International Law · GRC · DevSecOps · Data Protection

Serge Patrick
DIMA

INTERNATIONAL LAWYER · GRC & CYBERSECURITY ANALYST · DEVSECOPS ENGINEER · GDPR & ISO 27001 · COMPTIA SECURITY+ | NETWORK+ (IN PROGRESS) — MAINZ, GERMANY

Dual-qualified International Lawyer and Cybersecurity professional with hands-on DevSecOps experience. Specialized in GDPR compliance, risk management, and cloud security infrastructure. CompTIA Security+ & A+ certified — Network+ in progress. Seeking GRC Analyst, Data Protection Analyst, Compliance Engineer, or Privacy Legal Counsel roles — available for immediate start.

CompTIA Security+ ISO 27001/27002 GDPR Certified AWS Cloud Network+ (In Progress) EU Blue Card Eligible
View Projects Get In Touch in LinkedIn
Serge Patrick DIMA
Scroll

About

Law meets
Technology

I am an international lawyer with a background in compliance who transitioned into cybersecurity — not to abandon the law, but to apply it where it matters most: in the architecture of cloud infrastructure and data governance.

During my DevSecOps internship at Webeet.io, I proactively identified a GDPR compliance gap on live infrastructure and led the company's first end-to-end data retention framework — from legal policy document grounded in GDPR Art. 5(1)(e) all the way to Terraform and Ansible deployment across AWS and ELK Stack.

In a regulatory landscape shaped by GDPR, NIS2, and the EU Cyber Resilience Act, I offer what most cybersecurity professionals cannot: deep legal analysis combined with hands-on technical delivery. A profile that speaks to both the CISO and the DPO.

Mainz, Germany — open to Frankfurt, full remote & relocation English (C1) · French (Native) · German (A2) Available immediately · EU Blue Card eligible
METRICS // VERIFIED
2,400+
Lines of orphaned
infrastructure code removed
6
GDPR data categories
governed under Art. 6(1)(f)
17+
Certifications
obtained
5
Infrastructure projects
delivered at Webeet.io
0
GDPR storage gaps
remaining post-delivery

Expertise

Skills &
Technologies

GRC-01Legal & GRC
GDPRNIS2ISO 27001/27002GRC FrameworksData Protection LawRisk AssessmentInternational LawCompliance ManagementData GovernanceSTRIDE Threat ModellingNIST CSFIncident Response
INF-02Infrastructure & Cloud
TerraformAnsibleAWS S3AWS SSMELK StackFilebeatLogstashDockerDocker ComposePgBouncerPostgreSQLGit / GitHub
SEC-03Security & DevSecOps
GitleaksGitHub Actions CI/CDSecret ScanningIAM / Zero TrustSCRAM AuthWiresharkNmapKali LinuxMetasploitSIEM ToolsActive DirectoryPenetration Testing
NET-04Network & Systems
pfSenseVLAN SegmentationFirewall / ACLTCP/IPVPNSSL/TLSSSHDHCP / NATLinuxWindows 10/11VirtualBoxSNMP / LDAPS

Career

Professional
Experience

Jan 2026 — Mar 2026Webeet.io · Amsterdam, NLAvailable Now
DevSecOps & GRC Security Intern
  • Implemented automated secret scanning (Gitleaks) in GitHub Actions CI pipeline and pre-commit hooks following a real GCP credential leak incident — zero credential exposure since deployment.
  • Developed an Ansible PgBouncer role with per-service database isolation, SCRAM authentication, and AWS SSM Parameter Store credential management across dev and qa environments.
  • Executed infrastructure cleanup across 4 VM modules (Edge, AppDB, Search, ELK), removing 2,400+ lines of orphaned cloud-init templates and dead Terraform variables.
  • Proactively identified a GDPR compliance gap — designed and delivered the company's first end-to-end GDPR Art. 5(1)(e) framework: policy documentation, Filebeat log shipping, ELK ILM policies (90/30/14 days), and S3 lifecycle rules via Terraform.
2025 — Mar 2026MSIT — Master School Institute of Technology · Berlin
Cybersecurity Programme — SOC Analyst Specialisation
  • Completed 3,000-hour intensive cybersecurity programme (56 weeks) certified by AZAV, specialising in SOC Analyst operations.
  • Covered SIEM, EDR, incident response, NIST/ISO/GDPR compliance, IAM, network security, cloud fundamentals, and Python/Bash scripting.
  • Delivered a solo project on secure network implementation and monitoring; completed 320-hour internship at a tech company.
Jul 2019 — Oct 2019Assemblée Nationale · Burkina Faso
Legal Advisor
  • Conducted legal research on legislative and constitutional matters; drafted bills, motions, and legal opinions for Members of Parliament.
  • Advised on legal and policy implications of proposed legislation across multiple regulatory domains.
Apr 2017 — Feb 2019Aurore-Afrique · Kyiv, UA
CEO & Co-Founder
  • Led international procurement contracts with AFD and ONEA for 200+ water infrastructure projects totalling €200K+.
  • Managed multilingual compliance documentation (FR/EN/RU/UA) across cross-border regulatory frameworks.
May 2017 — Sep 2017NGO Right to Protection · Kyiv, UA
International Law Intern
  • Completed 50+ legal research reports on asylum and refugee law; drafted 100+ legal documents with 95% accuracy rate.
  • Supported 30+ client interviews and contributed to human rights reporting.

Portfolio

Selected
Projects

PERSONAL INITIATIVES — FEATURED CASE STUDIES ★ LIVE WORK
GRC · Compliance Engineering · IaC

GDPR Log Retention &
Data Lifecycle Governance

Identified a GDPR compliance gap on live cloud infrastructure — no retention policies, no data lifecycle management, no legal documentation. Proactively requested ownership and delivered the company's first end-to-end GDPR Art. 5(1)(e) framework, from legal policy document to Terraform and Ansible deployment across AWS, ELK Stack, and S3.

GDPR Art. 5(1)(e)TerraformAnsibleAWS S3 LifecycleELK ILM PoliciesFilebeatGRCData Governance
View on GitHub →

Impact Metrics

6
Data categories governed under GDPR Art. 6(1)(f)
3
Retention tiers: 90 / 30 / 14 days
4
Sub-issues delivered: policy, IaC & monitoring
0
GDPR storage gaps remaining post-delivery

Deliverables

Formal retention policy — legal bases, 6 categories, annual review cycle
Filebeat log shipping configured in Ansible monitoring role
Per-log-type ELK ILM policies (auth 90d, app 30d, APM 14d)
S3 lifecycle expiration via Terraform (backup 90d, SBOM 365d)

Recruiter signal

"Most compliance professionals know the law or the tools — rarely both. This project demonstrates the full stack: legal analysis → policy writing → cloud infrastructure. A profile almost no other candidate can match."
Network Security · Threat Modelling · NIST CSF · MSIT Final Project

Secure Office Network
Architecture & SOC Simulation

Designed and implemented a production-grade secure network architecture for a 50–100 user office across two phases: strategic planning (STRIDE + NIST CSF threat modelling, risk matrix, ACL design, SOC IR playbook), followed by full virtual lab deployment on VirtualBox with pfSense — validated VLAN segmentation, firewall enforcement, Nmap attack simulation, and live log triage. Submitted as MSIT Final Project — Mar 2026.

pfSenseSTRIDENIST CSFVLAN SegmentationNmapFirewall ACLSOC TriageVirtualBoxUbuntu LinuxDHCP / NAT
View on GitHub →

Validated Results — Live Lab

4
VLANs deployed: Users, Servers, IT/Admin, Guest Wi-Fi
100%
Inter-segment blocking confirmed — ping 10.0.20.1 timeout
2
Phases: Week 1 Plan & Secure → Week 2 Implement & Validate
SSH filtered · NAT confirmed · pfSense logs reviewed

Deliverables — Both Phases

Week 1: STRIDE risk matrix (5 threats), NIST CSF framework rationale, firewall/ACL table per VLAN, device hardening checklist, SOC roles + IR playbook (Detection → Recovery)
Week 2: pfSense virtual lab (VirtualBox), VLAN segmentation, firewall rules, DHCP/NAT validation, Nmap port scan simulation (SSH filtered, HTTP open)
Inter-segment blocking verified: Users (VLAN 10) → Servers (10.0.20.0/24) blocked; Internet access allowed
pfSense system logs reviewed — firewall events from tests captured and triaged as SOC simulation

MSIT Final Project · CompTIA Security+ & Network+ alignment

"This project goes from threat model to live firewall enforcement — two phases, fully documented and validated on a real virtual lab. Recruiters see a SOC Analyst who doesn't just know the theory: they built, attacked, and defended the network themselves."

Internship Work — Webeet.io · DevSecOps Team · Jan 2025 – Mar 2026

REF-03
DevSecOps · CI/CD Security
Secret Scanning Pipeline

Implemented Gitleaks in GitHub Actions CI and pre-commit hooks after a real GCP credential leak. Blocks AWS, GCP, Azure keys and high-entropy strings at commit and PR level.

GitleaksGitHub ActionsPre-commitDevSecOps
Incident Response →
REF-04
Infrastructure · Database Security
Secure PgBouncer Ansible Role

Fully idempotent Ansible role with per-service DB isolation, SCRAM authentication, and AWS SSM Parameter Store credential management across dev and qa environments.

AnsiblePgBouncerAWS SSMSCRAM Auth
Infrastructure →
REF-05
Compliance · Audit Readiness
Infrastructure Cleanup Sprint

Removed 2,400+ lines of orphaned cloud-init templates and dead Terraform variables across 4 VM modules (Edge, AppDB, Search, ELK), improving audit readiness and codebase integrity.

TerraformAnsibleAWSAudit Readiness
Clean Architecture →

Credentials

Certifications &
Qualifications

PROGRAMME & INTERNSHIP CERTIFICATES — MAR 2026 // NEWLY OBTAINED
MSIT — Master School Institute of Technology · Berlin
Cybersecurity — SOC Analyst
Mar 9, 2026 · 3000 teaching hours · 56 weeks · Zertifiziert nach AZAV
Webeet.io · Amsterdam
DevSecOps Engineer — Internship Completion Certificate
Mar 9, 2026 · 320 hours · Signed by David Rajcher, Founder & CEO
CORE TECHNICAL CERTIFICATIONS // PRIORITY
CompTIA
Security+ Certification
Jan 2026 · Expires Jan 2029
CompTIA
A+ Certification
Aug 2025 · Expires Aug 2028
Packt · via Coursera
Information Security Risk Management for ISO 27001/ISO 27002
Mar 2026
GRC, COMPLIANCE & CLOUD
Packt · via Coursera
General Data Protection Regulation (GDPR)
Feb 2026
IBM · via Coursera
Cybersecurity Compliance Framework, Standards & Regulations
Feb 2026
Amazon Web Services
AWS Cloud Quest: Cloud Practitioner
Jan 2026
GOOGLE CYBERSECURITY PROFESSIONAL CERTIFICATE — DEC 2025 // GRC-RELEVANT COURSES
Google · via Coursera
Cybersecurity Professional Certificate
Dec 2025
Google · via Coursera
IT Security: Defense Against the Digital Dark Arts
2025
Google · via Coursera
Play It Safe: Manage Security Risks
2025
Google · via Coursera
Assets, Threats, and Vulnerabilities
2025
Google · via Coursera
Sound the Alarm: Detection and Response
2025
Google · via Coursera
Connect and Protect: Networks and Network Security
2025
ADDITIONAL & IN PROGRESS
TryHackMe
Pre Security Certificate
Jul 2025
CompTIA
Network+ Certification
IN PROGRESS — Q2 2026
Available Immediately — Frankfurt · Full Remote (Germany) · Open to Relocation · EU Blue Card Eligible

Let's work
together

Targeting GRC Analyst, Data Protection Analyst, Compliance Engineer, and Privacy Legal Counsel roles at international companies. Open to Frankfurt, full remote positions in Germany, and relocation within the EU — Brussels, Paris, Luxembourg, Switzerland. EU Blue Card eligible — available immediately.

✉ Email Me in LinkedIn ⌥ GitHub ⎔ Projects ▾ ↓ Request CV