Kayssar Daher

Hi! 👋

Who am I?

I’m a security & data privacy enthusiast specialising in building security for tech startups.

I’ve had various security oriented roles for the last 7 years, ranging from cloud security engineering to compliance leadership positions.

As a security leader who understands the importance of reducing cognitive load & improving developer efficiency, I’ve always worked to ensure my teams are embedded in the wider engineering departments we’re in, so we can share the same pains, and as a result, successes too.

Skill map

Experience

Security Lead @ GitGuardian

📍 Paris ➡️ July 2022 🏁 ongoing 👨‍👩‍👦 70 → 170

1
2
3
4
5


🤖 Tech stack:
    AWS, Python, Kubernetes, ArgoCD, Terraform, ElasticSearch, PostgreSQL
🔐 Security stack:
    Okta, AWS, Terraform, SignalSciences WAF, Vanta, CarbonBlack,
    Kandji, Panther SIEM, YesWeHack

Currently leading all security initiatives, building GitGuardian’s security capabilities.

Technical achievements

Built from scratch company’s access management automation
- Moved company from Google Workspace to Okta & Hashicorp Vault based system
- Automated RBAC permission granting, using Terraform & GitOps, and YAML team manifests
- Collaborated with Developer Efficiency team on writing a CLI that enabled developers to fetch dynamic credentials managed by the system
Deployed a self-hosted Web Application Firewall on Kubernetes to production
Drove security shift left efforts by implementing new security scans in the CI pipelines
Implemented DataDog CSPM to protect AWS resources
Selected and deployed a new SIEM tool, Panther, to bootstrap company’s security monitoring capabilities
Deployed an MDM to manage Ubuntu workstations

GRC achievements

Successfully led 2023’s and 2024’s SOC 2 Type 2 audits
Developed and carried out the company annual security training program, achieved an NPS of +40 2 years running
Maintained and rewrote organisation’s security documentation & policies
Advised coworkers on implementing security best practices in GitGuardian products & systems
Implemented process and carried out vendor security due diligence assessments
Rstructured company’s Incident Response Plan and handled security incidents
Established operational workflows & playbook for handling customers’ security enquiries, and automated answering security questionnaires

Management achievements

Managed the security team’s budget
- Kept expenditure below the target budget
- Successfully negotiated contracts with vendors and achieved significant discounts (eg. 60%, 45% and 25%)
Mentored 2 junior engineers entering the security field
Helped an experienced GRC specialist navigate the intricacies of tech scale-ups
Established and delivered the Security team’s OKRs to bring higher security value to GitGuardian and its customers

SecOps Engineer @ Ledger

📍 Paris ➡️ April 2022 🏁 June 2022 👨‍👩‍👦 ~700

1
2
3
4


🤖 Tech stack:
    AWS, Terraform, Gitea, PostgreSQL, Jira
🔐 Security stack:
    Cloudflare

Spent 3 months trying to bootstrap security operations capabilities at Ledger
- Failed because of significant siloisation within the company
I put an end to my probationary period due to cultural misfit

Security Engineer @ JobTeaser

📍 Paris ➡️ June 2020 🏁 March 2022 👨‍👩‍👦 200 → 300

1
2
3
4


🤖 Tech stack:
    AWS, Kubernetes, Terraform, Ruby on Rails, Go, Ansible
🔐 Security stack:
    Okta, Cloudflare, ElasticSearch, HashiCorp Vault, CarbonBlack

Technical achievements

Automated Cloudflare WAF deployment for all Kubernetes hosted apps, using Terraform and Helm
Re-architected & automated DNS record deployment
Maintained & secured platform secret management with Hashicorp Vault
Automated identity & permission management using Okta & CI pipelines
Responded to & managed security incidents
Tested, selected & rolled out an EDR solution on all workstations

GRC achievements

Created and maintained client & user facing security information website, significantly reducing incoming security inquiries
Managed security audits & helped the organisation successfully obtain a GDPR certification
Planned & carried out annual security awareness campaigns
Updated & managed security documentation (incident response process & DRP, among others)

Management achievements

Managed the security team’s budget
- Kept expenditure below the 100k$ budget
- Successfully negotiated contracts with auditors
Established and delivered the Security team’s OKRs to bring higher security value to GitGuardian and its customers

Security Engineer & DPO @ Polyconseil

📍 Paris ➡️ July 2018 🏁 May 2020 👨‍👩‍👦 ~160

1
2
3
4


🤖 Tech stack:
    AWS, Kubernetes, Terraform
🔐 Security stack:
    Splunk, Ansible, Packer

Technical achievements

Designed and implemented IT Security mainstays for a DC-to-Cloud migration
Monitored & responded to SIEM security alerts
Maintained Splunk SIEM to the AWS cloud
Carried out security architecture reviews for multiple projects

GRC achievements

Defined the firm’s Information Systems Security Policy (ISSP)
Initiated firm’s GDPR compliance efforts
- Established firm register of processing activities
- Prepared DSAR management playbooks
- Carried out GDPR trainings for all employees
- Successfully managed a GDPR audit by France’s CNIL

Security Consultant @ EY France

📍 Paris ➡️ April 2017 🏁 June 2018 👨‍👩‍👦 ~5000

1
2
3
4


🤖 Tech stack:
    N/A
🔐 Security stack:
    Kali Linux, BurpSuite CE

Carried out multiple security audit jobs for clients (configuration, code & infrastructure)
Took part in several web application penetration tests
Completed GDPR governance audits and IT security maturity assessments for clients
Developed automated OSINT tools for pentesting team

Education

Ingénieur Supélec @ CentraleSupélec

📍 Rennes ➡️ September 2013 🏁 April 2017

Majored in IT Security, cryptography, secure protocols, forensics, penetration techniques etc.

Master In Management @ ESCP Business School

📍 Paris & London ➡️ September 2014 🏁 April 2017

Business administration, management, marketing, finance, EU law, strategy