User:Jmatos

Jérémy Matos has been working in building secure software for more than 10 years.

With an initial academic background as a developer, he has a clear insight of what is a software development lifecycle in practice. It also enables him to gain the trust of other programmers by speaking the same language and understanding their day-to-day activities, providing an efficient channel to increase their security awareness. Designing and developing for a two-factor authentication product during 6 years made him deal with challenging threat models, particularly when delivering a public mobile application. And also practice extensively secure coding guidelines, as the solution was regularly reviewed and penetration tested by 3rd parties. Being responsible for the integration and deployment with customers was for him a great opportunity to work with diverse production infrastructures and security providers, in critical sectors such as banking, health or industry. Understanding the various stakeholders constraints was key to reduce operational costs as much as possible.

His experience was used in both internal and external consulting roles. He helped in the security requirements definition and implementation, including cryptographic protocols, for applications where the insider is the enemy. He also led code reviews and security validation activities for companies exposed to reputation damage.

He also teaches application security and blockchain technologies in Swiss or French universities, while advising startups with related use cases. In addition, he presented at DefCon Crypto Village in 2016 a new attack vector for encrypted messaging apps called Man In The Contacts.