Freelancer profile translated to English.
Back to original languageAbout Amel
I am Amel, a DevSecOps & Cybersecurity Engineer with 9 years of experience in application security, CI/CD automation, and infrastructure. Certified CEH, ISO 27001 Lead Implementer, and EBIOS Risk Manager.
I help companies integrate security into their development pipelines and automate their infrastructure. My comprehensive technical background allows me to speak the language of developers, ops, and security to implement concrete and pragmatic solutions.
🔒 Security Integration in Pipelines (DevSecOps)
Implementation of SAST/DAST tools in CI/CD: SonarQube, Semgrep, Snyk
Building secure multi-environment pipelines with GitLab CI/CD and GitHub Actions
Automation of security controls and deployments via Ansible and Docker
Secure containerization and Docker image management
Securing dependencies and the build process
⚙️ Automation & Infrastructure (DevOps)
Implementation and optimization of complete CI/CD chains
Automated deployment with Ansible playbooks
Application containerization with Docker and docker-compose
Configuration of GitLab runners and environment optimization
Linux administration, Nginx/Apache configuration
Infrastructure as Code and system automation
🛡️ Application Security & Audit
Application security audits and vulnerability analysis
Application penetration testing: BurpSuite, Nikto, Nmap
Security-focused code reviews (OWASP Top 10)
Security assessment with Pentera (infrastructure and application)
Writing technical recommendations and remediation plans
💻 Development & Training
Full Stack secure development: PHP/Symfony/Laravel, Python, JavaScript/React/Vue.js
Training and awareness for development teams on OWASP Top 10 vulnerabilities
Technical support in pair programming
Definition and implementation of secure coding standards
📩 Interested? Contact me to discuss your project!
French
Native or bilingual
English
Basic
Arabic
Native or bilingual
Can work on-site
Villeurbanne (up to 50km)
Experience
- Pomelo AgenceBackend Developer & DevSecOps ConsultantJune 2025 - Today (1 year)Lyon, France
- Development and maintenance of web applications (Symfony 6, React, TypeScript)
- Integration of SAST/DAST tools into CI/CD pipelines (SonarQube, Semgrep)
- Setup of multi-environment CI/CD pipelines (dev/staging/production) on GitLab
- Application security audits and SaaS vulnerability analysis
- Formulation of technical recommendations for vulnerability remediation
- Application penetration testing (BurpSuite, Nikto)
- Training and awareness for developers on OWASP Top 10 vulnerabilities
- Application containerization with Docker
Stack & tools: Linux | Python | GitLab | Docker | BurpSuite | Nikto | PHP | Node.js | SonarQube | Semgrep - VisiativCybersecurity ConsultantMarch 2023 - March 2025 (2 years)Missions• Security assessments with Pentera on network infrastructures and applications.• Network and application vulnerability analysis, security recommendations.• Automation of tasks with Python scripts.• Technical documentation and reporting, work in Linux/Azure environment. Stack & tools: Linux | Python | GitLab | Nmap | Azure
- DéciderataLead DeveloperJanuary 2021 - October 2022 (1 year and 9 months)Vaulx-en-Velin, FranceLed the development of the Foldr application with expanded responsibilities in design and management. I designed new features, wrote technical specifications, and managed the project using Scrum. My responsibilities also included code reviews and team supervision (apprentices and interns), while ensuring code quality and maintainability through tools like Sonar.
Recommendations
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master CybersecurityCSB
- Web Developer TrainingSimplon2016