Loading ...

Horizontal Line

Introduction

Jean-Benjamin ROUSSEAU

23 years old, Paris (France), French A2 & B driver's license

Security Auditor (Pentester)

Graduated from the ENSIMAG - Grenoble INP, I chose to specialise in the Information Systems Security field by attending security courses during one semester at the NTNU university in Norway. This specialization complements my work experience as Information Systems Security Engineer in Apprenticeship by Orange France.

Career prospects

In the short term, I wish to develop my penetration testing technical skills and to have them certified by approved establishments.

I am open to any opportunity on the international stage, and keep listening to the French market!

Education

ENSIMAG logo

Computer science & Information Systems Engineer by Apprenticeship
ENSIMAG - Grenoble INP
2014 - 2017
Saint Martin d'Hères, France

NTNU logo

Master in Information Security - Exchange semester
NTNU
August 2016 - December 2016
Gjøvik, Norway

UIT in Montpellier logo

UIT degree in Computer science
UIT in Montpellier
2012 - 2014
Montpellier, France

Ecole de Provence logo

French high school diploma in sciences specialized in Mathematics with honours
Lycée de Provence
2009 - 2012
Marseille, France

Professional experience

Security Auditor (Pentester)

Orange France
January 2017 - August 2017

  • Monitoring & carrying out technical security audits
  • Management of the auditors' community
  • Project manager: Creation of a knowledge database for the security auditors
  • Participation in CTF tournaments
  • Skills enhancement by practicing on vulnerable training platforms
  • Creation of security challenges
  • Security development monitoring
Apprenticeship contract Arcueil, France

IT&N Security Engineer

Orange France
September 2014 - January 2017

  • Writing of technical security reference manuals
  • Writing of technical annexes of the security reference manuals for different device suppliers
  • Project tracking: Deployment of an industrial solution for network devices security audits
  • Audit reports analysis and action plan development
  • Security development monitoring
Apprenticeship contract Lyon, France

JAVA programmer-analyst

Constellio
February 2014 - May 2014

  • Design & Development of different IDM software modules: Big Data, software installation, automatic updates
  • Project management: Scrum methodology
  • Development: TDD methodology
  • Automation of different test phases
Internship abroad Quebec City, Canada

Network analyst

Riviera Networks
January 2011

  • Operating Systems setup
  • Network packets analysis
Discovery internship Aix les Milles, France

Certifications

TOEIC logo

TOEIC® Listening and Reading
ETS
May 2016
Result: 875/990

Handi Management logo

Label Handi Manager
Companieros
January 2015
Result: 54,5/60

Projects

Writing of a scientific paper about the Conficker worm (also known as Downadup)

Computer virus

Personal project, NTNU, 2016
Download the report (in English)

The scientific paper is structured as follows:

  • History and evolution of the worm
  • The different vectors of propagation
  • The worm Updates
  • Self-protecting mechanisms
Security Reverse engineering Vulnerability exploits Algorithmics Network

Writing of a scientific paper about the Heartbleed vulnerability

The Heartbleed vulnerability

Personal project, NTNU, 2016
Download the report (in English)

The scientific paper is structured as follows:

  • Review of the SSL/TLS protocol and the Heartbeat extension
  • Origin of the Heartbleed vulnerability
  • Vulnerability Exploits
  • Protection against the vulnerability
Cryptography Security Buffer Over-read

Behavioral biometrics:
Development of a continuous authentication solution based on keystroke dynamics

Keystroke dynamics

Personal project, NTNU, 2016
Download the report (in English)

Project report on the design, development and optimization of a behavioral analysis tool based on the keystroke dynamics of final users and providing a continuous authentication system.

A document on the state-of-the-art of "keystroke dynamics" which is comparing the efficiency of different distance functions and considering elements of complexity such as the learning curve, the impact of the user environement and others.

Behavioral biometrics Mathematics Algorithmics MATLAB

Reverse engineering of an Android application: Eurovision Song Contest

Eurovision mobile application

Team project: 4 people, NTNU, 2016

The mobile application has been analyzed through two methodologies:

  • Dynamic analysis by using a Man-In-The-Middle attack
  • Static analysis: decompiling and disassembling

The goal of the project was to bypass the prohibition made by the application to vote in favour of the user's country.

Reverse engineering Wireshark Decompiling Disassembling

Operating System Development

Operating System project

Team project: 3 people, ENSIMAG, 2016
Duration: 3 weeks

The following modules have been developed under 3 weeks:

  • Process management with context switches
  • Sequencing, dynamic creation, termination and filiation of the processes
  • Inter-process communication and sleep
  • Virtual memory by adding the user mode
  • The command interpreter
Project management x86 assembly C Operating system TDD methodology

Software engineering project - Development of an Oriented Object Compiler for the Deca language (derived from JAVA)

Software Engineering Project

Team project: 8 people, ENSIMAG, 2015
Duration: 3 weeks

The classical steps of a compiler have been developed:

  • Lexical analysis of the Deca language
  • Syntactic analysis
  • Semantic analysis
  • x86 assembly code generation
Project management Management Grammars Compilation JAVA x86 assembly Scrum methodology TDD methodology

« The 24h of UITs in Computer science » competition in Strasbourg, France

The 24h of UITs in Computer science competition

Team project: 6 people, UIT degree in Computer science, 2014

The competition was composed of 3 challenges lasting 8 hours each:

  • The applicative challenge: Development of an Artificial Intelligence for a board game
  • The Web challenge: Development of a Web application of asset management
  • The security challenge: CTF tournament
Project management Management Development Algorithmics Artificial Intelligence JAVA CTF tournament

Interval methods for solving non-linear constraint systems with real numbers

Team project: 4 people, UIT degree in Computer science, 2014

The project is composed of four major parts:

  • The micro-compiler generating syntactic trees representing the equations inserted by the final user
  • Solving with the boxes method: bisection into subboxes followed by the verification of the existence of solutions
  • Optimization of the performances by implementing the HC4 algorithm
  • Graphical user interface
Project management Algorithmics Optimization JAVA Swing

Development of a website for a game community

Screenshot of the UFB website

Personal project
Current secretary of the Unknown Flying Bullet association

The website has several functionalities set up using existing or self-developed plugins:

  • Community forum
  • State of the Teamspeak server
  • State of the game servers
  • IRC channel
  • Online chatbox
  • Advertisement
  • Facebook group
  • LDAP authentication
CMS - Joomla PHP AJAX Javascript HTML CSS LDAP

Key skills

Fields of competence

In-service training in information system security

CTFs: ABCTF, AlexCTF, EasyCTF, IceCTF, etc.

Conferences: FIC, STHACK, SSTIC, Nuit du Hack

Training platforms: Root-me, Newbie Contest

Information system security

Penetration testing: Web, systems and networks - Black box, white box

Networks: Routing, Firewall, Proxy, VPN, Load Balancing, IPS/IDS

NIDS: Bro, Snort, Suricata

Reverse engineering: GDB, IDA

Forensic data analysis

Tools: Burp Proxy, Metasploit, Nessus, Nmap, Sqlmap, Wireshark

Programming

Analysis & Design: MVC, OOP, Design patterns

Development methodology: TDD (with JUnit & Selenium for JAVA)

Assembly languages: x86, MIPS, ARM

Hardware description languages: VHDL

Langages de programmation : Ada, C, JAVA, MATLAB, SQL

Scripting languages: Shell Scripting, Python

Document composition: LaTex

Web applications

Languages: HTML5, CSS3, PHP, JAVA, Javascript, AJAX, SQL

CMS: Joomla, MediaWiki, Wordpress

Frameworks: jQuery, Play, Twitter Bootstrap

Compliance with the W3C standard

Databases & Directories

Analysis & Design: Merise, UML, normal forms

DBMS: MySQL, Oracle, PostgreSQL, SQLite

Directories: Active Directory, OpenLDAP

Project management

Planning: Scrum methodology

Management: HandiManager label

Software versioning systems: Git, SVN

Applications and software

Development: Eclipse, Netbeans

Virtualization: Virtual Box, VMware Player

Office suites: Microsoft Office, OpenOffice

Operating systems

GNU/Linux: BackTrack/Kali, Debian, DSM, Ubuntu

Network device suppliers: IOS, JunOS

Windows: 98, 2000, XP, Vista, 7, 8, 10

Linguistic proficiency

fr-flag French:

  • Native speaker

uk-flag English:

  • C1 level
  • 5 months at the NTNU university in Norway
  • TOEIC result: 875/990 in May 2016

de-flag German:

  • B2 level
  • 6-week school exchange program in Germany

Top 3 of mastered programming languages

1. JAVA
2. PHP
3. Python

Top 3 of CTF specialities

1. Steganography
2. Web client
3. Network

Interests

Minimalist/Barefoot running

Oslo half-marathon - 2016
September 2016
Oslo half-marathon (Norway) - 21,1 kms
June 2016
Cross du pain - Brié (38, France) - 15 kms
November 2015
20 Km of Montpellier (34, France) - 20 kms

Cold resistance: trainings with the Wim Hof's method alias the Iceman

Daily
Cold shower, breathing exercises and meditation
November & December 2016, Norway
2-month trainings for snow barefoot running
Wim Hof

Hiking

Huayna Potosí ascent (6 088m), Bolivia
May 2017
100-kms hike on the outskirts of Paris
December 2016
92-kms hike between Gjøvik and Lillehammer, Norway
August 2015
Huayna Potosí ascent (6 088m), Bolivia

Natural Hygiene

Natural products
Maximal use of natural products
Raw food
Looking for a food diet being the most living and healthy
Physical activities
Important amount of physical activity
Cup of fruits

Thoughts & debates on various subjects

Bertrand Piccard & Myself
Various themes
Science, metaphysics, personal development, psychology, health, culture, sport, travelling, spirituality, etc.
Essays and competition
« Students' words » :
Selected at the 2016 edition of the competition giving access to the « Economical Meetings » of Aix-En-Provence in France.
I met Jacques Attali, Ouided Bouchamaoui, Christine Lagarde, Jean-Hervé Lorenzi, Emmanuel Macron, Erik Orsenna, Bertrand Piccard - Solar Impulse (as shown on the picture), Stéphane Richard and others.

Travelling

Summer 2011
Germany
Winter 2014
Canada, USA
Summer 2015
Peru, Bolivia
Winter 2016
Norway, Sweden, Denmark, Germany
Trolltunga, Norway

Contact

Whether requesting my C.V. or getting answers to your questions, you can contact me at the following address:


You can also contact me via the following professional social networks:


LinkedIn Viadeo