Freelancer profile translated to English.

Description

Cybersecurity auditor with over 10 years of experience in technical auditing — penetration testing, configuration auditing, and code auditing — I specialize in manual source code analysis. My expertise lies in identifying functional and logical vulnerabilities, as well as complex flaws often undetectable by automated tools. I bring a thorough and pragmatic approach, directly adapted to the real-world challenges of business applications.

Industry field of expertise

Languages

French
Native or bilingual
English
Fluent
German
Conversational
Arabic
Native or bilingual

Workplace preferences

Can work on-site

Paris (up to 10km), Fontenay-aux-Roses (up to 10km)

Orange
Web Security Expert (OSCP|OSWE|CWES)
TELECOMMUNICATIONS
October 2018 - Today (7 years and 8 months)
Arcueil, France
During my assignment at ORANGE (on behalf of the IT services company AUSY, now Randstad Digital), I am responsible for manual code audits on various technologies, as well as performing penetration tests on web applications. The audit can also cover mobile applications developed for Android or iOS.
Security Audit code audit Fortify Web Pentest Mobile Pentest
Sogeti
Application Security Engineer
DIGITAL AND IT
March 2016 - October 2018 (2 years and 7 months)
92130 Issy-les-Moulineaux, France
Performed various penetration tests and manual code audits focused on Web applications (Struts, Spring, Drupal, Zend, Wicket, etc.) for ad-hoc assignments.
► Conducted external and internal penetration tests (OWASP methodology).
► Assessed system and network security levels (Vulnerability Scanning).
► Code Audit (manual and with Open Source tools): Analysis of application source code to identify potential vulnerabilities:
- Unhandled behaviors
- Obsolete functions, not supported by the publisher,
- System command executions with overly permissive rights,

► Configuration Audit: Review of server configurations (Linux, Windows). Verification of configuration file parameters (Apache, PHP, MySql, etc.). Establishment of a compliance score according to CIS (Center for Internet Security) checklists. Rewriting Nessus audit files for automatic auditing.

► Implementation and monitoring of documentary reviews and validations: Study of existing systems, vulnerabilities, audit methods, and tools. Prototyping methods and practical application on mock-ups. Development of attacks and audit tools. Qualification of methods and tools during technical audit missions.

► Active participation in pre-sales activities.
Security Audit Python code audit PHP Kali Linux
Orange
Application Security Engineer (Code Audit, Penetration Testing)
TELECOMMUNICATIONS
September 2014 - March 2016 (1 year and 6 months)
France
Employed at ORANGE on behalf of ECONOCOM. I am responsible for:
- Performing code audits (JAVA, PHP) for projects developed internally or by external companies. The audit is carried out using code audit tools or manually for certain unsupported languages.
- Conducting penetration tests (black box and grey box).
- Security supervision (log analysis, investigation).
Java Security Audit Fortify checkmarx Kali Linux

Check out Abdellah's experience

Be the first to recommend Abdellah

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

Master 2 (M2), Information Systems Security / Safety
Université Paris-Est Créteil (UPEC)
2013
Master 2 (M2), Sécurité / sûreté de l''information des systèmes informatiques
Bachelor's Degree, Mathematics
Université Paris-Est Créteil (UPEC)
2011
Licence, Mathématiques