Resume

Enguerrand Allamel

Senior Platform Security Engineer with a strong SRE background and hands-on work across AI-first development, cloud security, Kubernetes, AWS, and CI/CD in production.

View LinkedIn Profile

Work Experience

Procurify

Apr 2026 - Present

Senior Platform Security Engineer

  • Lead platform security initiatives across cloud and developer infrastructure with a focus on practical, secure-by-default controls.
  • Design guardrails for AI-first development workflows, including agentic tooling, LLM-assisted engineering, and internal developer platforms.
  • Automate security checks across CI/CD pipelines, AWS environments, and Kubernetes platforms to improve coverage without adding friction.
  • Strengthen detection and response through SIEM improvements, incident review, and cloud-native monitoring patterns.
  • Drive architecture reviews, threat modeling, and security enablement so engineering teams can ship faster with clearer risk boundaries.

Ledger

Apr 2022 - Apr 2026

Staff Cloud Security Engineer

Sep 2024 - Apr 2026
  • Act as security owner and technical advisor for infrastructure and engineering teams across cloud, products, and Kubernetes platforms.
  • Design and lead cloud security initiatives on AWS, from posture hardening to detection and response.
  • Build and roll out software supply chain security practices using SLSA, Sigstore (keyless signing), GitHub Actions, Socket.dev, and JFrog while building custom APIs in Go.
  • Deploy and operate Wiz across cloud and on-prem environments, improving visibility and threat detection at scale.
  • Define and build secure architecture patterns adopted by multiple engineering teams from Data to Firmware.

Senior Cloud Security Engineer

Apr 2024 - Sep 2024
  • Introduced keyless artifact signing using GitHub OIDC and Sigstore.
  • Laid the foundation of an organization-wide software supply chain security program (SLSA).
  • Contributed to security tooling rollout, including Wiz and JFrog Artifactory.

Senior Site Reliability Engineer

Jul 2023 - Apr 2024
  • Technical lead for the infrastructure redesign of Ledger Recover with strict stability and security constraints.
  • Built and operated GitOps deployment platforms using ArgoCD, Linkerd, and Helm libraries.
  • Improved reliability, observability, and incident response using Datadog and Kubernetes-native tooling.
  • Mentored engineers and promoted SRE and DevOps best practices.

Site Reliability Engineer

Apr 2022 - Jul 2023
  • Optimized private cloud and Kubernetes platforms supporting core and firmware services.
  • Built and maintained observability stacks using Prometheus, Grafana, Loki, and OpsGenie.
  • Improved CI/CD availability to 99.99% using GitHub Actions and custom Golang tooling.
  • Delivered self-service deployment platforms, reducing rollout time from days to minutes.

Ubisoft

Jun 2021 - Apr 2022

Cloud Engineer Kubernetes

  • Contributed to the design and operation of a global Kubernetes platform (OpenStack, Rancher, Prometheus).
  • Participated in on-call rotations for production-grade Kubernetes services supporting worldwide apps.

Equativ

Mar 2020 - Jun 2021

Site Reliability Engineer

  • Supported a global ad-tech platform across 6 datacenters and 900+ servers, handling 30B+ daily auctions.
  • Designed and deployed a Kubernetes production platform on a hybrid stack (Rancher, Alibaba Cloud).
  • Built CI/CD pipelines and GitOps workflows using GitLab CI, Terraform, and Ansible.
  • Led GCP operations and drove GitLab adoption across 100+ applications.
  • Improved observability and incident response using Prometheus, Grafana, Datadog, and Stackdriver.

Education

EPITECH - European Institute of Technology

2015 - 2020

Expert in Information Technologies (Master's equivalent)

Tsinghua University

2018 - 2019

Master's in Advanced Computing

Community & Speaking

Speaker at KubeCon + CloudNativeCon (North America, China), AWS Summit, and CNCF / OWASP meetups.

Contributor to open-source and security projects.

Technical Skills

Certifications

Kubernetes official logo

CKA: Certified Kubernetes Administrator

AWS official logo

AWS Certified Security – Specialty

Cloud & Platform

Kubernetes, AWS, EKS, GitOps, Helm

Infrastructure as Code

Terraform, Ansible

Security

Platform security architecture, threat modeling, IAM, Wiz, software supply chain security (SLSA, Sigstore, OIDC), AI development guardrails

Observability

Grafana, Prometheus, Datadog

CI/CD

GitHub Actions, ArgoCD, Atlantis, security automation

Programming

Go, Python, Bash