Open to opportunities

Amel Ben Khalifa

@amelbenkhalifa

Message

Entry-level backend security engineer building multi-tenant SaaS protections and secure APIs.

Tunisia

Message

What I'm looking for

I’m looking for a hands-on backend security or cybersecurity role where I can build secure APIs, strengthen authentication and tenant isolation, and learn by shipping—ideally with teams that value testing, iteration, and real-world incident thinking.

I’m a second-year ICT engineering student with practical experience in backend security and full-stack development, focused on protecting real systems instead of staying purely theoretical. I’ve worked on securing a multi-tenant B2B SaaS project by implementing strong authentication, tenant isolation, and API hardening.

In my internship at the Regional Operations Center (ROC) with Tunisie Telecom, I configured and monitored network equipment (NGN/GPON) in a production environment. I performed xDSL/xPON line diagnostics with internal tools (NetScan, AMS) and handled incident cases like connectivity loss and misconfiguration, validating fixes directly with users.

On my security project, I built the security layer for sensitive procurement data using JWT authentication with Ed25519, Argon2id for password hashing, and TOTP-based 2FA (RFC 6238). I designed PostgreSQL Row-Level Security policies for tenant isolation, reworking early edge cases, and integrated HashiCorp Vault for secrets management while addressing token renewal under concurrency.

I also enjoy building practical solutions through projects and hackathons, from a hybrid text/image search engine with a basic RAG pipeline (Qdrant) to backend features for multi-role systems. My approach is hands-on: test, measure trade-offs, and iterate until the system is reliable under real constraints.

Experience

Work history, roles, and key accomplishments

Security & Backend Engineer

Sup'Com

Jan 2026 - Jun 2026 (5 months)

Built the security layer for a multi-tenant B2B SaaS handling sensitive procurement data, implementing JWT auth (Ed25519), Argon2id password hashing, and PostgreSQL row-level security for tenant isolation. Added TOTP-based 2FA (RFC 6238), integrated HashiCorp Vault for secrets with concurrency-safe retry logic, and applied HTTP security headers after manual API testing.

fastAPI JWT Argon2id TOTP (RFC 6238)Redis Docker HTTP Security Headers

Backend / Database Engineer

Sup'Com

Jan 2026 - Mar 2026 (2 months)

Contributed to a gym management platform’s backend for a multi-role system (member, coach, owner) by implementing REST endpoints with Spring Boot and MongoDB interactions. Resolved integration issues between the Angular frontend and backend by adjusting proxy configuration to restore API communication.

Spring Boot REST APIs MongoDB Multi Role System Design Backend Integrations Angular Proxy Configuration API Development

Hybrid Search Hackathon

Sup'Com

Jan 2026 - Jan 2026 (0 months)

Developed a hybrid search system combining text and image inputs using a basic RAG pipeline with vector embeddings stored in Qdrant. Improved result ranking by incorporating user interaction signals and deployed the solution with Docker, addressing index initialization at startup.

Embeddings Qdrant Hybrid Search (Text+Image)Index Initialization

ICT Engineering Intern

Tunisie Telecom

Jul 2025 - Aug 2025 (1 month)

Worked in the Regional Operations Center (ROC) configuring and monitoring NGN/GPON equipment in a production environment. Diagnosed xDSL/xPON line issues with NetScan/AMS and resolved real connectivity incidents by reconfiguring modems with user validation.

XDSL XPON Diagnostics Network Monitoring NetScan AMS

Education

Degrees, certifications, and relevant coursework

Sup'Com

ICT Engineering, ICT Engineering

Second-year ICT engineering student at Sup’Com with practical experience in backend security and full-stack development, including work on multi-tenant authentication, data isolation, and API protection.