Maryem Cherif — DevOps Engineer

Cybersecurity Engineer specializing in DevSecOps and Application Security. ESPRIT graduate with hands on experience designing secure CI/CD pipelines, automating cloud infrastructure, and implementing defense-in-depth security frameworks aligned with ISO 27001 and NIST standards. Professional Focus: Passionate about shift-left security embedding security controls from code commit to production. I bridge the gap between development velocity and security requirements, enabling organizations to innovate rapidly without compromising security posture. Core Expertise: DevSecOps & Cloud Security CI/CD Security: Jenkins, ArgoCD, GitHub Actions with automated security gates Infrastructure as Code: Terraform, Ansible, Vagrant Containers: Docker, Kubernetes with security hardening Security Testing: SAST (SonarQube, Snyk, Gitleaks), DAST (OWASP ZAP), Container Scanning (Trivy, Hadolint) Secrets Management: HashiCorp Vault with dynamic rotation Cloud: AWS DevSecOps pipeline implementation Security Operations SOC: Wazuh SIEM, TheHive, Cortex, MISP, Shuffle SOAR Monitoring: Prometheus, Grafana, ELK Stack Network Security: pfSense, Fail2Ban, Knockd, Suricata IDS/IPS Vulnerability Management: Nessus, Trivy CVE detection Application Security & Penetration Testing OWASP Top 10 mitigation, secure API design, SQL injection prevention Penetration Testing: Kali Linux, Metasploit, Burp Suite IAM: Keycloak with MFA, RBAC policies Development: Python, Java, JavaScript, Flask, Spring Key Achievements: Deployed secure CI/CD pipelines at KreaLead with automated SAST/DAST, reducing vulnerabilities through SonarQube, Snyk, Trivy , owasp zap integration Built modern SOC at ESPRIT, reducing incident response time by 30% via automated playbooks Developed AI-powered healthcare app at ITGUST with encryption, RBAC, and OWASP-compliant controls Certifications: Certified Ethical Hacker (CEH) | CCNA Network Security | CyberOps Associate | CompTIA Security+ & CySA+ Exam Readiness | Penetration Testing (Cybrary) | DevOps Foundations (CompTIA, PMI) | AWS DevSecOps Pipeline | OWASP Top 10 | Docker Mastery | Digital Forensics Current Status: Seeking Cybersecurity, DevSecOps, or Application Security roles in Tunisia or internationally (onsite/remote). Ready to strengthen organizational security posture through automation and continuous security integration. Let's connect if you need a cybersecurity professional who bridges development and security operations!

Stackforce AI infers this person is a Cybersecurity Engineer with a strong focus on DevSecOps and AI in Healthcare.

Location: Tunis, Tunis, Tunisia

Experience: 0 mo

Skills

Iam
Cybersecurity
Devsecops
Cloud Security
Artificial Intelligence
Application Security

Career Highlights

Expert in integrating security into CI/CD pipelines.
Proven track record in developing secure applications.
Strong background in AI and cybersecurity intersection.

Work Experience

Ecole Polytechnique de Sousse

CyberSecurity IAM Instructor (4 mos)

KreaLead

Final Year Cybersecurity engineering intern | DevSecOps & DevOps Focus (5 mos)

ITGust

Computer Engineer | IA & Cybersecurity Focus (2 mos)

BIAT

Computer Engineer – Cybersecurity & Software Development Focus (1 mo)

Education

Bachelor of Computer Science at Ecole Supérieure Privée d'Ingénierie et de Technologies - ESPRIT

Preparatory Foundation Degree at Université Libre de Tunis (ULT)

General High School Diploma at Lycée Pilote Nabeul (LPN)

Maryem Cherif

DevOps Engineer

Tunis, Tunis, Tunisia0 mo experience

AI EnabledAI ML Practitioner

Key Highlights

Expert in integrating security into CI/CD pipelines.
Proven track record in developing secure applications.
Strong background in AI and cybersecurity intersection.

Stackforce AI infers this person is a Cybersecurity Engineer with a strong focus on DevSecOps and AI in Healthcare.

Contact

cherif.maryem24@gmail.com LinkedIn

Skills

Core Skills

IamCybersecurityDevsecopsCloud SecurityArtificial IntelligenceApplication Security

Other Skills

Identity & Access ManagementActive DirectoryKerberosZero TrustPAMIoT device identitySIEMCI/CD pipelinesDockerKubernetesAnsibleArgoCDSonarQubeSnykOWASP ZAP

About

Experience

0 mo

Total Experience

Average Tenure

Current Experience

Ecole polytechnique de sousse

CyberSecurity IAM Instructor

Jan 2026 – Present · 4 mos · Tunisia · On-site

I teach Identity & Access Management to final year Engineering students at École Polytechnique Sousse covering everything from Active Directory and Kerberos to Zero Trust, PAM, and IoT device identity.
Every session pairs theory with a real lab. The course ends with a capstone where students build a full IAM infrastructure for a simulated enterprise , freeIPA , fail2ban ,putty , keycCloack , SSO, MFA, privileged access, , wireshark , IoT certificates, and a live SIEM dashboard.
Everything I teach, I've built in practice.

Identity & Access ManagementActive DirectoryKerberosZero TrustPAMIoT device identity+3

Krealead

Final Year Cybersecurity engineering intern | DevSecOps & DevOps Focus

Feb 2025 – Jul 2025 · 5 mos · Tunis · Hybrid

Specialized in integrating security throughout the software development lifecycle by designing secure CI/CD pipelines with comprehensive DevSecOps practices, infrastructure automation, and ISO 27001 compliance.
Infrastructure & Orchestration: Architected containerized environments using Docker and Kubernetes with GitOps workflows via ArgoCD for declarative infrastructure management. Leveraged Ansible for configuration automation and Vagrant for reproducible development environments, ensuring consistency across staging and production.
Security Implementation: Established a multi-layered security framework with defense-in-depth principles:
Application Security: Integrated SAST tools including SonarQube, Snyk, and Gitleaks for code quality analysis and vulnerability detection in source code and dependencies. Implemented DAST with OWASP ZAP for runtime security testing
Container Security: Deployed Trivy for automated image scanning to identify and remediate CVEs pre-deployment
Secrets Management: Implemented HashiCorp Vault for encrypted credential storage and dynamic secrets rotation
Infrastructure Hardening: Configured Hadolint for Dockerfile linting, enforcing container security best practices
Network Security: Deployed Knockd and Fail2Ban for intrusion prevention and brute-force mitigation
Identity Management: Implemented Keycloak with MFA, RBAC, and IAM policies for granular access control
Observability & Reliability: Deployed Prometheus for real-time metrics collection and Grafana for visualization dashboards, enabling proactive incident response. Implemented Longhorn for distributed storage with automated backups, ensuring high availability and disaster recovery.
Impact: Delivered scalable, secure systems while fostering a security-first culture through collaborative workflows and continuous security integration.

CI/CD pipelinesDevSecOpsDockerKubernetesAnsibleArgoCD+8

Itgust

Computer Engineer | IA & Cybersecurity Focus

Jun 2024 – Aug 2024 · 2 mos · Rue De Khartoum, Tunis · Hybrid

Developed an intelligent medical application leveraging machine learning and deep learning models to predict clinical outcomes, with emphasis on data security and privacy protection for sensitive healthcare information.
AI & Machine Learning:
Designed and trained predictive models using XGBoost, SVM, Random Forest, and TensorFlow to analyze medical data and detect disease patterns
Implemented data preprocessing pipelines and feature engineering techniques to optimize model accuracy and performance
Developed a Flask-based web application with MongoDB backend for secure data storage and real-time predictions
Conducted model evaluation and validation to ensure clinical reliability and minimize false predictions
Security & Privacy Implementation:
Applied healthcare data protection standards to safeguard patient information and ensure regulatory compliance
Implemented encryption mechanisms for data at rest and in transit, protecting sensitive medical records
Enforced role-based access control (RBAC) to restrict unauthorized access to patient data and prediction results
Conducted security assessments using OWASP ZAP, addressing vulnerabilities aligned with OWASP Top 10 and healthcare security best practices
Designed secure API endpoints with input validation and authentication mechanisms to prevent injection attacks and unauthorized data access
Impact:
Delivered a secure, AI-powered healthcare solution that balances predictive accuracy with robust data protection, demonstrating the critical intersection of artificial intelligence and cybersecurity in digital health applications.
Technologies: Python, Flask, MongoDB, XGBoost, SVM, Random Forest, TensorFlow, Encryption (AES/TLS), Access Control, RBAC, OWASP ZAP, OWASP Best Practices

Machine LearningDeep LearningFlaskMongoDBXGBoostSVM+7

Biat

Computer Engineer – Cybersecurity & Software Development Focus

Jul 2023 – Aug 2023 · 1 mo

Contributed to the bank's digital transformation initiative by developing a secure web application ( MyBiat ) with emphasis on cybersecurity risk management and regulatory compliance for financial services.
Security & Risk Management:
Conducted comprehensive cyber risk analysis aligned with banking sector security standards, identifying vulnerabilities in digital transformation workflows
Performed application security assessments using Nikto for vulnerability scanning and threat identification
Executed SWOT analysis to evaluate cybersecurity posture and assess risks associated with digitalization initiatives
Application Security Implementation:
Designed and implemented secure database architecture with PostgreSQL, incorporating encryption at rest and in transit
Enforced role-based access control (RBAC) mechanisms to ensure least-privilege access principles
Applied secure coding practices and input validation to mitigate OWASP Top 10 vulnerabilities including SQL injection and XSS attacks
Implemented data encryption protocols to protect sensitive financial information and ensure confidentiality
Technologies: HTML, CSS, JavaScript, PostgreSQL, Nikto, Encryption (AES/TLS), Access Control, RBAC, SWOT Analysis, Vulnerability Assessment