Yassine Belkhadem
Software Engineer
About
Final-semester MSc Software Engineering student specializing in cybersecurity, with expertise in full-stack development, DevOps, and cloud technologies. Proficient in Golang, Python, .NET, React, and Next.js. Co-founder of a tech startup, demonstrating leadership and entrepreneurial skills. Extensive experience in offensive security as a CTF player, organizer, and bug bounty hunter. Authored and organized 15+ CTF competitions, including events at BlackHat MEA. Actively participates in bug hunting on platforms like Intigriti and Yogosha. Seeking an end-of-study internship or full-time position to apply my diverse skill set in building robust and secure software solutions.
Experience
-
- Product Security Intern @ MercariTokyo, Japan - HybridSummary:
- As a Product Security Intern at Mercari, I played a crucial role in enhancing the company's application security processes. I significantly improved the Dynamic Application Security Testing (DAST) coverage and efficiency, conducted security assessments aligned with the Secure Software Development Life Cycle, and developed automation tools for security checks. My work involved threat modeling, CodeQL analysis, and ensuring compliance with OWASP Top 10 standards, contributing to a more robust security posture for the organization.
Responsibilities:
- Improve and streamline the DAST improvement.
- Triage SAST reports and conduct security assessments.
- Developed Golang control server for Nuclei and integrate it with NextJS frontend.
- Automated security checks using Golang and GitHub API in Serverless environment.
- Configured and deployed applications on GCP using Terraform and GitHub Actions.
-
- Software Engineer @ CTF.aeDubai, UAE - RemoteSummary:
- Contributed to CTF platform development, implemented testing and CI/CD, and collaborated on website design and admin dashboard development. A significant part of my work involves organizing and developing Capture The Flag (CTF) competitions, where I create challenging and educational cybersecurity scenarios.
Responsibilities:
- Conducted Security Trainings and Workshops for students and professionals.
- Created Labs and Challenges for security professionals
- Developed and maintained CTF platform features.
- Implemented E2E and integration tests.
- Designed and optimized CI/CD pipelines.
- Collaborated with design team on website development.
- Developed real-time admin dashboard with customizable reporting.
-
- Cybersecurity Engineer Intern @ PCP ConsultingToulouse, France - RemoteSummary:
- Developed auditing tool, created unified dashboard, implemented notification systems, and collaborated with clients.
Responsibilities:
- Developed and maintained auditing tool in Golang.
- Created and maintained unified dashboard using NextJS.
- Implemented real-time notification system.
- Collaborated with clients on tool development.
-
- CTO & Co-Founder @ K-NoonTunis, Tunisia - HybridSummary:
- Led technical development, secured investor interest, established technical strategy, and drove company growth.
Responsibilities:
- Led technical development and strategy.
- Developed proof of concept and secured investor interest.
- Established and documented technical direction.
- Led recruitment, mentorship, and team upskilling.
- Engineered API using NestJS and Clean Architecture.
-
- Red Team Intern @ Ernst and YoungTunis, Tunisia - HybridSummary:
- Developed dynamic Red Teaming lab and created vulnerable web applications for cybersecurity training.
Responsibilities:
- Developed a real‐time dynamic Red Teaming lab for technical tests, generating over 130 unique scenarios from a setup of 5 machines and 15 vulnerabilities, with over 10 network configurations. The lab featured easy customization for tailored technical tests and ensured the generation of different tests for different participants
- Created and maintained vulnerable web applications and binaries.
Skills
Education
National Institute of Applied Sciences and Technology
Software Engineering