Freelancer profile translated to English.
Back to original languageAbout Charaf
Cybersecurity professional with 10 years of experience, involved in the entire operational chain: detection, investigation, incident response, vulnerability management, and offensive security. I have led the implementation of hybrid SOCs, conducted threat hunting campaigns, performed forensic analyses, and integrated CTI processes. My background also includes numerous penetration testing missions (web, infrastructure, Active Directory), as well as the development of custom security tools and platforms. I have a strong command of cloud environments (Azure), secure CI/CD pipelines, and I also support AI projects in risk assessment and model security. My approach is technical, rigorous, and grounded in business and operational challenges.
French
Native or bilingual
English
Fluent
Arabic
Native or bilingual
Can work on-site
Paris (up to 50km)
Experience
- Groupe LefebvreCYBERSECURITY EXPERTSOFTWARE PUBLISHINGApril 2021 - Today (5 years and 2 months)Paris, France
Threat-Led SOC & DFIR Operations
Deployment and operation of a hybrid GSOC (internal + MSSP) covering on-premise and cloud (AWS).Implementation of a detection policy and a response and investigation arsenal (DFIR).Integration of CTI into SOC/DFIR operations: threat hunting, forensic investigations (IoC, IoA, TTP, pivoting).Enhancement of detection: Sigma rules, use cases, multi-indicator correlations, alignment with MITRE ATT&CK / D3FEND.Incident response orchestration (SOAR): design of playbooks/runbooks, development of scripts & workflows (Python, PowerShell, N8N, Ninox).Tools: Chronicle (Google SecOps), Proofpoint, SentinelOne, Darktrace, TheHive, ServiceNow, Cuckoo, CybelAngel, OpenCTI, F5/Fortinet.Cloud Security Operations
Integration of AWS environments into the SOC for centralized monitoring and incident response.Deployment of Cloud Security NDR and EDR solutions for threat detection and response (CWPP).Implementation of continuous security and compliance audits (CSPM) aligned with CIS Benchmarks Cloud.Tools: Prowler, Cyberwatch, SentinelOne, Darktrace Cloud Security.Threat Exposure & Vulnerability Management (VOC)
Management of VM, EASM, RBVM (Risk-Based Vulnerability Management) processes.Application of standards: ISO/IEC 27002, NIST SP 800-40, OWASP OVMG, CVSS/EPSS, NVD/EUVD, KEV.Tools: Cyberwatch, Nuclei, ReEngine, SonarQube, ELK, Prowler, Jira.AI Security & Risk ManagementDesign and deployment of internal frameworks for AI risk management (LLM, RAG, AI Agents).Implementation of the Security by Design approach for projects and platforms integrating AI.Conducting Architecture Risk Analysis (ARA): architecture validation, security compliance, data protection.Frameworks: OWASP Top 10 for LLM, MITRE ATLAS, ENISA AI Cybersecurity Guidelines, ANSSI recommendations for generative AI. - ENGIE FRANCE RENOUVELABLESCLOUD CYBERSECURITY CONSULTANTENERGY AND UTILITIESAugust 2019 - April 2021 (1 year and 8 months)Paris, France
• Cloud Architecture & Security
– Design and deployment of secure infrastructures on Azure (IaaS/PaaS).– Implementation of cloud security controls.– Monitoring of pentests, vulnerability management.CIS Azure Benchmark, Azure Security Center, Azure Monitor• DevOps & CI/CD Security
– Implementation of a complete CI/CD chain with Azure DevOps (Git, Pipelines, Boards).– Integration of security controls into pipelines (DevSecOps).Azure DevOps, Docker, Kubernetes/AKS, ACR, Ansible, OWASP DevSecOps Guidelines• Fullstack Development– Development of business applications in Python/Django and Angular (OAuth2, secure REST APIs).– Integration of cloud services (Azure Database, Azure Storage).– Implementation of secure development best practices (OWASP).Python 2.7/3.x, Django 3.x, Angular, Bulma, REST API, Azure Services - ENGIE GEMSOC ANALYST / PENTESTERENERGY AND UTILITIESJuly 2017 - August 2019 (2 years and 1 month)Paris, France
• SOC & Incident Response (DFIR)
– Qualification and investigation of alerts (phishing, malware, network/web attacks).– Security incident response, forensic analysis, and malware analysis.– Splunk tuning and optimization (use cases, detection rules, dashboards).Splunk, ServiceNow, Resilient, Cyberwatch, Qualys, Cuckoo• Offensive Security & Pentest– Performing internal pentests (applications, infrastructures, Active Directory).Nmap, Metasploit, Burp Suite, SQLmap, Hydra, John the Ripper, Hashcat, Nikto, CrackMapExec, Responder, Mimikatz, BloodHound,Wireshark, Aircrack‑ng, Gobuster, Dirbuster, Netcat, Impacket• Security Platform Development & Training
– Design and development of an Active Directory audit platform (Python/Django).– Development of a security training SaaS platform on Azure: – Educational module based on OWASP Top 10. –Gamified CTF environment (real-time ranking, write‑ups).Python 2.7/3.x, Django 2.x, MySQL, SQLite, REST, Bootstrap, jQuery, Docker, Ansible, GitLab, Jenkins, Azure
Recommendations
Be the first to recommend Charaf
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master 2University of Saint-Quentin-en-Yvelines2015Master 2
- Master 2Houari Boumediene University of Science and Technology2014Master 2