WAAP / WAF β’ PAM β’ Load Balancing β’ F5 BIG-IP β’ Fortinet β’ WALLIX β’ NGINX / HAProxy
Nantes, France
Cybersecurity engineer focused on application security and critical infrastructure:
- WAAP / WAF (F5 ASM/Advanced WAF, NGINX App Protect), API Security
- PAM (WALLIX Bastion), Bastion & SSO
- Load Balancing / Reverse Proxy (F5 BIG-IP LTM/APM, HAProxy, NGINX)
- Firewalls & SecOps (Fortinet), hardening, logging, observability
- Automation & Scripting (Bash, PowerShell, Python)
- Architecture & rollout of WAF/WAAP (strict L7, JSON/AJAX, signatures, bot defense)
- PAM / Bastion: access models, session recording, audits, hardening
- F5 BIG-IP: LTM/APM, SSO, iRules, HA, upgrades & migrations
- NGINX / HAProxy: reverse proxy, TLS, HTTP/2β3, OCSP, CSP
- Automation: CI/CD, IaC, reusable scripts & modules
- Advisory: vulnerabilities, EoL/EoS, security roadmaps
- F5 BIG-IP (LTM, APM) β’ iRules β’ SSO β’ Access policies β’ WAF β’ HA & upgrades
- Fortinet (FortiGate best practices, segmentation, logging)
- WALLIX Bastion (PAM, session recording, policies, audits)
- NGINX / HAProxy (reverse proxy, TLS, HTTP/3, CSP, OCSP stapling)
- Observability (L7 logging, SIEM export, dashboards)
- Hardening / Compliance (TLS, headers, CSP, cipher suites, benchmarks)
I run continuous security watch (vulns, EoL/EoS, best practices) and contribute to vulnerability research including:
- CVE-2024-45328
- CVE-2024-45326
F5 BIG-IP β’ Fortinet β’ WALLIX β’ NGINX β’ HAProxy β’ Debian/Ubuntu β’ VMware/Proxmox
Azure/M365 β’ Docker β’ GitHub Actions β’ Ansible
Python β’ Bash β’ PowerShell β’ Node.js
Wireshark β’ OpenSSL β’ OWASP β’ MITRE ATT&CK
- F5 Certified Technology Specialist (CTS) - Application Security Manager (ASM)
- Fortinet Certified Professional (FCP) - Network Security
- Fortinet Certified Solution Specialist (FCSS) - Network Security
- Fortinet Certified Solution Specialist (FCSS) - OT Security
- WALLIX Certified Expert (WCE)
- EC-Council - CEH, CHFI v8
Based near Nantes (France, UTC+1/UTC+2) - remote and on-site missions.
Need a quick WAF/LB review or PAM advisory? Email me at thomas.sautier@samhan.fr to book a slot.
If you believe youβve found a security issue, please email thomas.sautier@samhan.fr (or security@samhan.fr if available) with details and, if possible, a proof of concept.
I follow a responsible disclosure approach and will coordinate timelines with researchers.
- π© thomas.sautier@samhan.fr
- π https://www.samhan.fr
- πΌ LinkedIn: https://www.linkedin.com/in/thomassautier/
Β© SamHan - Built with β€οΈ and a lot of coffee.