You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Motaz SouidMS

Motaz Souid

DevSecOps Engineer

€670/day
Paris, FR
3-7 years
Kubernetes
Gitlab CI/CD
Jenkins
Fortify
NexusIQ

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Motaz

I specialize in DevSecOps, with strong expertise in integrating security tools (SAST/SCA) into CI/CD pipelines (Jenkins, etc.), as well as implementing best practices for rapid detection and remediation of vulnerabilities. I have notably implemented solutions like Fortify, Nexus IQ, and OWASP Dependency Check, while ensuring rigorous issue tracking and effective risk reduction.

My methodology is based on the "Shift Left" principle to integrate security from the early stages of development. I support teams through targeted training, development of technical documentation, and establishment of metrics to regularly assess the progress of corrective actions.

Through these practices, I facilitate smooth interaction between development, security, and operations, ensuring each stakeholder has the necessary support and tools to maintain an optimal security level at every stage of the software lifecycle.

  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Paris (up to 50km)

Experience

  • BNPP
    DevSecOps Engineer
    October 2022 - Today (3 years and 8 months)
    Paris, France
    BNPP
    • Deployment and integration of SAST/SCA tools (Fortify, Nexus IQ) into the CI/CD chain.
    • Consulting and support for teams on effective scan adoption.
    • Conducting DevSecOps training sessions and writing documentation to optimize workflows.
    • Implementing security best practices for Docker and Kubernetes (image scanning, orchestrator configuration, vulnerability management).
    • Supervising the integration of new applications, monitoring production vulnerabilities, and developing security reports.
    • Identifying vulnerabilities and tracking remediation actions, with the implementation of operational indicators to measure the effectiveness of fixes.
    • Writing and updating technical documents and remediation plans.
    • Technical support for teams in applying security solutions.
    • Implementing and monitoring security indicators with PowerBI.
    • Organizing and leading security-focused code reviews, periodically conducting compliance audits, and tracking remediation plans.
  • STAR Assurance
    DevSecOps Engineer
    March 2023 - October 2023 (7 months)
    Tunis, Tunisia
    STAR assurance
    • Setting up and optimizing continuous integration and deployment pipelines, ensuring speed and reliability of production releases.
    • Automating security scans to identify vulnerabilities in dependencies, with proactive management of false positives to maintain result relevance.
    • Strengthening security and hardening production environments by following industry best practices, ensuring increased compliance.
    • Continuous detection of secrets and prevention of sensitive data leaks, contributing to enhanced project security.
    • Regularly performing security scans on web applications, transferring results to Defect Dojo, and rigorously tracking vulnerabilities until their effective resolution.
    • Conducting manual security assessments on production servers and automating successful strategies to improve compliance and reduce risks.
  • STAR Assurance
    Operational Security Engineer
    March 2021 - March 2022 (1 year)
    Tunis, Tunisia
    STAR assurance
    • Installation and configuration of Sophos XG firewalls, with security synchronization between Sophos Endpoint and Sophos XG.
    • Implementing VPNs via Fortigate and deploying multi-factor authentication (MFA) with Azure AD SSO.
    • Managing Sophos antivirus and configuring security profiles in compliance with company policies.
    • Conducting Active Directory audits and developing access management policies.
    • Automating the hardening of Windows and Linux servers with Ansible, according to NIST standards.
    • Configuring security profiles in Intune.
    • Developing PowerShell scripts to delegate Active Directory access based on the principle of least privilege.
    • Contributing to the writing of security policies and procedures, monitoring their implementation.
    • Deploying a phishing simulation tool, conducting phishing campaigns, and leading security awareness training.

Recommendations

Be the first to recommend Motaz

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Engineering degree, Network infrastructure and data security
    ESPRIT
    2020
    Diplome d'ingénieur, Network infrastructure and data security
  • Bachelor's degree, Systems and network administration
    Ariana
    2017
    Licence, Administration systèmes et réseaux

Skill set

Pentesting
PowerBI
Security Awareness Training
Ansible

Categories