I'm in charge of Arize AI security as CISO — Always curious and interested in the latest cutting-edge technologies. I like to bring my expertise wherever it is useful for my company—helping customers define their architecture or product using the newest framework and technologies relevant for achieving their goals.
I lead the security team in charge of several areas:
- Compliance Program (PCI, HiTrust, SOC2)
- Application Security (bug bounties, penetration tests)
- Contract Negotiation (security terms)
- Cloud Security (WAF, networks, audit)
- Risk Management
- Third-party Assessments
Skills
{{tech}}
Working with AWS since 2012, I had the privilege to go to all re:Invent in Las Vegas, and keep up to date with new products from AWS as they are released almost on a daily basis, after passing the Solutions Architect associate certification in 2013, I passed the Professional one to validate my AWS knowledge and capabilities to help you in any of your cloud deploiments or migration
My fidel companion since 2000, love at first sight, but I must admit that Mac OS X stole my laptop, at least for now. I still have few terminal opened with SSH to my favorites servers.
Even this website is done with it, love this framework, the webcomponents allow us to clearly and simply split the UI in a reusable way. Even if nowadays I use more ReactJS.
Facebook Webdevelopment Framework allows you to create nice single page application but not only, using its echosystem with react-native and expo you can build your mobile application aswell and with Electron even desktop application, allowing to share code between all platforms
A simplified UI on top of Docker Swarm / Cattle or even Kubernetes, I think it is the Hibernate of Docker, but a hard place to be as Kubernetes and Swarm evolve really quickly which will force the ecosystem to also evolve quickly.
A way more modern Chroot, Docker has revolutionized the way of deploying and how coder can push to ops. One of the biggest revolution in the last ten years along with the cloud. I love to be part of this.
What better than Google to handle cluster, the orchestration of containers before swarm arrived, nice project. Base for OpenShift, I have my own Kubernetes cluster that I administrate since 2015.
Deploiement automation i used it to manage my Kubernetes cluster aswell as do the configuration management of the Nuxeo Cloud project.
You cannot move from PHP Web development to Java Web Development without playing around with Tomcat, i did the setup to assure high-availability on several STS Group application.
Code in Java compile to Javascript, it is a really nice framework that was the base UI of the product I developped for STS Group : Saas Manager
I've started Java joining STS Group and embracing its ecosystem GWT/Junit/Jenkins
I've learned Python to be able to make evolution inside Nuxeo Drive, then also did the Nuxeo Python API client, as well as an Ansible module to configure Rancher from Ansible.
Use Hibernate inside STS Saas Manager, also did a PoC on Hibernate Search when it first started to leverage the power of Lucene inside our applications.
Spring was the main framework used at STS, so i did develop the Saas Manager based on it.
While the Javascript ecosystem bloomed i could not try it myself, it comes out to be the base of my Serverless opensource project ( Webda.io )
As a Technical Architect, i had to manage the R&D department using Sonar was a very good tool to follow our technical debt and planned some technical debt days.
Spending hours to compile your KDE right like you want it for your hardware, it was a really good game and appreciate a lot the package manager with the build options.
I started Webdevelopment with PHP in 2000, close enough to C for easy transition and really pratical language. I still do some here and there but mainly replaced by NodeJS.
Gentoo had my heart but i must admit that sometimes apt-get is way more quicker so it became my second prefered distribution.
The king of NoSQL, one of the backend of Nuxeo so I had the opportunities to play with Atlas. It is also a storing option in Webda.io
Like any Linux-guy who want to automate some of its tasks.
Power-used at Nuxeo, as all OSGI-components are build throught Maven.
One the component of the famous LAMP platform, use it throught PHP then Hibernate, while learning the high availability mode with some training to be able to administrate at best my servers.
Quite old but still usefull either with Ivy to 'replace' maven or just to automate some small part of the build without writing a Maven plugin
If you are using Ant and not Maven then you definitely need Ivy to help with your dependencies management, we were using Ant + Ivy at STS, then moved to Maven with Nuxeo
Administrating servers for a long time, the cloud came naturally to me, it shows incredible possibilities to architecture software in a manner that you can go from 100 users to 1 millions in a few days, and i love to help startups enabling this power.
I created and manage Nuxeo Security program, which allow to help our business grow 25% each year, by maturing to comply with every customer needs. The whole program develops along theses elements of the security periodic table
By helping our customers we inherite from all their security constraints and by doing so became knowledgeable with:
- PCI/DSS
- SOC2
- HiPAA/HiTrust
- NIST800-53
- FedRamp
I started developments when i was 14 year's old and wanted to automate some repeated tasks, then i learned the Win32API to be able to do some small freeware to help in my daily use of the computer, and it continued when i bought my first home, doing the all automation for garage doors, lights, etc.
So it became naturally my job, but i love to explore all sides of IT, graphics, video games, network, system.
So it became naturally my job, but i love to explore all sides of IT, graphics, video games, network, system.
For OpenSource project i switched to Travis, but still own my Jenkins to build any private projects and automate the deployment of new service in my cluster.
Really good Javascript framework, I used it to redo the all UI on Nuxeo Drive, and in some customers projects. Altought my new project are more Polymer
With cloud and the amazing possibilities of Docker, the microservices became an evidence. As most of my professional life was on big Java software, i started to experiment myself with Webda.io and now use it for every small or big project i have.
When Lambda came out, I was really happy to be able to run microservices even without any computers, this way i was sure it would scale if needed but keep the cost low if not used. To simplify my deployment and development i came with the Webda.io idea
Experiences
Arize
2021-nowChief Information Security Officer
San Clemente, USA
- AppSec
Secure SDLC, BugBounties, Penetration Tests - Cloud
Kubernetes Security, Intrusion detection, cloud security - Compliance
Allowing business to grow with a strong compliance program: NIST800-53, PCI/DSS, SOC2, HIPAA
Nuxeo
2017-2021Chief Information Security Officer
Irvine, USA
- AppSec
Managing BugBounties, Penetration Tests, Security fix processus - AWS
Selection of solution for cost management, intrusion detection, cloud security policies - Intrastructure
Deployment of Single-SignOn solution, network security, assets management - Compliance
Allowing business to grow with a strong compliance program: PCI/DSS, SOC2, HiTrust
2014-2017Senior Developer
Irvine, USA
- Cloud architecture and development: Using Rancher and Docker to deploy Nuxeo cluster on demand leveraging AWS infrastructure and Ansible
- Nuxeo Drive development, refactor into multithreaded application with FSEvents and UI with WebKit and AngularJS, we raised the number of users of the solution to more than 4000, while enable some customers to white label the software to sell their solutions on top of the product
- Nuxeo Edge Cache architecture and development, Edge Cache is a specific on-premise service like Storage Gateway that will cache any binaries from Nuxeo locally in a secure manner so you minimize the bandwidth used when using Nuxeo Cloud solution
- Build archive project
- Cloud based document management on top of Nuxeo with use of Nuxeo Drive
Loopingz
2012-nowConsultant
San Clemente, USA
- Porting Sts-SaasManager to Amazon Cloud
Software adaptation for fault tolerancy, JMS usage, S3 buckets, cluster manager interface - Sts-SaasManager team leader
Small team, assess the needs from product manager and customers. Develop next major version and support older versions ( patchs, minor version release ) - PCI/DSS Compliance, NF42013 et Recommanded Electronic Exchange norms implementation
Chained and signed audits log, credit card data crypting, implementation of French law on Recommanded Electronic Exchange - Web servers security ( firewall, replication, crypt )
Dump crypt with AES and RSA, DRBD, iptables / iproute2 - Software architecture
Sts-SaasManager, Tomcat clustering, fault tolerant architecture
STS Group
2010-2012Technical Architect
Paris, France
- Support to R&D teams ( 25 people )
Knowledge sharing meetings : GWT, Hibernate Search, technical referent - Improvement on continous integration tools
Coding dojo session, unit test and code coverage improvements - Technical proof of concept
Nuxeo integration, STS product convergence, Hibernate Search and Lucene, central authentication with PasswordBank and SAML
2008-2010Product Manager
Paris, France
- Sts-SaasManager conception
Archiving and secure exchange system based on Google Web Toolkit, Sencha, Spring, Hibernate to ensure compatibility with Oracle, MSSQL et MySQL. The software has been since deployed on every environment in production ( Linux/Windows, all databases ) - Development team leader ( 8 people )
Usage of agile method tools : IceScrum, Trello
Interaction with Product Manager and QA department
Qualification campaigns - Offshore project launch ( Shanghai )
Specifications, training on site
2007Project Engineer
Paris, France
- Documents dematerialization projects with Keyvelop STS solutions (PHP)
Insurance contribution dematerialization, with a integration of Keyvelop product for exchanges and STS products for archiving - Proof Of Concept for an exchange and archiving software (PHP)
The main goal was to show how to mutualize a Saas software using STS products as backend, this PoC has been followed by the STS SaasManager software
Visit remi.cattiau.com for a more complete and interactive resume
Keyvolution
2006Technical Manager
Brussels, Belgium
- Keyvolution technical solutions development
Secure electronic exchanges, electronic election system used by the Brussels barrel - Servers managemenet
Production servers with database and filesystem replication
Vesuvius
2005C/OpenLDAP Consultant
Brussels, Belgium
- Synchronization software development for Lotus Domino – OpenLDAP (C++)
- Installation of Samba as domain controllers on 80 sites
AbsysTech
2003-2005Co-Founder
Lille, France
- Intranet/Extranet development ( MySQL - PHP )
- Specific solutions development (PHP, C++)
- Linux ( web, mail, fileserver ) and Windows ( domain controllers, fileserver ) server administration
Auxicad
2001-2003Developer
Lille, France
- Development of a production application with 500 daily users and production printing at night
Interests
Travels
OpenSource
Sports
Photography
Music
Biking