Freelancer profile translated to English.
Back to original languageAbout Sébastien
🔐 Cybersecurity & IT Management | Securing, Troubleshooting & Secure Development
Need to secure your infrastructure, fix a vulnerability, or stabilize your servers quickly?
I assist SMEs, startups, and technical organizations with concrete missions:
• IT Security Audit
• Infrastructure Security (Linux / Windows Server)
• Partial or complete IT Management
• Monitoring and Preventive Maintenance
• Backup & Disaster Recovery Plan Implementation
• WordPress and Web Application Security
• Compromise Analysis / Incident Management
• Custom Secure Software Development (Rust, Python, Go, C++)
• Network Architecture and Secure Segmentation
My approach is pragmatic: understand your environment, identify real risks, and implement adapted, reliable, and documented solutions.
I can intervene:
✔ on a one-off mission (audit, migration, urgent security)
✔ on a monthly basis (IT management, continuous monitoring)
✔ on a specific project (internal tool, secure API, automation)
🔧 Quick intervention possible for:
• Linux / Windows Server Troubleshooting
• SSL / HTTPS Configuration
• WordPress Security after Hacking
• Backup Implementation or Verification
• VPS / Hosting Migration
• Urgent Incident Resolution
Goal: Secure and stabilize your system without complicating your organization.
French
Native or bilingual
English
Fluent
Italian
Basic
Can work on-site
Clermont-Ferrand (up to 50km), Saint-Étienne (up to 50km), Lyon (up to 50km), Grenoble (up to 50km)
Experience
- SENTINELISSecurity Audit in a Constrained Cyber Defense / Applied Research EnvironmentCONSULTING AND AUDITSApril 2026 - April 2026Clermont-Ferrand, FranceFormalization of a threat-oriented audit approach, adapted to sensitive or highly restricted environments. The objective is to assess how a malicious user, with limited system access, could subvert intended mechanisms: restricted client, virtual machine, network filtering, USB restrictions, controlled internet access, or application compartmentalization.This approach goes beyond searching for classic vulnerabilities. It incorporates bypass scenarios, abuse of legitimate components, HID devices or microcontrollers, as well as discreet behaviors that may not generate obvious alerts on the supervision side.It also relies on reflection around persistent threats: long-term observation, attacker adaptation, exploitation of technical and organizational blind spots, and the ability to progressively bypass defenses without noisy actions.Skills applied: configuration audit, risk analysis, network security, virtualization, hardening, internal intrusion scenarios, external exposure, recommendation writing, and prioritization of fixes.
- SENTINELISSecurity Audit and Hardening of Linux & WordPress InfrastructureCONSULTING AND AUDITSMarch 2026 - March 2026Lyon, FranceComprehensive audit and progressive takeover of cybersecurity for a sensitive SME exposed to hybrid threats, operating several high-visibility WordPress sites.The mission began with an in-depth analysis of the infrastructure, including inspection of active processes, analysis of system and application logs, verification of persistence mechanisms, and search for indicators of compromise (webshells, malicious scripts, suspicious scheduled tasks).Particular attention was paid to analyzing SSH access and automated intrusion attempts to assess the server's actual exposure level.Following this investigation phase, several cleanup and attack surface reduction actions were implemented:• Restriction of MariaDB network exposure (local access only)• Hardening of the SSH service and protection against brute force attacks• Implementation of automatic IP blocking mechanisms for malicious addresses• Optimization of PHP-FPM and MariaDB configurations to improve server stability• Correction of application configurations causing recurring errors in logs.To observe the real behavior of attacks before deploying a complete security architecture, a behavioral analysis system based on CrowdSec was deployed.This system can detect:• Automated scans• Administration interface probes• WordPress brute force attacks• Malicious bots and aggressive crawlers.Hostile IP addresses are automatically blocked via a firewall bouncer mechanism.This phase is the first step before implementing a full SOC/SIEM architecture, aimed at ensuring proactive detection and security event correlation.
- SENTINELISPenTest & Strategic Risk Assessment for an SMECONSULTING AND AUDITSFebruary 2026 - February 2026Lyon, FranceConducting a comprehensive penetration test as part of a global cybersecurity posture assessment for an SME.The engagement was conducted according to the APD (Advanced Persistent Defense) methodology, a structured approach aimed at analyzing not only technical vulnerabilities but also organizational and human vectors that could constitute lasting entry points for an attacker. **Technical Phase:
- Mapping of exposed assets
- Analysis of external and internal attack surfaces
- Identification of network and application vulnerabilities
- Controlled exploitation of identified flaws
- Impact assessment (confidentiality, integrity, availability)
Human Factor and Behavioral Exposure:In a realistic persistent attack scenario, a controlled social engineering test was performed to assess the organization's behavioral resilience.The simulated scenario demonstrated that the human attack surface represented a priority exposure vector, regardless of the perceived level of technical maturity.This phase helped reposition cybersecurity in its strategic dimension: an organization can be technically robust yet remain vulnerable due to its human factor.Deliverables:- Detailed technical report
- Executive summary for management
- Strategic risk analysis
- Prioritized remediation plan
- Organizational and awareness recommendations
Result:The mission led to a global awareness and the implementation of an improvement plan integrating architecture, governance, and the human factor.
Recommendations
Be the first to recommend Sébastien
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- RNCP37987 – Cybersecurity Specialist (Level 6)CSB Education Group (CSB.School)Parcours Bac+3 orienté pratique visant à rendre opérationnel sur les problématiques concrètes de cybersécurité en environnement PME/ETI : sécurisation d’infrastructures, durcissement systèmes, gouvernance des risques, détection et réponse aux incidents, ainsi que tests d’intrusion éthiques encadrés. La formation est structurée autour d’une montée en compétences progressive (réseaux, systèmes, développement, sécurité), avec une forte part de cas pratiques en conditions proches du réel : conception et sécurisation d’architectures réseau (zone entreprise/DMZ/zone industrielle), administration et sécurisation Linux/Windows, mise en place de mesures de protection de la donnée (chiffrement, contrôle d’accès), et rédaction de documentation/standards techniques. Un volet “SOC & détection” met l’accent sur l’analyse d’événements, la collecte et l’exploitation de journaux (logs), la construction de scénarios (playbooks) et l’amélioration continue des détections. Cette dimension se traduit directement en livrables utiles pour une organisation : cartographie des actifs, définition du comportement nominal, procédures de réponse et recommandations priorisées. Le parcours inclut également des mises en situation de tests d’intrusion éthiques (OSINT/discovery, reconnaissance active, exploitation encadrée, élévation de privilèges, AD, pivot), avec restitution structurée : synthèse, preuves, criticité, impacts (confidentialité/intégrité/disponibilité) et plan de remédiation. Enfin, l’intégration d’enseignements en développement et sécurité applicative (notamment Python/Rust/C, modèles web, API, cryptographie) renforce la capacité à auditer, automatiser et fiabiliser des outils internes, ainsi qu’à dialoguer efficacement avec des équipes techniques. En pratique, ce parcours soutient mes interventions chez les clients sur : audit d’exposition, durcissement, sauvegardes/PRA, segmentation réseau, sécurisation des postes/serveurs, et amélioration de la posture sécurité de manière pragmatique et documentée.