Freelancer profile translated to English.

Description

I currently have 8 years of experience in cybersecurity with a CISSP certification.

I have carried out several missions around the SOC (alert and incident processing, definition and improvement of detection rules), vulnerability management, DLP, and user awareness, NIST compliance, Cloud Proxy (Netskope, Zscaler), as well as IAM (integration of governance tools), etc.

I have worked in both on-premise and full cloud environments.

Building on my experience, I have also been able to participate during these missions: in the development of technical and functional documentation, in the definition and implementation of security policies/processes, and in the steering/management of security projects.

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Rennes (up to 50km), Paris (up to 10km)

OpenClassrooms
Security Operations Specialist
EDUCATION AND E-LEARNING
March 2022 - Today (4 years and 3 months)
Rennes, France
• Operational Security: implementation of SOC fundamentals, investigation of security alerts and incidents, definition and implementation of detection rules, writing of playbooks/reference sheets, tool configuration, continuous improvement
• Vulnerability and Patch Management: investigation and qualification of reported vulnerabilities, management of a Bug Bounty platform (YesWeHack), proposal of remediation actions, follow-up and support for workstation and engineering teams
• DLP Strategy: configuration of DLP rules in Google Workspace (automatic labeling, restriction on sharing, etc.)
• CASB: full deployment, tool configuration, definition and configuration of security policies, monitoring
• Awareness: organization of quarterly phishing simulation campaigns, monitoring and analysis of results
CASB SOC Vulnerability Management patch management DLP Awareness Netskope Okta Jamf ISO 27001 MailInBlack Gophish Microsoft Azure AWS
Orange Cyberdefense
SOC Analyst
TELECOMMUNICATIONS
November 2019 - February 2022 (2 years and 4 months)
Rennes, France
Analyst: Monitoring and processing of alerts from the SIEM
Research and correlation of SIEM events (Qradar or RSA Netwitness) related to the alert and advanced investigations: IOC, Domains, Emails, IPs, Sandboxing.
Writing investigation reports, communication and remediation assistance.
Reporting: creation and sending of weekly reports to each team: incidents and vulnerabilities, IOC, volume.
Interventions in collaboration with the CERT, the CSIRT in case of crisis.

Feedback: Processing of alerts outside SIEM, emails and phone
Processing of user reports (reception of suspicious emails, spam campaigns, phishing, etc.), reports from CISO of the various sub-entities of the group, various requests from functional and technical teams.
Processing of CERT requests: searching for traces after IOC detection, communication and incident management, improvement of detection rules, etc.

Change: Continuous improvement of detection and addition of new scopes
Improvement of existing rules and creation of new detection rules.
Creation and updating of contextualization elements.
Creation/modification of SIEM reports.
Writing/updating of reference sheets.

Continuous improvement of tools
Assistance in automating certain analyst tasks.

Tools: Qradar, RSA Netwitness, ELK, RSA Secops, Confluence, Orange sandboxing tools, Trendmicro, Datalake, CORTEX XSOAR, Bash,
JavaScript, Python, Bash.
SOC TID Intelligence Qradar RSA ELK CORTEX expertise Continuous Improvement Process Improvement Build run
B&B Hotels
Senior Cybersecurity Consultant
ENTERTAINMENT AND LEISURE
June 2023 - Today (3 years)
Brest, France
SOC: L3 investigation on incidents, definition and implementation of incident management processes and playbooks, definition and implementation of protection policies on Cortex XDR, participation in the integration of log sources with the managed SOC
• Google Workspace: Tenant security hardening, implementation of DLP rules, creation of monitoring rules, investigation and remediation of phishing incidents
• NIST Compliance: Evidence collection, gap analysis, process writing
• Cloud Proxy (Netskope and Zscaler): POC, creation of security policies, monitoring of deployments (agent and tunnel) and troubleshooting, exception management, ZPA implementation (configuration of the platform)
Cortex XDR Vulnerability Management Cloud Proxy Cybersecurity Consulting Zscaler Google Workspace Netskope DLP NIST

Check out Binetou's experience

Be the first to recommend Binetou

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

Engineer in Systems and Communications Security
Troyes University of Technology
2017
Master's Degree in Information Systems Security
Troyes University of Technology
2017