Bulle, Fribourg, Switzerland
Recently completed an internship in cybersecurity and currently seeking new opportunities in the field. I am passionate about cybersecurity and actively participate in challenges on RootMe, TryHackMe, Hackropole, and HackTheBox. Additionally, I use LeetCode to enhance my programming skills and improve my code performance. In my free time, I enjoy poker, cryptocurrencies, and sports.
Penetration testing of embedded ECUs and CAN networks, focused on identifying implementation flaws and software vulnerabilities through crafted UDS exchanges and Python-driven attack scenarios to provoke memory writes, forced resets, firmware flashing and deviations in ECU behavior (including SCR systems). Application-level penetration testing of diagnostic software and hardware/embedded testing against protected debug interfaces (e.g. password-protected JTAG) to validate device hardening. Development and integration of SBOMs into Dependency-Track and CI/CD pipelines to enable component tracing and automated vulnerability monitoring across ECU software and diagnostic tools. Analysis and robustness testing of illicit SCR emulators that simulate false NOx/NH3/urea sensor signals to assess detection capabilities and prevent AdBlue bypassing. Activities performed to support TARA and compliance with upcoming automotive cyber standards (EU 2027), with regular coordination with development teams and cross-functional stakeholders; strong autodidactic approach to tool development and research.
Development and integration of attack scenarios for a Penetration Testing Automation Framework. Conducted in-depth vulnerability analyses within complex environments related to ESA's space missions. Integrated custom tools and automated processes to enhance the security of communications between space mission systems and ground infrastructures, while contributing to the protection of space assets against emerging cyber threats.
Contributed in a cyber security approach to the integration of Okta authentication solutions within medium and small organizations. Established secure authentication policies for applications like Salesforce, Office365, and VPNs by implementing Multi-Factor Authentication (MFA) using OAuth2 and SAMLv2 protocols. Developed scripts to automate identity management and centralized application authentication, with delegation to Active Directory or LDAP. Worked on Microsoft Graph API automation projects to enhance identity and group policy management, building custom KPIs to optimize security operations.
Cybersecurity Department: Developed a Python-based framework to automate and visualize the management of nearly 100 ongoing cybersecurity projects. By processing updated Excel sheets, my script classified data into an SQLite database, calculated KPIs, and generated aggregated insights. I also automated the creation of charts and performance graphs to track project progress over time. The system improved operational efficiency by streamlining data synthesis, reducing risks, and optimizing security project monitoring.
Contributed to the Computer Science department by integrating HTML, CSS, and JavaScript into the JOOMLA framework. Spearheaded efforts to organize and standardize the website's codebase, introducing modern structures and innovative designs to enhance both functionality and user experience.