Freelancer profile translated to English.

Description

Cybersecurity consultant with 10+ years of experience, I combine two rarely found expertise: offensive penetration testing and ISO 27001/27005 governance.

My approach: go beyond the classic pentest report. Each identified vulnerability feeds a structured risk analysis process and a prioritized remediation plan, until the gaps are closed.

What I do for my clients:

Web, mobile (iOS/Android, React Native), Active Directory, and WiFi penetration tests

ISO 27001 audits and certification support

ISO 27005 risk analyses and ISMS construction

Vulnerability management with Qualys VMDR and managed remediation plans

CISO-as-a-Service missions to structure the security function

Design and delivery of cybersecurity training

My certifications: ISO 27001 Lead Implementer (PECB), ISO 27005 Risk Manager (PECB), CompTIA PenTest+, CompTIA Security+, CompTIA Server+, Cisco CCNA, Fortinet NSE. CCISO (EC-Council) in progress.

My recent references: comprehensive internal pentest program for the Caisse Nationale d'Assurance Maladie (NTLM relay remediation, LLMNR/NBT-NS, SMB signing, Log4j), React Native mobile pentest for a leading African bank, application pentest for the CEDITECH LMS platform by TransNumérik.

Who I work for: banks, insurance, public sector, telecoms, education, energy. I work 100% remotely, on a fixed-price or daily rate basis, with a possible start within two weeks.

Feel free to contact me to discuss your needs — I respond within 24 hours.

Industry field of expertise

Languages

French
Native or bilingual
English
Conversational

Workplace preferences

Remote only

Primarily works remotely

CEDITECH
Offensive Security Audit — E-learning Platform and Web Infrastructure
CONSULTING AND AUDITS
May 2026 - May 2026
Abidjan, Côte d’Ivoire
Comprehensive offensive security audit of the cybersecurity posture of the TransNumérik group and its subsidiary CEDITECH, as part of a cybersecurity strengthening initiative before opening to new users and clients.
Scope assigned:

CEDITECH e-learning platform (web application, learner and trainer account management, administrator space)
Group's institutional web infrastructure (public websites, exposed services, external attack surface)

Methodology:

In-depth external reconnaissance (OSINT, subdomain enumeration, service fingerprinting)
Black-box authenticated application pentest, compliant with OWASP Top 10 (injection, authentication, access control, sensitive data exposure, configuration)
Dedicated tests on critical business workflows
Assessment of exposed service configurations (TLS, security headers, server hardening)

Deliverables produced:

Detailed technical report with CVSS classification of identified vulnerabilities
Executive report for management
Risk prioritization matrix and actionable remediation plan
Technical debriefing session with development and infrastructure teams

Value provided:

Identification of exploitable vulnerabilities before external attacker exposure
Measurable increase in the group's application security maturity
Recommendations for integrating security into the development lifecycle
Penetration Testing Security Audit Cybersecurity OWASP Vulnerability Analysis
VNE
Cybersecurity Engineer & IT Auditor
TECH
February 2026 - Today (4 months)
Côte d'Ivoire
▸ Multi-sector security audits (banking, insurance, public sector)
▸ Internal/external, mobile, and WiFi pentests (major clients)
▸ Management of ISO 27001 projects and remediation plans
GSIMEL / MEL-Académie & CEDITECH
Senior Trainer, Pentester & Consultant
February 2026 - Today (4 months)
Abidjan, Côte d’Ivoire
▸ Design and delivery of cybersecurity training modules (5+ modules)
▸ Authenticated pentest on LMS platform: 8 vulnerabilities identified, report + remediation guide delivered
▸ Mentoring IT teams and certification support

Check out Cyrille's experience

Be the first to recommend Cyrille

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

ISO 27005 Risk Manager (PECB)
ISO 27005 Risk Manager (PECB)
ISO 27001 Lead Implementer (PECB)
ISO 27001 Lead Implementer (PECB)

Check out Cyrille's education

CompTIA Security+ Certification
COMPTIA
https://www.credly.com/earner/earned/badge/0bd43915-35cf-4863-bbe1-55cb23070152
Threat Management Access Control Security Awareness Cryptography Disaster Recovery Planning Firewall Configuration Malware Identification Cybercrime Network Security Security Policies
CompTIA Server+ CE Certification
COMPTIA
https://www.credly.com/earner/earned/badge/52ee0df2-a34e-45a9-a157-2365e37f32e4
Security Troubleshooting Disaster Recovery Storage Server Hardware Server Architecture Server Networking System Administration

Cyrille's certifications are only visible to Malt Community members

Cybersecurity Expert

Cyrille Kpahi

Cybersecurity Consultant

About Cyrille

Experience

Recommendations

These freelancer profiles also match your criteria

Education

Certifications

Categories