Freelancer profile translated to English.

Description

I am a SOC analyst recognized for my rigor and my ability to quickly detect threats within information systems. Passionate about cybersecurity, I master supervision tools (SIEM, EDR, IDS) and I know how to correlate complex events to identify suspicious behavior. My methodology is based on in-depth log analysis and constant monitoring of new vulnerabilities.

With an analytical mind and good communication skills, I collaborate effectively with IT teams to respond to incidents and strengthen the overall security posture. I distinguish myself by my responsiveness, my precision in incident reports, and my commitment to continuously improving detection and response processes.

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Paris (up to 50km)

SQUAD Paris
Cyber Security Analyst
October 2023 - Today (2 years and 8 months)
Paris, France
Processing and analysis of phishing emails.
Security Watch (XMCO, Cyberwatch).
Analysis and response to security incidents (SOC / SentinelOne Vigilence Ticket).
Analysis of incidents related to the EDR console (SentinelOne). Exploitation and processing of SOAR / SIEM / CTI tickets.
Management of certificates (creation, renewal, and revocation) of the internal PKI.
Review of existing detection rules.
Firewall rule review.
Implementation of monthly KPIs.
Weekly meetings.
Vulnerability management (Cyberwatch and XMCO and use of S1 for inventory).
Improvement of security procedures and policies. Employee awareness.
Implementation of phishing tests (Proofpoint).

Technical environment: Cortex XSOAR, The Hive/Lynx, Microsoft Sentinel, SentinelOne, Redmine, XMCO, Take IT, IPAM, EJCBA (PKI), Cyberwatch, Marple, Zendesk, ProofPoint, Symantec, Zscaler.
SIEM XDR SentinelOne Microsoft Sentinel SOAR
ENGIE Global Energy Management & Sales La Défense
Cyber Security Analyst
September 2021 - October 2023 (2 years and 1 month)
Paris, France
Implementation of a business continuity risk map.
Employee awareness on Cybersecurity.
Management of BCP tests: Verify the proper functioning of equipment and working conditions at the fallback site.
Assistance in piloting On-Premise and Cloud DRP tests: Definition of test criteria, follow-up of assistance, support for application teams.
Management of incidents occurring within the entity in the post-exploitation phase.
Management of our entity's Bug Bounty: Replay vulnerabilities, track fixes, manage the portfolio.
Ensuring team compliance based on internal policy.
Monitoring and processing tickets on the ServiceNow platform.
Implementation of monitoring dashboards on Splunk and ServiceNow.
Monitoring of internal pentests.

Technical environment: SPLUNK, ServiceNow, BugBounty, IBM Security QRadar SOAR, Azure, AWS, CSPM.
Splunk SOAR SIEM CSPM Cloud Azure