JulesTHIBAULT
DevSecOps by trade. Building secure things on the side.
Security built in, not bolted on
DevSecOps practitioner with 5 years of experience — and a growing freelance practice.
5 years of experience in cybersecurity, with a focus on DevSecOps: securing pipelines, hardening infrastructure, and shifting security left.
Alongside my day job, I take on freelance missions — building custom web apps, headless e-commerce, and cloud infrastructure for various clients.
Where I've worked
5 years across banking, defense, and retail — DevSecOps, AppSec, pentest, and development.

AppSec Consultant
CurrentAppSec referent within a Cyber Competence Center — harmonizing security practices across a post-merger context and shifting security left.
- Single point of contact for application security across projects (SSDLC advisory)
- Harmonized AppSec processes and tool configurations across two merged entities
- Designed Go/No-Go workflows with security gates for production releases
- Supported dev teams on vulnerability triage, remediation, and risk exceptions
- Piloted GitLab Ultimate Vulnerability Management migration
- Ran Security Champions community and security awareness sessions

Consultant DevSecOps
CurrentCNAPP integration pilot — evaluating and securing multi-cloud and Kubernetes environments.
- Deployed and configured Sysdig (CSPM / CWPP) on AWS and Azure
- Built an automated vulnerable K8s lab with Ansible for detection rule testing
- Contributed to pilot deliverables and internal CNAPP offering improvement

Consultant DevSecOps & Pentest
Mixed pentest and DevSecOps role — security audits, training, and tooling R&D in an autonomous cross-functional team.
- Web and thick-client penetration tests with client-facing reports
- Manual and tool-assisted source code reviews (Java, Python, .NET)
- Secure development training based on OWASP Top 10 (3-day workshops)
- Security maturity assessments (DSOMM, SAMM) and DevSecOps tooling benchmark
- Built vulnerable training apps and automated cloud lab infrastructure

DevSecOps Engineer
Security referent for ~20 applications within a 120-person business unit — bridging Dev, Ops, and Product teams.
- Benchmarked and integrated SAST/SCA tools (Snyk, Veracode, Checkmarx) into GitHub Actions pipelines
- Docker image scanning (Grype, Trivy) and patch management tracking
- Web penetration tests and cloud security standards (AWS, GCP)
- Ran Security Champions community and organized a CTF challenge

Web Developer
Full-stack developer on an international e-commerce project from architecture to production.
- Built an internal reusable Node.js package with i18n support (Svelte)
- Integrated the module across Decathlon e-commerce sites in 5 countries
- Collaborated in Agile sprints with PM, DevOps, and UX teams

Professional Esport Player
Competitive esports career with a professional contract — high-performance training, teamwork, and consistency under pressure.
- Professional contract with GamersOrigin (Sep 2018 – Apr 2019)
- 4 major French tournament wins
- Major podiums: Gamers Assembly 2018 (1st), OMEN by HP Trophy 2018 (1st), HFLAN 17 (1st), DreamHack Sevilla 2018 (2nd)
- International performances: ESL Katowice Royale (top 20), multiple FNCS heats qualifications
Selected work
Personal projects and freelance gigs — things I've built on my own time.
CodeGeist
Upload a codebase as a .zip and run security analysis via local models or cloud providers (Gemini, Claude, OpenAI). Detects vulnerabilities with detailed write-ups and remediation guidance — built to help developers fix issues, not just flag them.
GhostLink
End-to-end encrypted sharing: data is encrypted in the browser before upload, stored on the server without any decryption key, and only recoverable client-side by whoever holds the secret. Built with a security-first architecture.
Ledgerly
A full personal finance dashboard with spending visualizations, budget projections, AI-powered expense breakdowns, and investment advice. Built with Supabase and Svelte — developed with AI assistance.
LA Watch Party — Merch
Built a web app for LA Watch Party (fashion week viewing sessions) connected to a headless Shopify store. Full-stack delivery: Next.js app, Shopify API integration, SEO, automated VPS deployment, and DNS configuration. The app highlights a limited-edition t-shirt available for purchase.
MINO — Music Library
Built a full music library app for MINO (mino.co), replacing Airtable. Import albums via search with auto-filled metadata (release date, cover, duration, detailed tracklist, YouTube clips). Merges data from Spotify, Discogs, and MusicBrainz. Includes listening session scheduling with automatic time calculation based on tracklist duration. Supabase backend, automated deployment, DNS setup.
SecMalloc
A malloc-style memory allocator built from scratch with security hardening.
hq
jq for HTML — parse and lint HTML from the CLI. `curl url | hq`
docker-wrapper
A Python CLI that simplifies Docker runtime interactions — list, restart, remove & more.
Dork Generator
Google & GitHub dork generator with ready-made presets.
MINO — Cloud Infrastructure
VPS cloud migration with Dokploy, internal DNS, and VPN-secured infrastructure.
MINO — Backstage Hub
Internal hub and unified authentication for all MINO apps via Supabase.
MINO — Admin Platform
People & project management app with budgets, KPIs, and access control — in progress.
MINO — Showcase & Shop
Marketing site with headless Shopify shop and event ticketing — planned serverless deploy.
Skills & tools
What I work with day to day — no ratings, just the stack.
Security
Development
Tools & Infra
Side projects for clients
4 freelance missions delivered, 2 in progress.
LA Watch Party — Merch App
Full-Stack DeveloperFashion week viewing sessions — built a custom Next.js app connected to headless Shopify to showcase and sell event merch, with full deployment pipeline.
MINO — Music Library
Full-Stack DeveloperMusic library app replacing Airtable — album import, metadata enrichment via 3 APIs, and listening session scheduling.
MINO — Cloud Infrastructure
DevOps / InfrastructureCloud migration on VPS for scalability — Dokploy for automated deployments, internal DNS, and VPN-secured infrastructure.
MINO — Backstage Hub
Full-Stack DeveloperInternal backstage hub — unified authentication and entry point for all MINO apps.
MINO — Admin Platform
Full-Stack DeveloperComing soonAdmin platform for people and project management — budgets, KPIs, and role-based access control.
MINO — Showcase & Shop
Full-Stack DeveloperComing soonShowcase website with headless Shopify shop and external event ticketing — serverless deployment for traffic spikes.
Let's build something extraordinary
Open to freelance web projects and DevSecOps opportunities — happy to chat even if you're not sure yet what you need.