https://github.com/zenithar/go-resume
Thibault NORMAND - Cyber Security Solution Architect - Toulouse, France
https://github.com/zenithar/go-resume
curriculum-vitae cv cyber-security-architect cybersecurity devsecops france golang infosec resume toulouse
Last synced: 3 months ago
JSON representation
Thibault NORMAND - Cyber Security Solution Architect - Toulouse, France
- Host: GitHub
- URL: https://github.com/zenithar/go-resume
- Owner: Zenithar
- Created: 2017-07-16T18:21:35.000Z (almost 9 years ago)
- Default Branch: master
- Last Pushed: 2019-04-17T18:59:55.000Z (about 7 years ago)
- Last Synced: 2024-06-21T17:01:41.558Z (about 2 years ago)
- Topics: curriculum-vitae, cv, cyber-security-architect, cybersecurity, devsecops, france, golang, infosec, resume, toulouse
- Language: Go
- Homepage: http://zenithar.org
- Size: 2.48 MB
- Stars: 3
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
---
title: 'Thibault Normand'
website: http://zenithar.org
street:
postcode: 0
city: Toulouse
phone: +33 668 666 396
email: thibault.normand@gmail.com
date: 1983-05-31
...
# Cyber Security Architect / Ninja Developer / SecOps
### Resume
> Former developer and security enthousiast, I like to deal with projects
> combining these two skill sets.
> My experience in development, as well as my curiosity for new technologies,
> allow me to have a look forward to the future. I put real importance in
> sharing knowledge and skills within my job environment. Eager for knowledge,
> I'm always looking for challenges and exploitation of new knowledges.
- Career objectives : Cyber Security Architect; Instructor; Technical Expert; DevSecOps; Slasher;
- Domains : Cyber Security; Big Data; IoT; Blockchain;
Follow me on [blog](https://blog.zenithar.org); [facebook](https://www.facebook.com/zenithar); [github](https://github.com/zenithar); [linkedin](https://www.linkedin.com/in/zenithar); [mastodon](https://mamot.fr/@zenithar); [twitter](https://twitter.com/zenithar);
> Download [PDF](signed.pdf).
### Work Experience
- [Continental Digital Services]() - Automotive (R&D) - Toulouse, France
* **Cyber Security Architect / Ninja Developer / SecOps / PO** - Since June,2017
- Product Owner for internal security products.
- Technical leader / Golang guru.
- Cyber risk monitoring services definition (AWS).
- Production platform definition (Data, Services, Products, Operations).
- Security By Design strategy definition.
- Secured communication gateway Connected Cars <-> Cloud. (HTTP, MQTT, CoAP)
- Identification, authorization and accounting platform. (AWS, Go, OIDC / SAML2)
- Privacy proof authentication protocol. (Crypto, ZKP)
- Private blockchain integration. (Etherem, Data Sharing, Licensing)
- Privacy engineering. (Crypto, Go, Java, Scala)
- Hardening guides writeups. (AWS, Docker / K8S)
- Architecture audits and consulting. (Threat Modeling)
- Security code review. (Java / J2EE, NodeJS, Python, Go, Crypto)
- Formation / Awareness. (Go, Crypto, Blockchain)
- [Sogeti ESEC](https://www.fr.sogeti.com/expertise/nos-activites/cybersecurite/) - Security (ESN) - Toulouse, France
* **Cyber Security Expert / Data Architect / Full Stack Developer / DevOps** - From October,2013 to June,2017
- CERT / SOC tooling.
- Incident management bridge Jira / QRadar (Go, Javascript, RethinkDB)
- Automated malware analysis platform for IoC extraction. (Go, RethinkDB, RabbitMQ, Docker, Cuckoo, VirusTotal, Yara, AngularJS 2)
- Threat intelligence platform (Go, RabbitMQ, ElasticSearch, Neo4j, AngularJS)
- Vulnerability monitoring and followup platform. (Go, RabbitMQ, MongoDB, AngularJS)
- Embbeded automated virus detection box for USB devices. (Go, AngularJS, Qt, ZMQ, Docker)
- Microservices: email (composition, sending, signatures), identification / authorization, tokens, licences (Go, gRPC, Consul, Vault, Docker, Rancher)
- Security code review. (Java / J2EE)
- Trainee mentoring.
- [Infotel](http://www.infotel.com) - Mainframe (Editor / R&D) - Toulouse, France
* **Engineer R&D / Scrum Master** - From January,2010 to October,2013
- Digital Safe platform. (RabbitMQ, Protobuf, Scala/AKKA, Java, Spring, ElasticSearch, AngularJS)
- Identification, authorization and accounting platform. (Java, Spring, JWT, PKI, PKCS#11, HOTP)
- Documentation toolchain. (Git, Jenkins, Maven, Docbook5, XSLT, FOP)
- Code review. (Java, J2EE)
- Applicative maintenance. (ClearCase, Java, Struts2, Eclipse RCP, Z/OS)
- Trainee mentoring.
- [SCASSI Conseil](http://www.scassi.com) - Security (ESN / Consulting) - Toulouse, France
* **Cyber Security Expert** - From July,2008 to December,2009
- EBIOS method risk analysis tool (SOA, J2EE, .Net)
- Metamodeling for risk modeling applied on software designs (UML)
- Code review (Java/J2EE, C/C++, PHP)
- Reverse engineering (Crackme)
- SoC Analyst
- Instructor for Virtualisation / Firewall & Access controls workshops
### Education
- IUP ISI, Toulouse, France
- 2008 - **Master's degree in Computer Science - 2nd year**
> UML Metamodel; Realtime programming (ADA, C, SCADE); J2EE; Law;
- 2007 - **Master's degree in Computer Science - 1st year**
> UML Modeling; Distributed programming (Java / J2EE, C); Databases; Mathematics; Mangement / Economy;
- 2006 - **License's degree in Computer Science**
> UML Modeling; Languages (Java / C++ / C / ASM); Databases; Mathematics; Mangement / Economy;
- IUT Informatique, Nice, France
- 2005 - **License's degree in Network and System administration**
> Network administration; System administration (Unix, Windows); Database administration (Oracle); Mathematics; Management / Economy; Law;
- 2004 - **Associate's degree in Computer Science**
> Database; Languages (Java / C++ / C); Network; Mathematics; Management / Law;
- Lycée Albert Camus, Fréjus, France
- 2002 - **High School'degree in Science and Enginnering, option Mathematics**
> Mathematics; Mecanic; Electronic; Computer Science;
### Languages
- Français - Langue maternelle
- Anglais - Lu, écrit et parlé
### Skills
> 5: *Expertise*, 4: _I know_, 3: _I can do_, 2: _I'm learning_, 1: _Only if really needed !_
- **Non-Technicals**
* _(5/5)_ : Creative Thinking; Technology watch; Slasher;
* _(4/5)_ : Project Management / Scrum Master; Meeting lead; Pedagogy / Vulgarisation;
* _(3/5)_ : Scientific publication writeup; Public talks;
- **Security**
* _(5/5)_ : Defensive Programming; Security Threat Countermeasures; OWASP Top 10; SANS Top 25;
* _(4/5)_ : Code audit; Cryptography / Cipher; Container / Software Hardening; Threat Modeling (DFD, AT); Threat Intelligence; Cuckoo Sandbox;
* _(3/5)_ : Risk Analysis (EBIOS); GDPR; Suricata; Bro IDS; Honeypots (Cowerie / Kippo); Sinkhole; QRadar SIEM; Splunk; ElasticSearch / LogStash / Kibana;
* _(2/5)_ : Reverse Engineering; Penetration Testing;
- **Languages**
* _(5/5)_ : Go; JavaScript; Java;
* _(4/5)_ : C/C++; Rust; Ruby; Python;
* _(3/5)_ : Scala; ASM (x86, ARM7); PHP;
* _(2/5)_ : Elixir; Erlang;
- **Data Engineering**
* _(5/5)_ : Semantic Modeling; Data Preparation; Data Wrangling; Data Scraping;
* _(4/5)_ : Protégé; Anonymisation; ElasticSearch / LogStash / Kibana;
* _(3/5)_ : Digital signal processing; Anomaly detection; Statistics; Python / Jupyter / Pandas; SciKit Learn; Machine learning (SVM, PNN, RF, GBM); H2o;
- **FullStack Affinities**
* _(5/5)_ : Backend Development; DevOps;
* _(4/5)_ : Frontend Development;
* _(1/5)_ : UI/UX Desginer;
- **Backend Framework**
* _(5/5)_ : Clean Achitecture; Microservices Patterns; Resilience Patterns; gRPC / Protobuf; REST / GraphQL;
* _(4/5)_ : NodeJS; Express;
* _(3/5)_ : Ruby on Rails;
- **Cloud**
* _(5/5)_ : RabbitMQ; NATS; NSQ; ZMQ; WebSocket; Serverless;
* _(4/5)_ : MQTT / eMQTTd; Apache Kafka; Amazon IAM / Cognito; Amazon EC2;
* _(3/5)_ : Amazon SNS; Amazon IoT; Amazon API Gateway / Lambda; CoAP / DTLS;
- **DevOps**
* _(5/5)_ : Docker; Rancher; Prometheus; Consul; Vault;
* _(4/5)_ : Grafana; GitlabCI; Kubernetes; Helm; Istio / Envoy; Sentry;
* _(3/5)_ : Jenkins; Terraform;
* _(2/5)_ : Ansible;
- **Frontend / UX**
* _(4/5)_ : VueJS / Vuex; Apollo;
* _(3/5)_ : HTML5; CSS3 / SASS / LESS; WebAssembly;
- **Blockchain**
* _(4/5)_ : General concepts (Proofs, Algorithms, Protocols); Ethereum;
* _(3/5)_ : J.P. Morgan Quorum; IBM Hyperledger; Parity;
* _(2/5)_ : Smart Contract; Solidity;
### References
> Available upon requests.
### Miscelaneous
- Instruments musique: Batterie & Saxophone
- Amélioration continuelle grâce à la veille technologique, l'expérimentation et les projets personnels (Sécurité, Logiciels, Techniques de management)
- Rédacteur (Blog)
- Explorateur technologique
- Impression 3D
- Domotique
- Développement personnel
- Cuisine du monde
- Microbrasserie
- Pâtisserie / Boulangerie
- Rénovation maison (Maçonnerie, Isolation, Electricité)