You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Haroun KrifaHK

Haroun Krifa

Backend Developer | Application Security

€400/day
Saint-Laurent-du-Var, FR
3-7 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Haroun

Backend developer with a strong specialization in secure development, I assist companies in designing robust, maintainable, and secure-by-design applications.

In a context where application vulnerabilities are a major attack vector, I approach security as a continuous process: secure development, security and quality-oriented code reviews, early risk identification, with security integrated from the start of development, and integration of security on par with performance or maintainability.

My work method is based on clear communication, strong autonomy, clean and usable documentation, as well as a great capacity for adaptation and rapid skill development, in order to effectively integrate into teams and project constraints.

I work on both backend projects (APIs, automation, internal tools) and advanced cybersecurity topics: application security, IAM, DevSecOps, and post-pentest remediation, ensuring a smooth link between development and security teams.

I also have a solid foundation in C / C++ and a full-stack vision when the project requires it.

What I can bring you
  • Secure backend development (Node.js, Python, Flask, FastAPI, Django)
  • Automation & scripting (Python, Bash, PowerShell)
  • Design of robust and maintainable APIs
  • Securing existing applications
  • OWASP best practices integrated into the development cycle
  • CI/CD with security checks (SAST / DAST / SCA)
  • Custom internal tools (IAM, security, reporting)
Examples of achievements
  • Implementation of custom IAM solutions (rights lifecycle management)
  • Development of internal security automation tools
  • Audit and authorization control scripts
  • Integration of security into CI/CD pipelines
  • Management and remediation of application vulnerabilities
  • French

    Native or bilingual

  • English

    Fluent

  • Arabic

    Native or bilingual

Can work on-site
Saint-Laurent-du-Var (up to 30km), Monaco (up to 30km), Valbonne (up to 30km), Villeneuve-Loubet (up to 30km)

Experience

  • CEGEMA
    Security Developer / Cybersecurity Engineer
    BANKING AND INSURANCE
    September 2023 - October 2025 (2 years and 1 month)
    Villeneuve-Loubet, France
    Design and development of an internal tool "Cyber Toolbox" to centralize and automate security actions (Django, FastAPI)

    Development of C test implants for simulating attack scenarios and crisis management exercises

    Development of Python scripts for user authorization control (IAM): Entra ID authentication, Microsoft Graph API requests, Excel export, and automated report sending

    Automation of security workflows to strengthen controls and reduce manual tasks

    Review of existing code and continuous improvement

    Collaboration with development teams: AppSec / OWASP recommendations and remediation support

    Migration TeamPass → Bitwarden: Python scripts for export, transformation, and import of passwords and vaults

    Operation and continuous improvement of security controls

    Vulnerability management: tracking, prioritization, and remediation coordination (endpoints + application post-pentest)

    Operation of security tools (Rapid7 Nexpose, SentinelOne, Microsoft 365 Defender, FortiAnalyzer) with technical analysis of results

    Writing and maintaining technical documentation
    FastAPI Python Programming Python Programming Python Programming Microsoft Entra ID
  • CEGEMA
    Information Systems Security Developer
    BANKING AND INSURANCE
    September 2022 - September 2023 (1 year)
    Villeneuve-Loubet, France
    Design and development of a custom IAM solution automating user rights lifecycle management (Interactive mockup design, Frontend and Backend development)

    Presentation and deployment of Veracode for static (SAST) and dynamic (DAST) security analysis to development teams
    Veracode Python Flask React.js Microsoft Graph API LDAP

Recommendations

Be the first to recommend Haroun

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Master - Bac +5
    École 42
    2025
    Expert en architecture informatique : Systèmes d'information et réseaux
  • Bachelor's Degree STAPS
    Université Côte d'Azur
    2016
    Licence STAPS

Skill set

Categories