Freelancer profile translated to English.

Description

Infrastructure Engineer specializing in SecOps/SysOps and Azure Cloud, with significant experience in implementing secure and high-performance solutions for complex environments.

Expert in securing hybrid infrastructures (Azure / VMware): vulnerability detection and remediation, system hardening, patch management, secure CI/CD, and active monitoring with tools like CrowdStrike, Tenable, Defender, and Sentinel.

My expertise extends to managing cloud infrastructures (AWS, Azure), virtualization (VMware, Nutanix), and securing systems through DevSecOps practices and identity and access management. I have contributed to large-scale international projects, bringing technical mastery in system administration, automation (Terraform, PowerShell, Ansible), and security management (PKI, vulnerabilities, EDR, IAM).

Key Skills:

SecOps: Vulnerability Management, Remediation, Patch Management, Hardening

SOC: Alert Monitoring, Incident Analysis, Detection Rules (Splunk, Sentinel)

PKI: Internal and External Certificate Management, ADCS, Evertrust CLM

IAM/PIM: Access Governance, Zero Trust, Role Management

DevSecOps: Secure CI/CD SAST/SCA with NexusIQ, Snyk, Fortify

Languages

French
Native or bilingual
English
Native or bilingual

Workplace preferences

Can work on-site

Paris (up to 50km)

KPMG
Senior SecOps Engineer
CONSULTING AND AUDITS
November 2024 - Today (1 year and 7 months)
Courbevoie, France
SecOps Engineer :
Monitoring of IS security supervision services
Client support in defining their operational security strategy (Organization, Technical IS Supervision)
SOC incident analysis and response.
Creation of detection rules on Azure Sentinel
Security solution benchmarking
Maintenance of detection matrix
Implementation and architecture of Qualys
Ensure vulnerability monitoring (via Qualys, Microsoft Defender, or pentest results): detection, qualification, action plan, patch management coordination.
Implement and configure hardening measures on Windows and Linux systems
Lead cross-functional security projects (hardening, security onboarding, technical evolutions)
Implementation of Microsoft Defender: MDE, MDI, and MDC
Participate in machine onboarding into security tools (EDR MDE, log management) and maintain asset inventory
Identify trends, anomalies, correlations, or potential incidents
Analyze information from internal sources (SOC, CTI, VOC)
Azure Sentinel Qualys Patch Management Vulnerability Management Splunk
TF1 SA
Cloud/SecOps Engineer
PRESS AND MEDIA
July 2023 - October 2024 (1 year and 3 months)
Boulogne-Billancourt, France
Context :
Contribution to the implementation of Security best practices

Mission :
🔹 SecOps :
Vulnerability detection and management using Tenable and CrowdStrike CSPM.
Development of remediation action plans and follow-up with IT teams for vulnerability correction.
Implementation of Zero Trust best practices and monitoring of critical access.
Participation in security reviews to ensure effective remediation and prevent vulnerability exploitation.
Management and Administration of Crowdstrike (Agent installation, IOC, IOA)
Management of internal and external certificates (PKI).
Incident and request response
Development of the Patch Management process and reporting.
Administration of identities and access (IAM, PIM) in Azure to ensure strict privilege control.
AD, System Hardening
🔹 Collaboration with the SOC team and risk assessment
Monitoring of security alerts and incidents in collaboration with the SOC.
Threat analysis and updating SIEM correlation rules for proactive detection.
Participation in audits and risk assessments to identify areas for improvement in cybersecurity.
🔹 Hybrid infrastructure management and administration

Monitoring of VMware, Linux, and Windows environments.
Server administration and virtualization management.
Patch Management and update monitoring to ensure system stability and resilience.
🔹 Automation & DevSecOps
Automation of security policy deployments with Terraform.
Securing CI/CD pipelines with Snyk to prevent vulnerability-related risks.
Implementation of security policies integrated into the development cycle to ensure compliance from design.

Technical Environment :VMware, Windows, Linux, Acunetix, SCCM, DevOps, SecOps, Azure AD, PKI, EDR, Infrastructure, AD, Tanium, Tenable, SOC
Cybersecurity Crowdstrike PKI Tanium EDR
Huawei Technologies France
Senior Cloud Engineer
TECH
March 2022 - July 2023 (1 year and 4 months)
Boulogne-Billancourt, France
Context :

Mission :

Security :

✓ PKI project for internal and external certificate management
✓ Patch Management via SCCM
✓ Vulnerability Management via Tenable
✓ Contributes, in close collaboration with the CISO, to the application and evolution of cybersecurity rules for development teams
✓ Regular evaluation of existing systems and proposals for improvements.

Cloud Infrastructures :
✓ Deploy and manage environments in the Cloud (AWS, Azure)
✓ Ensure the security, performance, and evolution of infrastructures
✓ Identify, analyze, and remediate vulnerabilities and issues in infrastructures and applications.

DevSecOps :
✓ Integrate security from the design phase via SonarQube & Acunetix
✓ Automate security tests and vulnerability detection
✓ Collaborate with security teams to ensure compliance
✓ Support developers and monitor remediation of SAST and SCA vulnerabilities

Administration :
✓ Windows and Linux System Administration
✓ Deployment and administration of VMware environments
✓ Automation of deployments via Powershell
✓ Writing of Technical Design Documents, Test Plans, Low-Level Designs

Technical Environment : VMware, Windows, Linux, Terraform, Jenkins, Acunetix, SCCM, DevOps, SecOps, Azure AD, Azure IaaS and PaaS.
EDR Linux Active Directory Microsoft Defender SecOps