Freelancer profile translated to English.

Description

Passionate cybersecurity engineer, I built my career around a strong conviction: digital defense is won through intelligence, precision, and anticipation.

With several years of experience in critical environments (banks, multinationals, cybersecurity providers), I currently work as a Senior CSIRT/SOC L3 Analyst, specializing in advanced detection, incident response, and threat hunting on hybrid and cloud infrastructures.

I have held key roles at Société Générale, Orange Cyberdéfense, and Sodexo, where I led and supported SOC teams, designed detection frameworks aligned with MITRE ATT&CK, and conducted complex threat response operations (APT, ransomware, cloud compromise).

Versatile and focused on continuous improvement, I master a wide ecosystem of tools: CrowdStrike, QRadar, Microsoft Sentinel, Cortex XSOAR, TheHive, Azure Defender, Splunk, F5, Checkpoint, Proofpoint, etc.

Driven by curiosity and rigor, I integrate Purple Team, CTI, DevSecOps, and AI approaches applied to cybersecurity into my practice, with a clear objective: to reduce MTTD/MTTR, anticipate threats, and strengthen organizations' cyber resilience.

Areas of expertise

• Threat Hunting & Incident Response

• Digital Forensics & Malware Analysis

• MITRE ATT&CK & Adversary Emulation

• SOC Engineering, SIEM & EDR (QRadar, Sentinel, CrowdStrike)

• SOAR Automation & Orchestration (Cortex XSOAR, TheHive, IBM Resilient)

• Cloud & Hybrid Security (Azure, GCP, AWS)

• SOC Governance, KPI & Maturity Management

• CTI, Vulnerability Management & Risk-Based Defense

Languages

Arabic
Native or bilingual
French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Paris (up to 50km)

Sodexo
SOC/CSIRT L3 Analyst
RESTAURANTS AND FOOD SERVICE
November 2023 - August 2025 (1 year and 10 months)
Issy-les-Moulineaux, France
As a Level 3 SOC/CSIRT analyst, I ensure the detection, investigation, and response to the most complex security incidents within the Sodexo group.
I conduct advanced analyses on alerts from CrowdStrike, QRadar, and Microsoft Sentinel environments, and I execute containment and remediation actions via RTR and Cortex XSOAR.
My role also includes proactive threat hunting, creating and optimizing detection rules, as well as continuously improving the SOC's use cases and playbooks.
I collaborate closely with IT, cloud, and infrastructure teams to strengthen the group's resilience against threats, while ensuring training and technical support for L1/L2 analysts.
As an active member of the Sodexo CSIRT, I contribute to forensic analysis, major incident coordination, and the implementation of sustainable defensive measures.
SIEM EDR Microsoft Azure AWS Cloud SOAR
Orange
Information Security Manager
TELECOMMUNICATIONS
July 2022 - October 2023 (1 year and 4 months)
Courbevoie, France
As SOC Information Security Manager, I led and coordinated multidisciplinary teams composed of SOC analysts, detection engineers, delivery managers, and security architects.
My role was to drive the detection strategy, operational governance, and complex threat response in hybrid environments (on-premise, Azure, AWS) for large enterprise clients.
I oversaw the complete lifecycle of detection rules, vulnerability management, and continuous optimization of MITRE ATT&CK coverage, while ensuring the performance and availability of SIEM and EDR platforms.
I also led operational committees (COSUI), technical committees (COTECH), and strategic committees (COPIL, COSTRAT), providing key performance and resilience indicators (KPIs) to guide security decisions.
My approach was based on a threat-informed & data-driven vision, integrating threat hunting, Purple Teaming, and SOAR automation activities to improve detection, reactivity, and overall SOC maturity.
Governance, Risk and Compliance XDR MITRE ATT&CK Microsoft Office 365 Azure Cloud