About Philippe-Alexandre
French
Native or bilingual
English
Fluent
Spanish
Fluent
Experience
- WHITE-HAT.FRFounderTECHJuly 2021 - Today (5 years)Paris, FranceWhite Hat is an offensive cybersecurity company: penetration tests and real attack simulations to help companies assess and strengthen their security. Over 50 clients supported in France and internationally.I joined the company to lead offensive missions and develop the platform, within a team of pentesters, a compliance manager, and technical profiles.My responsibilities:- Security audits and penetration tests on web applications, APIs, and network infrastructures.- Real attack simulations (Red Team Assessment): phishing, vishing, social engineering, infrastructure compromise.- OSINT and Dark Web analysis: searching for exposed credentials and data breaches.- Writing comprehensive audit reports with video conference restitution.- 24/7 emergency assistance for individuals and businesses victims of hacking.- Consulting on GDPR compliance and raising team awareness of cyber threats.- Development and operation of the White-Hat.fr SaaS (Laravel 12, Docker, Stripe, multilingual FR/EN).- Production of cybersecurity educational content (blog, technical write-ups).Results:- Over 100 penetration testing missions carried out.- Over 800 vulnerabilities identified and documented, including about a hundred critical ones.- 24/7 emergency assistance with response within 1 hour.- Launch and operation of the White-Hat.fr SaaS (multilingual FR/EN).
- DeuscomCybersecurity ExpertTECHMay 2021 - June 2021 (1 month)Massy, FranceDeuscom is a digital services company that assists businesses in protecting their exposed applications and systems. Based in Massy, it works with clients concerned about strengthening their security posture.I joined the security team to conduct offensive audits and assess the organization's security maturity, within a team of two developers and one pentester.My responsibilities:- Audit of web applications and exposed services.- Testing authentication and authorization mechanisms.- Verification of resistance to denial-of-service attacks.- Simulation of targeted attacks and realistic scenarios.- Assessment of database security.- Searching for security flaws in applications and protocols.- Analysis of security policies and internal procedures.- Assessment of security awareness and verification of compliance with standards.Results:- Over 20 applications and services audited.- Over 150 vulnerabilities identified and corrected with the teams.- Reduction of the exposed attack surface by over 40%.
- QUETZALYS SASPen-testerRETAIL (SMALL BUSINESS)October 2018 - April 2021 (2 years and 6 months)Boulogne-Billancourt, FranceQUETZALYS SAS is an e-commerce company that sells its products via an internal SaaS and a PrestaShop online store. Based in Boulogne-Billancourt, the company handles online payments.I joined the technical team for over 2 years to integrate security into the heart of the internal SaaS and the online store, within a team of developers and a technical manager.My responsibilities:- Regular security audits on the internal SaaS (native PHP): code review, SQL injections, XSS, CSRF, poor session and access rights management.- Penetration tests on the PrestaShop store: third-party modules, APIs, exposed attack surface.- Analysis of vulnerabilities related to online payments and customer data protection (PCI-DSS, GDPR).- Implementation of the internal security policy: server hardening, access management, secure development.- Support for developers: training in OWASP best practices, secure code reviews.- Incident monitoring and response: log monitoring, intrusion detection, alert management.- Writing vulnerability reports for the technical management and participating in architecture decisions (shift-left).Results:- Over 200 vulnerabilities identified and corrected on the SaaS and the store.- PCI-DSS and GDPR compliance for payments and customer data.- Reduction of security incidents by over 60%.- Improvement of the development team's security skills through training and code reviews.
Recommendations
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- BAC STI Electronic Engineering with a good mentionLycée Gustave Eiffel, Cachan2010