m
mectover

Sofiene G

@mectover

Senior DevSecOps Cloud Engineer

France
French, English
About me
DevSecOps and Cloud Security Engineer specializing in secure cloud architecture, application security, and end-to-end automation. Experienced in building and securing CI/CD pipelines, automating security gates, and performing infrastructure-level pentesting on AWS environments. Strong background in software engineering with a focus on scalable, security-first systems.... Read more

Skills

m
mectover
Sofiene G
Offline • 
Average response time: 1 hour

See my services

Cloud Network & Security
I will deploy and secure your kubernetes cluster eks aks with best practices
From$300 / projectMore details
CI/CD
I will build a secure devsecops cicd pipeline
From$100 / projectMore details

Work experience

Squadhelp

Senior DevSecOps Engineer

Squadhelp • Full-time

Sep 2024 - Present1 yr 9 mos

Implemented a DevSecOps and SSDLC strategy with Shift Left security, featuring automated security KPIs for improved governance and risk visibility. Integrated and automated SAST, DAST, SCA, and container/IaC security within CI/CD pipelines, leading to 40% reduction in critical vulnerabilities and 50% decrease in build time. Optimized cloud costs with FinOps strategies, resulting in ~40% reduction in AWS expenses. Designed multi-account AWS infrastructures as IaC (EKS/Kubernetes, VPC, ALB, IAM, RDS, DocumentDB, EC2, Lambda) using Terraform, Helm, and ArgoCD. Automated security and compliance processes with AI/Agentic AI solutions for risk prioritization. Implemented Single Sign-On (SSO) across multiple applications (OIDC/SAML).

AXA

DevSecOps Engineer

AXA • Full-time

Feb 2023 - Oct 20241 yr 8 mos

Designed and developed a B2B SaaS architecture for automation of penetration testing for the SOC. Established a CI/CD pipeline on Azure DevOps using a DevSecOps approach and Infrastructure as Code (IaC): Integrated SAST/DAST, SCA, and container security. Deployed resources (ALB, VNET, databases, Security Groups, VMs, etc.) on Azure using Terraform. Deployed the application on Kubernetes/OpenShift using Helm. Improved SOC detection rule coverage and quality by 40%. Automated orchestration of penetration testing. Observability: Utilized Azure Application Insights, Grafana/Prometheus, and ELK. Conducted comprehensive evaluations of security products (WAF, AD, EDR, firewalls, web proxies) to ensure system reliability and robustness. Keywords: Atomic Red Team, Azure Security, OpenShift/Kubernetes, Azure DevOps, Terraform, Scripting, SonarQube, JFrog Artifactory/Xray, Asset Management, Power BI, Python, PostgreSQL, Trivy, Qualys, OWASP ZAP.