Resume

Enguerrand Allamel

Staff Cloud Security Engineer with a strong SRE background and hands-on work in Kubernetes, AWS, Python, Go, and CI/CD in production.

View LinkedIn Profile

Work Experience

Ledger

Apr 2022 - Present

Staff Cloud Security Engineer

Sep 2024 - Present
  • Act as security owner and technical advisor for infrastructure and engineering teams across cloud, products, and Kubernetes platforms.
  • Design and lead cloud security initiatives on AWS, from posture hardening to detection and response.
  • Build and roll out software supply chain security practices using SLSA, Sigstore (keyless signing), GitHub Actions, Socket.dev, and JFrog while building custom APIs in Go.
  • Deploy and operate Wiz across cloud and on-prem environments, improving visibility and threat detection at scale.
  • Define and build secure architecture patterns adopted by multiple engineering teams from Data to Firmware.

Senior Cloud Security Engineer

Apr 2024 - Sep 2024
  • Introduced keyless artifact signing using GitHub OIDC and Sigstore.
  • Laid the foundation of an organization-wide software supply chain security program (SLSA).
  • Contributed to security tooling rollout, including Wiz and JFrog Artifactory.

Senior Site Reliability Engineer

Jul 2023 - Apr 2024
  • Technical lead for the infrastructure redesign of Ledger Recover with strict stability and security constraints.
  • Built and operated GitOps deployment platforms using ArgoCD, Linkerd, and Helm libraries.
  • Improved reliability, observability, and incident response using Datadog and Kubernetes-native tooling.
  • Mentored engineers and promoted SRE and DevOps best practices.

Site Reliability Engineer

Apr 2022 - Jul 2023
  • Optimized private cloud and Kubernetes platforms supporting core and firmware services.
  • Built and maintained observability stacks using Prometheus, Grafana, Loki, and OpsGenie.
  • Improved CI/CD availability to 99.99% using GitHub Actions and custom Golang tooling.
  • Delivered self-service deployment platforms, reducing rollout time from days to minutes.

Ubisoft

Jun 2021 - Apr 2022

Cloud Engineer Kubernetes

  • Contributed to the design and operation of a global Kubernetes platform (OpenStack, Rancher, Prometheus).
  • Participated in on-call rotations for production-grade Kubernetes services supporting worldwide apps.

Equativ

Mar 2020 - Jun 2021

Site Reliability Engineer

  • Supported a global ad-tech platform across 6 datacenters and 900+ servers, handling 30B+ daily auctions.
  • Designed and deployed a Kubernetes production platform on a hybrid stack (Rancher, Alibaba Cloud).
  • Built CI/CD pipelines and GitOps workflows using GitLab CI, Terraform, and Ansible.
  • Led GCP operations and drove GitLab adoption across 100+ applications.
  • Improved observability and incident response using Prometheus, Grafana, Datadog, and Stackdriver.

Education

EPITECH - European Institute of Technology

2015 - 2020

Expert in Information Technologies (Master's equivalent)

Tsinghua University

2018 - 2019

Master's in Advanced Computing

Community & Speaking

Speaker at KubeCon + CloudNativeCon (North America, China), AWS Summit, and CNCF / OWASP meetups.

Contributor to open-source and security projects.

Technical Skills

Certifications

Kubernetes official logo

CKA: Certified Kubernetes Administrator

AWS official logo

AWS Certified Security – Specialty

Cloud & Platform

Kubernetes, AWS, EKS, GitOps, Helm

Infrastructure as Code

Terraform, Ansible

Security

Cloud security architecture, IAM, Wiz, software supply chain security (SLSA, Sigstore, OIDC)

Observability

Grafana, Prometheus, Datadog

CI/CD

GitHub Actions, ArgoCD, Atlantis

Programming

Go, Python, Bash