Über Liang
Expert en cybersécurité offensive et en sécurité applicative avec un passif de développeur, j'ai pu travailler à la fois avec des grands comptes qu'avec des petites structures sur des sujets de test d'intrusion, red team, audit de code ainsi qu'appsec et devsecops.
Französisch
Muttersprachlich oder zweisprachig
Englisch
Verhandlungssicher
Chinesisch
Muttersprachlich oder zweisprachig
Spanisch
Grundkenntnisse
Niederländisch
Grundkenntnisse
Vor Ort möglich
Paris (bis zu 50 km)
Projekt- und Berufserfahrung
- Saint-GobainOffensive Security EngineerJanuar 2025 - Heute (1 Jahr und 5 Monate)Courbevoie, FrankreichPerformed internal penetration tests and full-scope red team engagements for multiple clients, focusing on realistic adversary emulation and post-exploitation paths• Collaborated closely with development, DevOps and business teams to prioritize and validate remediation actions — produced step-by-step remediation plans, replayable PoCs, and verification checks to reduce time-to-fix• Delivered detailed technical reports and executive summaries adapted to stakeholder audience; ran remediation verification retests and provided risk re-assessments after fixes• Built and maintained custom tooling and automation for reconnaissance, exploitation workflows and post-exploitation persistence to improve engagement efficiency• Ran hands-on knowledge-transfer sessions and secure-coding workshops for engineering teams and held remediation walkthroughs with product owners to ensure fixes were operational and aligned with business constraints
- FORMINDOFFENSIVE SECURITY CONSULTANTNovember 2020 - Januar 2025 (4 Jahre und 2 Monate)France• Led comprehensive penetration tests, focusing on identifying critical vulnerabilities and providing actionable remediation steps• Directed red team operations, including social engineering, physical intrusion testing, and custom malware development• Oversaw internship programs, managing and mentoringjunior consultants, and providing ongoing training on offensive security• Taught secure development and penetration testing courses to internal teams and clients• Spoke at cybersecurity conferences, sharing insights on application security and public vulnerabilities.• Collaborated with the pre-sales team, scoping security engagements and ensuring alignment with client expectations
- Edenred BeluxAPPLICATION SECURITY ENGINEERJuli 2018 - Oktober 2020 (2 Jahre und 3 Monate)Brussels, Belgium• Managed vulnerability and patch management programs, coordinating remediation across teams• Led application security reviews and integrated SAST/DAST tools into DevOps for continuous security testing throughout the SDLC• Integrated OpenSAMM into the SDLC to enhance security governance and ensure secure development practices• Participated in the incident response during a ransomware attack, focusing on malware analysis and Active Directory forensics• Supervised pentest campaigns, providing detailed reports and presenting findings to senior management and stakeholders.• Directed security awareness programs, training internal teams on secure coding practices, security best practices and thereby foster ing a security-focused culture
Empfehlungen
Sei die erste Person, die Liang empfiehlt
Teile Deine Erfahrung aus der Zusammenarbeit mit diesem Freelancer.
Diese Freelancer passen auch zu Ihren Kriterien
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Ausbildung und Abschlüsse
- Bachelor of Science in Computer ScienceEPFC2017Bachelor degree in Computer Science
- Bachelor of ScienceUniversité libre de Bruxelles2010Bachelor degree in Social Sciences
Zertifizierungen
- OSCPOffsec2020
- OSWEOffsec2022