WAAP / WAF • PAM • Load Balancing • F5 BIG-IP • Fortinet • WALLIX • NGINX / HAProxy
Nantes, France

Cybersecurity engineer focused on application security and critical infrastructure:

• WAAP / WAF (F5 ASM/Advanced WAF, NGINX App Protect), API Security
• PAM (WALLIX Bastion), Bastion & SSO
• Load Balancing / Reverse Proxy (F5 BIG-IP LTM/APM, HAProxy, NGINX)
• Firewalls & SecOps (Fortinet), hardening, logging, observability
• Automation & Scripting (Bash, PowerShell, Python)

• Architecture & rollout of WAF/WAAP (strict L7, JSON/AJAX, signatures, bot defense)
• PAM / Bastion: access models, session recording, audits, hardening
• F5 BIG-IP: LTM/APM, SSO, iRules, HA, upgrades & migrations
• NGINX / HAProxy: reverse proxy, TLS, HTTP/2–3, OCSP, CSP
• Automation: CI/CD, IaC, reusable scripts & modules
• Advisory: vulnerabilities, EoL/EoS, security roadmaps

• F5 BIG-IP (LTM, APM) • iRules • SSO • Access policies • WAF • HA & upgrades
• Fortinet (FortiGate best practices, segmentation, logging)
• WALLIX Bastion (PAM, session recording, policies, audits)
• NGINX / HAProxy (reverse proxy, TLS, HTTP/3, CSP, OCSP stapling)
• Observability (L7 logging, SIEM export, dashboards)
• Hardening / Compliance (TLS, headers, CSP, cipher suites, benchmarks)

I run continuous security watch (vulns, EoL/EoS, best practices) and contribute to vulnerability research including:

• CVE-2024-45328
• CVE-2024-45326

F5 BIG-IP • Fortinet • WALLIX • NGINX • HAProxy • Debian/Ubuntu • VMware/Proxmox
Azure/M365 • Docker • GitHub Actions • Ansible
Python • Bash • PowerShell • Node.js
Wireshark • OpenSSL • OWASP • MITRE ATT&CK

• F5 Certified Technology Specialist (CTS) - Application Security Manager (ASM)
• Fortinet Certified Professional (FCP) - Network Security
• Fortinet Certified Solution Specialist (FCSS) - Network Security
• Fortinet Certified Solution Specialist (FCSS) - OT Security
• WALLIX Certified Expert (WCE)
• EC-Council - CEH, CHFI v8

Based near Nantes (France, UTC+1/UTC+2) - remote and on-site missions.

Need a quick WAF/LB review or PAM advisory? Email me at thomas.sautier@samhan.fr to book a slot.

If you believe you’ve found a security issue, please email thomas.sautier@samhan.fr (or security@samhan.fr if available) with details and, if possible, a proof of concept.
I follow a responsible disclosure approach and will coordinate timelines with researchers.

• 📩 thomas.sautier@samhan.fr
• 🌐 https://www.samhan.fr
• 💼 LinkedIn: https://www.linkedin.com/in/thomassautier/

_{© SamHan - Built with ❤️ and a lot of coffee.}