Ilan Dana

IT Project Manager (Splunk & Splunk Security Migration, Wallix Bastion Migration, User Vault) SOC Alert Handling - L1/L2/L3 Security Approval for Group Projects in accordance with DORA (via Fence tool) Full SIEM/SOC Migration to the new Cyber Partner SOC/SIEM Management (WAZUH/Splunk) Participation in production deployment workshops with Splunk Security & Splunk Basic Configuration and addition of event IDs on Active Directory WEF logs servers Sentinel One Management/Configuration/Pentest Wallix Bastion Administration and Configuration Configuration of critical equipment for log forwarding to SIEM (AD, FW, probes...) Office 365 Security Management (Defender) Exploitation of security monitoring tools and notification of cross-functional teams in case of alerts Handling of blocking, investigation, and remediation actions in case of workstation/user account/server compromise Ensuring follow-up of security alerts until closure Writing of cyberattack post-mortems and presentation to CISOs / CIOs / CSIRs Handling and analysis of suspicious emails (phishing) via O365 - Defender Searching for potential HITS / IOCs in case of cyberattack Maintaining operational readiness of security tools through analysis and vulnerability management reported by the CERT Implementing remediation actions with cross-functional operational production teams Managing network flow opening requests and supervision via Algosec Production deployment of servers and SNMPv3 installation/configuration for Centreon Forensic Analysis

Orchestration of Security Reinforcement for Group Companies Participation in the monitoring of the Group Companies' security action plan Operational monitoring of internal issues (USB port blocking, Sentinel One EDR configuration) Management of security testing exceptions for all Group entities (BCP DR) Presentation of security test results and statistics to the Group's DRG Coverage status of the Group in terms of SOC and configuration of existing SOC scenarios Preparation and participation in cyberattack simulations in collaboration with the Group's RED TEAM Bilateral discussions on internal security topics with all Group entities REDTEAM Project Testing of Group security tools (Anti-virus / SentinelOne ..) Writing cryptolocker scripts Writing a script for Group mapping.

Incident and request management for 100 users Windows Server 2016 & Active Directory Management Exchange 2016 email management Cisco Meraki Wi-Fi setup and management Sophos XG firewall and traffic management MITEL VOIP phone system & IPBX setup and management GLPI ticketing tool setup and management Infrastructure supervision via PRTG IT park maintenance IT system security via ANSSI's IT hygiene guide User training and awareness Procedure writing and updating