Sofiene G

Senior DevSecOps Engineer

Squadhelp • Temps plein

Sep 2024 - Present • 1 yr 9 mos

Implemented a DevSecOps and SSDLC strategy with Shift Left security, featuring automated security KPIs for improved governance and risk visibility. Integrated and automated SAST, DAST, SCA, and container/IaC security within CI/CD pipelines, leading to 40% reduction in critical vulnerabilities and 50% decrease in build time. Optimized cloud costs with FinOps strategies, resulting in ~40% reduction in AWS expenses. Designed multi-account AWS infrastructures as IaC (EKS/Kubernetes, VPC, ALB, IAM, RDS, DocumentDB, EC2, Lambda) using Terraform, Helm, and ArgoCD. Automated security and compliance processes with AI/Agentic AI solutions for risk prioritization. Implemented Single Sign-On (SSO) across multiple applications (OIDC/SAML).

DevSecOps Engineer

AXA • Temps plein

Feb 2023 - Oct 2024 • 1 yr 8 mos

Designed and developed a B2B SaaS architecture for automation of penetration testing for the SOC. Established a CI/CD pipeline on Azure DevOps using a DevSecOps approach and Infrastructure as Code (IaC): Integrated SAST/DAST, SCA, and container security. Deployed resources (ALB, VNET, databases, Security Groups, VMs, etc.) on Azure using Terraform. Deployed the application on Kubernetes/OpenShift using Helm. Improved SOC detection rule coverage and quality by 40%. Automated orchestration of penetration testing. Observability: Utilized Azure Application Insights, Grafana/Prometheus, and ELK. Conducted comprehensive evaluations of security products (WAF, AD, EDR, firewalls, web proxies) to ensure system reliability and robustness. Keywords: Atomic Red Team, Azure Security, OpenShift/Kubernetes, Azure DevOps, Terraform, Scripting, SonarQube, JFrog Artifactory/Xray, Asset Management, Power BI, Python, PostgreSQL, Trivy, Qualys, OWASP ZAP.