Network & Security Engineer · DevSecOps · SOC

5+ years in production securing enterprise infrastructure across 7+ sites and 150+ users. I live at the intersection of network engineering (FortiGate, Palo Alto, Cisco MPLS) and security operations (DevSecOps pipelines, SIEM, vulnerability management). Currently finishing a Master's in Cybersecurity with a thesis on secure CI/CD pipelines with Kubernetes and Wazuh SIEM.

Measurable outcomes from my work so far: 80% reduction in unauthorized access incidents, 99.5% datacenter uptime, 40% MTTR improvement.

• 🎓 Finishing Master's in Cybersecurity at Central University of Tunis — defense July 2026
• 🛠️ Building a DevSecOps thesis project (K3s + Wazuh + scoring-based Security Gate) — see pinned repos
• 🇩🇪 Seeking Security / DevSecOps / SOC Engineer roles in Germany — EU Blue Card eligible, visa sponsorship welcome, available from July 2026
• 🗣️ Learning German (A1 → In progress) · already fluent in Arabic (native), French (C1), English (B2)

End-to-end secure pipeline on a 3-VM isolated lab: Terraform + Ansible IaC, 7-stage GitLab pipeline (GitLeaks → Semgrep → pip-audit → Trivy → custom scoring-based Security Gate → kubectl apply + DAST), K3s cluster with rolling updates, and centralized Wazuh SIEM with MITRE ATT&CK correlation rules.

Terraform Ansible GitLab CI/CD K3s Wazuh OpenSearch Semgrep Trivy MITRE ATT&CK

Controlled PoC demonstrating Python typosquatting attacks (SolarWinds / XZ Utils / npm event-stream patterns). Includes a layered mitigation playbook: Sigstore/Cosign, SBOM, internal mirrors, SLSA compliance. Educational purpose, lab-only, with clear ethical disclaimer.

Python socket programming setuptools MITRE ATT&CK T1195

Full exploitation chain of a critical (CVSS 10.0) insecure deserialization vulnerability from reconnaissance to unauthenticated RCE and reverse shell. Delivered structured security report with business impact, OWASP Top 10 mapping, and tiered remediation roadmap.

Kali Linux nmap curl OWASP ZAP CVSS v3.1

Network security — FortiGate · Palo Alto · Cisco (CCNA 1-3) · VPN · IDS/IPS · VLAN · OSPF · BGP · MPLS

SOC & SIEM — Wazuh · OpenSearch · ELK Stack · Zabbix · Grafana · MITRE ATT&CK

DevSecOps — GitLab CI/CD · Docker · Kubernetes (K3s) · Terraform · Ansible · Trivy · Semgrep · GitLeaks · pip-audit

Offensive security — OWASP ZAP · Burp Suite · Nessus · Nmap · Wireshark · Metasploit

Cloud & systems — AWS (EC2, S3, IAM, VPC, CloudTrail) · Linux (LPIC 1-3) · Windows Server 2019 (AD, GPO) · VMware

Scripting — Python · Bash · YAML · JSON

ISO/IEC 27001, 27002, 27005 · OWASP Top 10 · NIST CSF & SSDF · MITRE ATT&CK · GDPR / DSGVO · Incident response playbooks

Fortinet NSE 1-2-3 · FortiGate 6.4 & 7.4 · Palo Alto Cybersecurity Foundation · Cisco CCNA 1-2-3 · AWS Academy Cloud Architecting · CEH v11 · WAHS · ISC² CISSP (CPE Credits) · Linux LPIC 1-2-3

Looking for roles in Security Engineering, DevSecOps, SOC Analyst (L2/L3), or Cloud Security — especially in Germany 🇩🇪 (Berlin, Munich, Frankfurt, Hamburg, Stuttgart) but open to the wider DACH region.

• 📧 Email — muhammedniane@gmail.com
• 💼 LinkedIn — linkedin.com/in/muhammed-niane
• 📄 CV — available on request

If you're hiring and think my profile could fit, feel free to reach out directly. I respond within 24 hours.