Freelancer profile translated to English.

Description

Dive into the world of digital security with me, a seasoned Pentester with 6 years of experience. My extensive expertise covers a wide range of missions, both external and internal, with a particular focus on web applications. I also had the opportunity to assist a QSA during PCI DSS 3.2.1 compliance audits. During these audits, I was responsible for collecting evidence, conducting interviews with client teams, performing physical audits, and configuration audits.

By choosing my services, you are opting for unparalleled protection, combining technical skill, strategic vision, and absolute commitment to securing your digital assets.

Industry field of expertise

Languages

Arabic
Native or bilingual
French
Fluent
English
Conversational

Workplace preferences

Can work on-site

Paris (up to 50km), Lille (up to 10km), Toulouse (up to 10km), Lyon (up to 10km)

Sopra Steria
Tech Lead Pentest & Audit
DIGITAL AND IT
November 2022 - October 2023 (11 months)
Paris, France
- Definition of test plans
- Review of prerequisites
- Preparation, implementation, and execution of tests,
- Definition of campaigns and execution of tests
- Participation in writing commercial proposals
- Scoping of missions
- Review of reports
PenTest Security Audit Architecture Audit Code Audit Commercial Proposal Scoping
CNPP Afrique
Information Systems Security Consultant
TECH
July 2019 - November 2022 (3 years and 4 months)
Casablanca, Morocco
Management of technical audits and compliance gap audits against PCI DSS standard version 3.2.1
Vulnerability research: source code analysis and audit, fuzzing, exploit development and analysis.
Web Security: internal and external black-box/gray-box/white-box penetration testing, configuration audit.
System and Network Security: internal and external black-box penetration testing, configuration audit, architecture audit, network audit.
Writing pentest deliverables in English and French.
Scripting (Python & bash)
PenTest Code Audit Security Audit Architecture Audit PCI DSS Audit Bash Python Training
CNPP Cybersecurity
Information Systems Security Consultant
DIGITAL AND IT
August 2018 - June 2019 (10 months)
Casablanca, Morocco
- Perform pentests on network infrastructures and web applications in black-box/gray-box/white-box, source code analysis, threat analysis, social engineering assessments, vulnerability discovery and exploration, post-exploitation impact analysis, and security;
- Develop exploit code to demonstrate the presence of vulnerabilities (PoC);
- Design scripts, frameworks, tools, and methods necessary to facilitate and execute complex attacks;
- Write managerial and technical deliverables.
PenTest Security Audit Scripting

Check out Karima's experience

Be the first to recommend Karima

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

Specialized Master in Cryptography and Information Security
Mohamed V University, Faculty of Sciences, Rabat - Morocco
2017

Offensive Security Certified Professional (OSCP)
Offensive Security
2019
https://www.credly.com/badges/712ae65c-2941-49c6-a693-abc304f968f8/linked_in_profile
Locating Public Exploits Buffer Overflow Exploits Password Attacks Web Application Attacks Port Redirection Port Scanning Web Exploitation File Transfers Active Directory Vulnerability Scanning Exploitation Information Gathering Passive Information Gathering Advanced Command Line Privilege Escalation Antivirus Evasion Bash Scripting Client-side Attacks Fixing Public Exploits Pivoting Antivirus Exploitation Network Vulnerability Scanning

Cybersecurity Expert

Karima El Hachimi

Pentester

About Karima

Experience

Recommendations

These freelancer profiles also match your criteria

Education

Certifications

Skill set (36)

Categories