Freelancer profile translated to English.
Back to original languageAbout Elias
Do you have a web application, APIs, cloud infrastructure, or systems integrating artificial intelligence that you want to secure effectively?
I am a cybersecurity and penetration testing consultant, specializing in realistic attacks carried out with the same techniques as real attackers, in a 100% legal, controlled, and contractual framework.
My approach is business-risk oriented: I identify and exploit vulnerabilities that have a real impact on your business, your data, and your users as a priority, allowing you to fix what truly matters.
What I offer
• Web, API, Mobile, and Cloud Penetration Testing
• Pentesting of SaaS applications and complex environments
• Security audit of AI / LLM systems (exposure, abuse, prompt injection, business logic)
• Red Team simulations and advanced attack scenarios
• Vulnerability analysis and risk prioritization
Deliverables
• Clear, structured, and prioritized reports by criticality
• Technical evidence and concrete recommendations
• Exchanges with your technical teams if necessary
• Strict adherence to NDAs, confidentiality, and regulatory constraints
Methodology & Guarantees
• Recognized frameworks: OWASP, PTES, MITRE ATT&CK
• Offensive and defensive vision
• Clear communication, including for non-technical stakeholders
• Ad hoc interventions or targeted high-value missions
Available for security audits, penetration tests, or short missions.
English
Fluent
French
Native or bilingual
Can work on-site
Paris (up to 50km)
Experience
- SNCFPentesterDIGITAL AND ITOctober 2024 - October 2025 (1 year)Saint-Denis, FranceI perform comprehensive penetration tests (web, API, cloud, infrastructure) to enhance the security of critical systems.My approach is inspired by PTES / OWASP / MITRE ATT&CK standards, with a focus on prioritizing real risk and rapid remediation.I have contributed to penetration testing missions for large public and railway groups (e.g., SNCF), including:• Application audits (OWASP Top 10, REST/GraphQL APIs)• Internal and external penetration tests on network infrastructures• Cloud audits (AWS, Azure, GCP – IAM, S3, configurations)• Security checks on industrial environments (railway IT / OT)• Technical report and clear summary for CIOs and CISOsDeliverables provided:• Technical report + executive report (CTO/CIO-friendly)• PoC and exploitation screenshots• Prioritized remediation plan + post-audit supportTools: Burp Suite Pro, Nmap, Nessus, Metasploit, Wireshark, BloodHound, CrackMapExec, Python, BashMethods: OWASP, PTES, MITRE ATT&CK, NIST SP800-115
- AltenInternDIGITAL AND ITMay 2019 - September 2019 (4 months)Developer intern in the field of development in Node/ VBA /python / C++.Automation of all redundant tasks for a project management team.Team leader.
- TracipInternDEFENSE AND MILITARYJuly 2017 - December 2017 (5 months)Nancy, France6-month internship in digital forensics in the field of cybersecurity.
Recommendations
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- BachelorEpitech2020Bachelor (3 ans) d'Epitech qui sera alimenté d'un master dans l'expertise et l'innovation technologique.
- MasterEpitechMaster dans l'innovation et l'expertise technologique