Freelancer profile translated to English.

Description

SOC Analyst with operational experience in detection, investigation, and incident response, I am involved in the entire SI security lifecycle.

What I do concretely:

• SIEM alert monitoring and triage (Wazuh, Splunk, ELK) — reducing false positives, assessing criticality

• Endpoint investigation with CrowdStrike Falcon: containment and remediation of confirmed incidents

• Full incident response: containment, coordination, report writing

• Optimization of SOC detection rules and playbooks

• Automation via Ansible and Python (SOAR logic)

• Threat Intelligence (MITRE ATT&CK, OpenCTI) and alert enrichment

• SI mapping, vulnerability scans (Nessus, Nmap) and EBIOS RM risk analysis

• Cybersecurity best practice awareness

Environments: Azure, Windows Server, Linux, Active Directory, Docker, VMware.

Available for SOC monitoring, incident response, vulnerability analysis, or security audit missions.

Industry field of expertise

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Paris (up to 50km), Lyon (up to 40km)

KShuttle
Cybersecurity Engineer
TELECOMMUNICATIONS
February 2025 - March 2026 (1 year and 1 month)
Courbevoie, France
Investigation and qualification of security incidents based on alerts from the SIEM (Wazuh, Splunk, ELK): analysis of system, network, and event logs, identification of false positives
SIEM alert analysis and triage: assessment of criticality, impacts, and risk to the IS; qualification and escalation to the relevant teams
Deployment and administration of the CrowdStrike Falcon EDR: endpoint investigation, containment, and remediation in case of confirmed incident
Operational incident response (RUN): investigation, containment, remediation, coordination with technical teams, and report writing
Optimization of detection rules and continuous improvement of SOC playbooks: reduction of false positives, threshold adjustment
Automation of remediation and hardening actions via Ansible and Python scripts (SOAR logic)
Alert enrichment via Threat Intelligence (OpenCTI, MITRE ATT&CK) and contribution to operational dashboards
SIEM Splunk Crowdstrike Wazuh
Sinequanone Conseil
Cybersecurity Consultant
TELECOMMUNICATIONS
June 2024 - October 2024 (4 months)
Bezons, France
IS Mapping & identification of critical assets
Comprehensive inventory of information system components (servers, workstations, applications, network flows). Identification and classification of critical assets based on their sensitivity and potential impact on the business.
Vulnerability Audit (Nmap & Nessus)
Performance of vulnerability scans across the entire identified perimeter. Analysis of results, elimination of false positives, and prioritization of risks based on their criticality (CVSS score, exposure, exploitability). Writing of a vulnerability report with prioritized remediation recommendations.
EBIOS Risk Manager Risk Analysis
Conduct of a structured risk analysis according to the EBIOS RM method: identification of threat sources, supporting assets, and risk scenarios. Assessment of the likelihood and impact for each scenario. Writing of security recommendations adapted to the client's context.
Cybersecurity Awareness
Facilitation of cybersecurity best practice awareness workshops for non-technical teams: password management, phishing, risky behaviors, digital hygiene.
Risk Assessment EBIOS RM Nmap Kali Linux Nessus