Abderrahmane Larbi

I’m a cybersecurity engineer with experience across penetration testing, security engineering, secure application assessment, vulnerability management, and security operations. I translate findings into clear technical reports and actionable remediation guidance.

In my recent consulting role, I conduct security reviews for enterprise web, mobile, API, and Active Directory environments. I validate vulnerabilities such as SQL Injection, XSS, SSRF, IDOR, authentication bypasses, authorization flaws, and privilege escalation, while assessing authentication workflows, access control models, and session management.

I also build and operate security capabilities—recently designing and deploying a SOC-as-a-Service platform using Kubernetes and open-source security technologies. I implemented SIEM monitoring, SOAR orchestration, centralized security logging, and adversary simulations mapped to the MITRE ATT&CK framework.

Beyond execution, I strengthen governance and quality: I produce ISMS documentation, DLP classification schemes, and security governance documentation, and I develop Python automation tools to support security assessment workflows. I’m especially passionate about improving AI systems through structured security analysis, vulnerability classification, and technical evaluation.