Cheikh K.

Advanced Akamai WAF & CDN Administration: platform management and optimization, complete migration of WAF endpoints to Akamai CDN infrastructure.

Log collection and centralization "as-code": design of a log ingestion pipeline for Okta, Teleport, and Akamai CDN, deployed in Terraform/Kubernetes, with storage in Amazon S3, queuing via SQS, and processing via Vector in a Production environment.

Detection & Monitoring: definition and implementation of incident detection and security monitoring use cases.

Logging Policy: development of the logging strategy and standards for all ETF1 sources, ensuring traceability and compliance.

Continuous Improvement of Cloud Security Posture: contribution to architecture reviews, hardening recommendations, and deployment of preventive measures.

Documentation & Procedures: writing operation guides, incident workflows, and response playbooks.

Periodic Compliance Checks: regular audits of the Security Policy and tracking of deviations.

Cloud Security Services Maintenance: maintaining operational conditions (patching, supervision, optimization) of protection solutions.

Teleport Bastion: participation in the design and deployment of a secure access bastion based on Teleport for the administration of sensitive environments.

June 2024 - April 2025

ISMS Cybersecurity Engineer

Investigations on incidents from the SOC of OCD and ATOS monitoring partners

Administration and operation of security consoles: Cyberwatch, PAM Waliix, EDR.

Integration & Administration EDR SEDR, SEPM, FortiEDR, Harfanglab, Cybereason

Setup of an EDR pre-production environment (SEPM)

investigations from administered tools

Processing and implementation of security remediation plans (Vulnerabilities & patching).

Define Endpoint analysis policies

Audit and security solution benchmark analysis

Validation of security change requests

Accounts (creation of privileged accounts, modification of rights...)

Network (opening network flows...)

Access (whitelisting of email URLs/domains, SSL/TLS interception...)

Environment (data/log refresh and export...)

SSO implementation

Group Policy Object (GPO) setup/modification

Contribution to security projects

Validation, from a security perspective, of the build to run transition for security projects

IT Mapping

Study, validate, and track security exception requests

Evaluation of Security solution performance

Testing & Integration of exposed assets for vulnerability management

Collaboration with SOC/CERT teams for collection and CTI projects.

Audit of local accounts on critical equipment

Development of automation scripts

Investigation and incident response for security alerts

Participation in internal & external audits.

Implementation of KPIs for security compliance and vulnerability management monitoring.

Project lead for the implementation of compliance for domain controllers Active Directory / AD CLOUD / and infrastructure

Compliance Frameworks: Cis Benchmark all levels, ORADAD

Identify compliance rules to remediate to prioritize actions

Coordinate stakeholders: AD Manager and Administrators,

Coordination of the log collection roadmap from sources: HP servers, Vcenter/ESX, VEEAM... via API.

Facilitation of project follow-up meetings (sprints, deployment)

Integration of PowerShell scripts and setup of e-alerts

Data Collection and Processing.

Activation of sources: HP servers, HP MSA storage arrays, Vcenter or ESX, and Veeam servers via API or Syslog

Alerting: creation of associated alerts

Integration of Scripts and Configurations

Monitoring of Web certificates, generating alerts before their expiration.

Collection and parsing of Apache and PostgreSQL logs on the Maxxing server.

Custom Dashboards and Alerts

Create, modify, and improve dashboards to visualize collected data.

Develop specific alerts for predefined events or thresholds.

Supervision of information system log sources

Facilitation of project follow-up meetings

Define the collection roadmap under sprints

Communication before/after each production deployment

Documentation,