Freelancer profile translated to English.
Back to original languageAbout Liang
Offensive cybersecurity and application security expert with a background as a developer. I have experience working with both large corporations and smaller organizations on penetration testing, red team, code auditing, application security, and DevSecOps.
French
Native or bilingual
English
Fluent
Chinese
Native or bilingual
Spanish
Basic
Dutch
Basic
Can work on-site
Paris (up to 50km)
Experience
- Saint-GobainOffensive Security EngineerJanuary 2025 - Today (1 year and 5 months)Courbevoie, FrancePerformed internal penetration tests and full-scope red team engagements for multiple clients, focusing on realistic adversary emulation and post-exploitation paths• Collaborated closely with development, DevOps and business teams to prioritize and validate remediation actions — produced step-by-step remediation plans, replayable PoCs, and verification checks to reduce time-to-fix• Delivered detailed technical reports and executive summaries adapted to stakeholder audience; ran remediation verification retests and provided risk re-assessments after fixes• Built and maintained custom tooling and automation for reconnaissance, exploitation workflows and post-exploitation persistence to improve engagement efficiency• Ran hands-on knowledge-transfer sessions and secure-coding workshops for engineering teams and held remediation walkthroughs with product owners to ensure fixes were operational and aligned with business constraints
- FORMINDOFFENSIVE SECURITY CONSULTANTNovember 2020 - January 2025 (4 years and 2 months)France• Led comprehensive penetration tests, focusing on identifying critical vulnerabilities and providing actionable remediation steps• Directed red team operations, including social engineering, physical intrusion testing, and custom malware development• Oversaw internship programs, managing and mentoring junior consultants, and providing ongoing training on offensive security• Taught secure development and penetration testing courses to internal teams and clients• Spoke at cybersecurity conferences, sharing insights on application security and public vulnerabilities.• Collaborated with the pre-sales team, scoping security engagements and ensuring alignment with client expectations
- Edenred BeluxAPPLICATION SECURITY ENGINEERJuly 2018 - October 2020 (2 years and 3 months)Brussels, Belgium• Managed vulnerability and patch management programs, coordinating remediation across teams• Led application security reviews and integrated SAST/DAST tools into DevOps for continuous security testing throughout the SDLC• Integrated OpenSAMM into the SDLC to enhance security governance and ensure secure development practices• Participated in the incident response during a ransomware attack, focusing on malware analysis and Active Directory forensics• Supervised pentest campaigns, providing detailed reports and presenting findings to senior management and stakeholders.• Directed security awareness programs, training internal teams on secure coding practices, security best practices and thereby fostering a security-focused culture
Recommendations
Be the first to recommend Liang
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Bachelor of Science in Computer ScienceEPFC2017Bachelor degree in Computer Science
- Bachelor of ScienceUniversité libre de Bruxelles2010Bachelor degree in Social Sciences
Certifications
- OSCPOffsec2020
- OSWEOffsec2022