Ibrahim Chadouli

I worked under the CISO within the Information Security team, between the SOC (three consultants) and governance (about ten people). I primarily focused on incident response and threat management, dedicating 30% of my time to compliance and security controls.

SOC Operations: Monitoring and Incident Response

• Proactive monitoring via SIEM, EDR, NDR, XDR, DLP, and XSOAR.

• Real-time threat detection, analysis, and assessment to accelerate incident response.

• Security incident management (logs, phishing, malware), investigation coordination, and remediation.

• Vulnerability management oversight with Qualys: prioritization and tracking of critical CVEs.

• Optimization of detection rules and reduction of false positives.

• Updating SOC procedures and strengthening resilience against cyberattacks.

Governance and Automation of Cryptographic Controls

• Analysis of internal requirements (AXA IM) and standards (ISO 27001) for the cryptographic policy.

• Configuration of Qualys to scan for TLS (1.2+) compliance, encryption (AES 128/256), RSA signature (>2048 bits), and valid certificates.

• Planning and execution of scans (test → UAT → production), prioritization of fixes.

• Automation of mapping and reporting (Power Query, VBA) to minimize manual errors.

• Assessment and documentation of risks related to exceptions in coordination with Security, Operations, and Development teams.

• Coordination of remediation plans between application and platform teams.

• Formalization of a cryptographic control procedure to ensure the sustainability of best practices.

• Presentation of the compliance score to the GRC committee, improving the rate from 60% to 90% before my departure.

Within the Digital Forensic Investigation Department – specializing in forensic analysis of professional equipment for internal incidents (harassment, theft, fraud, etc.) – I led an innovative project, proposed as part of a La Poste group internal competition to fund and support high-potential development projects.

Designed a portable device to detect spyware on phones and tablets.

Implemented Kaspersky's TinyCheck solution on a Raspberry Pi 4 to identify stalkerware.

Validated the device's effectiveness by conducting tests (installing spyware on a phone).

Deployed the tool on a large scale by conducting demonstrations and preparing five devices for five police stations in Paris.