about me


I’m working in the cybersecurity field since 1998. After studying physics, I’ve been security consultant, project manager of crypto-related stuff, trainer, I set up a pentest activity, I made an expedition in sea kayak through Patagonia (5 month, without assistance; I wrote a book about this), I have been the head of a security operations center (SOC) and I’m the now the head of a security team in a large organization.

I joined since February 2017 the IT security team of an international organization, as a cybersecurity expert | specialist for a one year period.

Translated into certifications, my double interest for technics and management look like: 2015 GIAC web Application Pentester and 2016 Security/Safety management ESCP certified.

I have been lecturer in several conferences, and teach occasionally at the University level (Université Paris XIII in 2016 for instance).

I am interested in all kind of risks, not only IT risks. And I believe that we do not only have to act well and quickly, when dealing with security. We have to think security. Security isn’t good by nature; security isn’t a “right”; security is not only about reducing risks; security perception is never objective. Security is a way to *handle* risks. And we have to think how we handle things.

This website is up since early 2000.

Myself, wearing the truth about my job