System Security Engineer @ EADS Defence & Security
Working on cyber security issues relating to cloud services and third-party software. Specialized in network & web security architectures, risk assessment and security evaluation. Current work includes cloud security, web application security frameworks, web proxies and risk assessment (including gap analysis and threat modelling). Skills include network and application security (e.g., firewall, IDS, XSS/SQLi), Internet architecture at
Working on cyber security issues relating to cloud services and third-party software. Specialized in network & web security architectures, risk assessment and security evaluation. Current work includes cloud security, web application security frameworks, web proxies and risk assessment (including gap analysis and threat modelling). Skills include network and application security (e.g., firewall, IDS, XSS/SQLi), Internet architecture at all levels (especially security protocols such as TLS/SSL), Linux (including penetration testing distributions such as Kali Linux/Backtrack), offensive capabilities (fuzzing, exploit development, black and grey-box pentests), attack on cryptographic systems) and Java/Python/C programming.
Senior Staff Security Engineer @ From April 2015 to Present (9 months) Senior Security Engineer @ Security advisor working inside the development teams:
• Evaluate and measure the efficacy of security scanners and feeds
• Find features used in machine-learning algorithms to detect malicious behavior in files and streams
• Test security of internal and third party interfaces (fuzzing, reverse-engineering...)
• Provide guidance and implement core security features (TLS inspection, cryptography...) From February 2014 to April 2015 (1 year 3 months) London, United KingdomSecurity Architect @ Provide expertise and guidance on security matters across the business unit
• Security architect for Cloud Web Services (CWS) datacenters serving billions of requests a day across the globe
• Designed and secured the new generation of multi-tenant, high availability SCO datacenters
• Designed security controls for SCO datacenters across the globe
• Centralized authentication across the BU using Openldap (pcache and translucent overlays) From February 2013 to February 2014 (1 year 1 month) London, United KingdomNetworking Security Engineer @ Member of the backbone security team for security solutions; firewalling, IDS, VPN, AAA, network attacks and virtualization:
• Resolved complex customer issues in any security related domain involving high scale networks, pressure and tight deadlines. Acted as an escalation point for complex issues.
• Conducted Alpha testing for the development teams on pre-release products such as ASA 9, ISE, CSR, VSG
• Provided bug fixes and new feature PoC code to the development teams.
• Conducted hiring interviews. Created scenarios and exercises to both get the candidate at his best and evaluate the candidate in depth. From December 2010 to February 2013 (2 years 3 months) Sydney, AustraliaSystem Security Engineer @ Member of the integration and qualification team for Cymerius, a solution to centralize, detect, evaluate and react against cyber attacks
• Detected suspicious traffic – DNS/HTTP tunnels, suspicious layered traffic, clear-text passwords... - using a Qosmos probe. Generated suspicious test traffic using Scapy
• Designed and implemented Log Logic correlation rules. Created meaningful high level alerts based on multiple small atomic events to assist in first response to cyber attacks
• Wrote a log normalizer tool which given a log input and a regexp, dynamically transformed the log to an expected format and transmit it to a syslog server (C#)
• Automated testing, load testing and fuzzing of protocols used by the appliance (SOAP, syslog, proprietary file formats) using Bash and Python
• Hardened Windows and Linux (Centos) hosts. Wrote SELinux module for syslog-ng and applied common best pratices for Linux hardening.
• Blackbox audited application web frontend. Searched for common web vulnerabilities, such as
XSS, SQLi, session hijacking, data injection... From December 2009 to November 2010 (1 year) Engineering Apprentice @ Member of the Information System Team which designs and tests new Information Systems for constrained military networks.
• Designed and implemented a secure messaging system for constrained tactical military networks. Optimized message exchanges by using compression techniques at both the application and network layer. Secured communications by encrypting and signing network exchanges (Python)
• Designed, implemented and customized a collaborative work solution based on off the shelf components – VoIP, Video, chat... - in a constrained network environment. Leveraged XMPP/Jingle using Openfire/Asterix to provide collaborative solutions. Tweaked servers to dynamically adapt codec usage to bandwith changes. Wrote a NAT inspection plugin for Jingle to allow calls to work through NAT. Tested various network attacks to hijack, intercept and rebuild VoIP flows. Wrote a tool to rebuild VoIP flows in real-time (C, libpcap). From September 2006 to September 2009 (3 years 1 month)
Master of Engineering, Electrical and Electronics Engineering @ Conservatoire National des Arts et Métiers From 2006 to 2009 Alexandre Moneger is skilled in: Network Security, Linux, Reverse Engineering, Cryptography, Public Speaking, Cisco Technologies, TCP/IP, Data Center, Java, Python, C, x86 Assembly, Firewalls, IPS, Vulnerability Research
Looking for a different
Get an email address for anyone on LinkedIn with the ContactOut Chrome extension