About Romain
- Governance & 360° audits: technical/cybersecurity audit, due diligence, roadmap, technology choices, supplier management.
- Architecture & development: Symfony 7, PHP 8.3, API-first, React, Next.js 15, Node.js, Python, Prisma, PostgreSQL/PostGIS. Quality: testing, PHPStan.
- Cloud & DevOps: AWS/Scaleway, Docker, Kubernetes, Terraform, CI/CD GitHub Actions & GitLab CI, observability (logs, metrics, traces), performance.
- Security & compliance: NIS2, DORA, GDPR, ISO 27001, IAM/SSO, SOC/EDR, vulnerability management, BCP/DRP, hardening.
- Impact projects (10Nord): remote sensing, geo-intelligence, satellite imagery (Sentinel-2), STAC/Titiler, MapLibre-GL, AIS correlation.
French
Native or bilingual
English
Fluent
Japanese
Basic
Experience
- 10 NordCEO & Technical DirectorAVIATION AND AEROSPACEMay 2024 - Today (2 years and 2 months)Paris, France
- General Manager & CTO of 10Nord, I align business, product, and technology strategy to deliver robust, secure, and profitable platforms. I operate in demanding environments (e-health, pharmaceutical retail, B2B SaaS) with a results-oriented approach: reduced time-to-market, measurable software quality, controlled costs, and security by design.
- My playground: application redesigns and IT system modernization. I design API-first, modular, scalable architectures, leveraging Next.js 15 / TypeScript, Prisma, Postgres/PostGIS, and an industrialized DevOps stack (Docker, Kubernetes, Nginx). I implement CI/CD pipelines (GitHub Actions, GitLab CI), useful observability (logs, metrics, traces), and clean SSO (OIDC/SAML) to simplify access and strengthen governance.
- On the product side, I structure the roadmap with clear OKRs, manage discovery/delivery, secure MVP scoping, and establish rituals that streamline collaboration between CEO, sales, and technical teams. My mantra: regular shipping, fast feedback, controlled technical debt. Simple, typed, tested (ESLint/Biome) and documented code to accelerate onboarding and maintainability.
- Examples of typical impacts: Next.js redesign that halves time-to-market, CI/CD pipeline implementation that reduces incidents and speeds up go-to-market, contained and reversible cloud migration, Postgres/BI data stack that informs decisions (usage, performance, costs).
- Totum PharmaciensCTOPHARMACEUTICALS INDUSTRYSeptember 2023 - Today (2 years and 10 months)Paris, FranceTechnical Director / CIO of Totum Pharmaciens, I manage the IT and cybersecurity strategy for a national pharmacy group. My role: align business, product, and technology for a demanding network (healthcare, sensitive data, regulatory constraints), modernize existing systems, and deliver fast, clean, and secure solutions. Key objectives: operational reliability in pharmacies, security by design, controlled costs, and reduced time-to-market.IT Governance and Pharmacy IT System Urbanization: target architecture, roadmap scoping, make/buy decisions, publisher and integrator management.Interoperability and Compliance: integration with market pharmacy software, product repositories, third-party flows, SSO/IAM, traceability, minimal access policies.Unified ERP: convergence of tools (group purchasing, catalog, orders, inventory, billing, B2B/B2C CRM), process standardization, data quality.Cloud & DevOps: containerization, GitHub/GitLab CI/CD, Terraform IaC, useful monitoring/observability (logs, metrics, traces), progressive AWS/Scaleway migrations.Data & BI: common data model, Postgres data warehouse, reliable pipelines, actionable dashboards (activity, margins, inventory, rotation, service quality).Operational Cybersecurity: environment hardening, SOC 24/7 EDR+, BCP/DRP, patch management, network segmentation, team awareness, NIS2/GDPR scoping (and HDS when relevant).Backend/Frontend: Symfony 7 / PHP 8.3, API-first, Tailwind, UI components.Data: PMySQL, scheduled jobs, governance, and quality.DevEx/Quality: code reviews, PHPStan/Biome, testing, SLO/SLA, runbooks and post-mortems, living documentation. Mantra: simple, measurable, maintainable code.
- VattenfallDeputy CIOENERGY AND UTILITIESJanuary 2022 - August 2023 (1 year and 8 months)FranceVattenfall â Technical and IT Transformation Department (Energy Sector)
- Management of a multidisciplinary team (10 FTE internal, 5 external): PHP/Symfony developers, React.js, and system administrator. Implementation of engineering rituals and standards to strengthen collaboration and delivery quality.
- On-premise to AWS Migration: end-to-end management (security, availability, costs), integration of DevOps principles and CI/CD pipelines for reliable and frequent deployments.
- AWS Lambda + InfluxDB Technical POC: ENEDIS data stream ingestion and processing, demonstration of high-performance serverless and time-series architectures for data observability.
- IT Department Organization in Agile/Lean (Scrum & Kanban): role scoping, backlog and rituals, improved visibility, and reduced time-to-market.
- Governance and Budget: FinOps monitoring, cost optimization, prioritization of high-impact investments.
- Management KPIs: definition and tracking of velocity, lead time, and quality (incidents, MTTR), actionable dashboards.
- Product Scoping: drafting specifications for the redesign of a business tool, structuring IT documentation (runbooks, post-mortems) for sustainable governance.
- Roadmap and Compliance: co-construction with PMO, consideration of regulatory requirements in the energy sector.
- Data and SQL Support: assistance to business teams on queries and analysis.
- Human Capital: recruitment of 3 FTEs in 12 months, implementation of monthly technical masterclasses and a culture of continuous improvement.
Reviews
Recommendations
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Financial Investment AdvisorProdemial Business School2025
- Intermediary in Banking Operations and Payment ServicesProdémial Business School2025
Certifications
- Web Application, Services, and Server SecurityLearning Tree International2017