About Jean
I help software teams ship secure code faster by integrating security directly into their CI/CD pipelines — without slowing down delivery.
With 8+ years of experience in application security and DevSecOps, I work as an independent consultant (EURL, France) with clients across France, the UK, and North America.
Core expertise:
Web & API Penetration Testing — OWASP Top 10, Burp Suite, OWASP ZAP, SQLMap
DevSecOps & CI/CD Security — SAST, DAST, SCA integration (GitHub Actions, GitLab CI, Jenkins, Azure DevOps); secrets management; supply chain security
Cloud Security — Azure, GCP, secure IaC deployments (Terraform, Ansible)
Reporting & Training — actionable vulnerability reports for dev teams; security enablement workshops
Fully remote | Occasional on-site limited to the Bordeaux area
French native | English bilingual C1 — experienced with US, UK & Canadian clients
French
Native or bilingual
English
Native or bilingual
Remote only
Primarily works remotely
Experience
- Freelance (EURL)Application Security & DevSecOps ConsultantDIGITAL AND ITJanuary 2023 - Today (3 years and 5 months)Bordeaux, France▸ Conduct application security audits and Web/API penetration tests (OWASP Top 10, SAST, DAST, SCA) across client environments▸ Design and integrate security gates into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins), including automated SAST/DAST tooling (OWASP ZAP, Burp Suite, SonarQube)▸ Secure cloud application deployments using Infrastructure as Code (Terraform, Ansible) on Azure and AWS environments▸ Deliver actionable vulnerability reports and remediation guidance tailored for development teams; conduct security training and workshops▸ Multiple engagements under NDA with major French companies (Newspaper, retail…) FR/EU/UK/US clients▸ Led DevSecOps and DevSecMLOps implementation projects, integrating security practices into existing CI/CD pipelines▸ Performed application security audits and cloud deployment reviews on Azure environments▸ Produced client-facing security reports and provided guidance to development teams on secure coding practices▸ Supported client upskilling through hands-on security training sessions
- AvanadeApplication Security ConsultantDIGITAL AND ITJanuary 2023 - August 2023 (7 months)Bordeaux, France▸Led DevSecOps and DevSecMLOps implementation projects, integrating security practices into existing CI/CD pipelines▸Performed application security audits and cloud deployment reviews on Azure environments▸Produced client-facing security reports and provided guidance to development teams on secure coding practices▸Supported client upskilling through hands-on security training sessions
- SIBLUDevSecOps Systems & Network AdministratorENTERTAINMENT AND LEISUREJanuary 2018 - January 2022 (4 years)33600 Pessac, France▸ Managed systems and network infrastructure across 30+ European campsites (Windows/Linux, AD, VPN, firewalls)▸ Spearheaded migration to DevOps/DevSecOps practices: automated provisioning, CI/CD deployment pipelines, security monitoring▸ Hardened application and infrastructure security: WAF deployment, vulnerability assessments, incident response▸ Led cross-functional technical projects; coordinated with external providers and internal IT teams
Recommendations
Be the first to recommend Jean
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master Information Systems SecurityUTT Troyes2023MSc Information Systems Security
- MSc Systems & Network Eng. (DevOps)CESI2020MSc Systems & Network Eng. (DevOps)
Certifications
- Comptia Security +Comptia2024
- AZ900Microsoft2023