You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Talel ChelbiTC

Talel Chelbi

Senior Cybersecurity Engineer

€650/day
Paris, FR
8-15 years
Cybersecurity
Security Audit
Web Application Security
Offensive Security
PenTest

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Talel

Cybersecurity engineer with 11 years of experience, specializing in audit, offensive security (OffSec), and application security (AppSec). After 5 years as a consultant at Athena, I led the Sopra HR security department for 4 years. Based in Paris since 2022, I have carried out missions for Sanofi and Galeries Lafayette. I combine technical skills with soft skills such as project management, communication, leadership, and analytical thinking.

  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Paris (up to 40km)

Experience

  • Galeries Lafayette
    OffSec Engineer (Offensive Security)
    LUXURY GOODS
    March 2023 - September 2025 (2 years and 6 months)
    Paris, France
    Application scanning activities: Qualys WAS (Web Application Security):
    • Regular scans: Vulnerability identification on the websites of the Galeries Lafayette group and its partners
    • Counter-analysis: Evaluation of scan results to verify their relevance and accuracy
    • Patch tracking: Coordination with site managers to ensure the implementation of corrective actions
    • Counter-audit: Verification of the effectiveness of applied corrective measures

    Application pentesting activities:
    • Application penetration tests for Galeries Lafayette applications (such as VIPHSM, Détaxe, and Cash Register Management)
    • Penetration tests on Galeries Lafayette and partner websites
    • Reporting and presentation
    • Patch tracking and counter-audit

    Infrastructure scanning activities: Qualys VMDR (Vulnerability Management Detection & Response):
    • Regular scans of Galeries Lafayette assets: Proactive identification of exploitable vulnerabilities on servers and workstations
    • Unauthenticated scans: Identification of vulnerabilities without system access
    • Authenticated scans: In-depth analysis via VMDR agents installed on assets
    • Counter-analysis, patch tracking, and counter-audit

    External Attack Surface Management (EASM) activities:
    • External asset mapping: Continuous identification of Galeries Lafayette's exposed domains, IPs, and services
    • Regular vulnerability scans: Identification of flaws on publicly accessible external assets
    • External threat monitoring: Detection of data leaks and monitoring of suspicious activities related to external assets
    • Results analysis: Validation of alerts and elimination of false positives, and tracking of applied patches
    • Reporting and tracking: Communication of results to stakeholders and follow-up on corrective actions
  • Sanofi
    AppSec Engineer (Application Security)
    PHARMACEUTICALS INDUSTRY
    August 2022 - January 2023 (5 months)
    Paris, France
    White Box application audit activities (SAST and SCA):
    • Source code scanning (White Box scans) of applications used within Sanofi via the Checkmarx tool
    • Configuration of workflows to automate Checkmarx scans of GitHub repositories
    • Analysis of scan results and vulnerabilities identified by Checkmarx
    • Tracking of corrective actions taken by the owners of the audited applications
  • Sopra HR Software
    Head of Security Department
    SOFTWARE PUBLISHING
    June 2018 - July 2022 (4 years and 1 month)
    Tunis, Tunisia
    Management activities:
    • Management of security department members (1 senior pentester and 1
    confirmed pentester) and end-of-studies projects
    • Steering and monitoring of security department projects / activities
    • Schedule and prioritization management
    • Participation in management / client meetings as Head of Security Department
    • Ensuring the role of privileged contact with the various entities working with the security department

    Application pentesting and vulnerability identification activities:
    • Performing application penetration tests (pentest) targeting Sopra HR's HRIS and Sopra HR clients' applications interacting with these HRIS
    • Reporting, patch tracking, and counter-audit
    • Performing application vulnerability scans
    • Performing counter-analyses

    Cross-functional security activities:
    • Training / awareness
    • Technical expertise
    • Technology watch
    • Consulting and assistance
Check out Talel's experience

Recommendations

Be the first to recommend Talel

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • National Engineering Diploma
    INSAT
    2013
    Diplôme National d'Ingénieur
  • Symantec Data Loss Prevention 14 Sales Expert
    ANCE
    Symantec Data Loss Prevention 14 Sales Expert
Check out Talel's education

Skill set

Risk and Vulnerability Assessment
Security Awareness Training

Categories