeguard critical data and ensure business continuity.
  • Automation: Developed scripts and tools to automate system administration tasks, improving efficiency and reducing manual workload.
  Monitoring and Optimization: Monitored system performance using tools like Nagios and Zabbix, identifying bottlenecks and optimizing resources
  to enhance system reliability.

• Fullstack Development Freelance Entrepreneurship

  Jan 2019 - Jan 2025

  Front-End Development: Built dynamic and responsive web and mobile applications using Angular under the Ionic framework, delivering userfriendly interfaces optimized for performance and accessibility.
  •
  .
  .
  Back-End Development: Developed robust server-side applications and APIs with PHP using the Symfony framework, ensuring scalability, security,
  and maintainability.
  •
  System Administration: Managed and maintained Unix-based systems, automating routine tasks, optimizing server performance, and ensuring high
  availability for deployed applications.
  •
  Python Expertise: Designed and implemented data processing pipelines, task automation, and backend functionalities using Python, streamlining
  workflows and reducing operational bottlenecks.
  •
  Containerization and Deployment: Leveraged Docker to containerize applications, enabling consistent development and deployment environments
  while simplifying CI/CD pipelines.

• Python Selenium / JavaScript / Node.js:

  Boulogne-Billancourt
  Jan 2019 - Jan 2019

  Python Selenium / JavaScript / Node.js: Expertise in developing scripts for web scraping, browser automation, and data extraction to simplify project
  reporting and task management.
  •
  VBA / VB.NET: Competent in automating tasks within Microsoft Office applications, creating macros and custom forms to handle large-scale data and
  repetitive operations.
  •
  Docker: Experienced in containerizing automation scripts and applications to ensure portability, consistency, and ease of deployment across various
  environments.
  •
  Automated project management tasks resulting in a 30% increase in efficiency by deploying Dockerized solutions that seamlessly integrated with
  existing tools and workflows, ensuring scalable and consistent performance.

• Memory Analysis: Conducted in-depth

  Digital Forensics Investigation (Forensic)Tracip
  Jan 2017 - Jan 2018

  Nancy
  Memory Analysis: Conducted in-depth analysis of volatile memory using Volatility, uncovering critical evidence such as processes, network activity,
  and malicious artifacts.
  •
  Pattern Detection: Utilized advanced Regex and created custom YARA rules to identify and classify malicious patterns, ensuring precise and efficient
  detection of malware and suspicious activities.
  •
  Trace Hunting in Memory: Performed comprehensive searches for forensic traces within live memory, reconstructing attack timelines and
  identifying indicators of compromise (IOCs).
  •
  • Tool Development: Designed and implemented scripts to automate repetitive forensic tasks, improving accuracy and reducing investigation time.
  Fullstack Development