You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Badr H.BH

Badr H.

Cybersecurity Expert

€780/day
Paris, FR
8-15 years
Vulnerability Management
Vulnerability Scanning
Vulnerability Management
Patch Management
Vulnerability Assessment

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Badr

Cybersecurity Engineer | Vulnerability Management and SOC Analyst
In my current role at BNP Paribas, I am responsible for vulnerability management, from detection to remediation. I maintain active threat intelligence by monitoring security bulletins and identifying critical vulnerabilities that could impact the IS. I perform security scans on Appliances, servers, and web applications, while also analyzing false positives to optimize the quality of vulnerability reports.
Furthermore, I automate certain tasks using Python scripts and APIs, particularly for populating the vulnerability database and streamlining incident tracking. I have also contributed to the drafting and deployment of security procedures aimed at standardizing remediation best practices. Finally, I conduct security scans on Kubernetes environments and analyze Docker images to ensure their compliance with group security policies.


  • French

    Native or bilingual

  • English

    Fluent

  • Arabic

    Native or bilingual

Can work on-site
Paris (up to 50km)

Experience

  • Emagine (BNP Paribas)
    Infosec Consultant - Vulnerability Management
    November 2021 - Today (4 years and 7 months)
    • Security Watch & Vulnerability Management: Proactive monitoring of CERT bulletins, assigning vulnerabilities to Product Owners, automated scripting (API) to populate the vulnerability database, and analysis documentation.
    • False Positive Analysis: Investigation and validation of anomalies detected during scans to optimize final reports.
    • Vulnerability Scanning: Audit of appliances, servers, and web applications.
    • Data Centralization: Management of scan results and application of assignment rules to technical teams.
    • Risk Prioritization: Creation of strategic dashboards to track critical vulnerability status and plan corrections.
    • Patch Management: Definition of correction plans (patches, workarounds) and coordination with teams to reduce exploitation risks.
    • Reporting & KPIs: Design of PowerBI dashboards for trend visualization.
    • Security Procedures: Drafting and deployment of group procedures to standardize remediation best practices.
    • Container Security: Scanning Kubernetes environments, analyzing Docker images, and validating compliance with security policies. Tools: Qualys, Tanium, Sysdig Security, NIST, Splunk, Ansible, Python scripts, ServiceNow, PowerBI
  • Alter Solutions (Solocal)
    Infosec Consultant – Vulnerability Management
    October 2019 - October 2021 (2 years)
    • SOC Analysis (Level 2): Proactive monitoring of client infrastructures, processing security alerts, incident management, and escalating critical information to technical teams.
    • Incident Response: Detection, investigation, and neutralization of incidents (malware, phishing, intrusions) using SIEM tools and response playbooks.
    • Malicious Macro Analysis: Reverse engineering of infected Microsoft Office documents, identification of obfuscation techniques and exploits.
    • Vulnerability Management: Audit with Nessus/Rapid7, risk prioritization (CVSS), results synthesis, and follow-up on corrections with client teams.
    • InfoSec Awareness: Creation of educational materials and facilitation of workshops on threats (phishing, ransomware) to enhance client vigilance.
    • Security Solutions: Deployment of tools (EDR, bastions, firewalls) and optimization of architectures compliant with GDPR/ISO 27001 standards. Tools: Rapid7, Microsoft Defender, Symantec, SentinelOne, TheHive, F5, Splunk, Elasticsearch
  • Value IT (Manhattan SAS)
    Consultant
    March 2017 - September 2019 (2 years and 6 months)
    • N2/N3 Support: Management of network and security equipment (On-Premise and Cloud).
    • Cloud Migration: Successful migration of 50 On-Premise servers to Azure without security incidents.
    • Vulnerability Scanning: Scanning of appliances, servers, and web applications. Vulnerability testing and addition of security rules before web application releases.
    • Security Integration and Support Tools: Microsoft Azure, Terraform, Radar F-Secure, Nexpose, Checkpoint, Sophos, RDR F-secure, F5 (LTM, ATM, APM), Palo Alto, Juniper

Recommendations

Be the first to recommend Badr

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Information Systems Security Engineering Degree
    National Superior School
    2017
    Diplôme d'Ingénieur en Sécurité des Systèmes d'Information
  • Baccalaureate
    Schools
    2014
    Baccalauréat
Check out Badr's education

Skill set

Deputy CISO
SOC Analyst

Categories