Freelancer profile translated to English.
Back to original languageAbout Moad
Senior cybersecurity expert, I support CIOs and CISOs in securing their critical projects in France and internationally. Specialized in Azure cloud, risk management (ISO 27005, EBIOS), IAM, and compliance, I provide concrete and immediately actionable deliverables. Pragmatic, results-oriented approach aligned with business objectives. Available for CISO, cybersecurity architect, and cybersecurity expert missions.
My added value:a pragmatic and results-oriented approach. I transform security requirements into concrete, applicable, and business-accepted solutions. I help my clients secure their cloud and on-premise environments, reduce their risk exposure, raise the security maturity level of their suppliers, and integrate cybersecurity into the heart of IT and digital projects.
I manage and produce directly actionable deliverables: risk analyses, secure architecture documents, IS security policies and standards, remediation plans, AD hardening, supplier evaluations, risk exception documents, and post-audit or post-pentest support. I also support Ops, Dev, and Cloud teams to ensure effective implementation of security controls.
I also have solid skills in penetration testing (pentest), allowing me to adopt a realistic view of threats:
- understanding of attack vectors applicable to IS, web applications, and cloud environments,
- ability to analyze and exploit pentest results,
- prioritization of vulnerabilities based on real business risk,
- translation of technical flaws into concrete and actionable remediation plans for IT, Ops, Dev, and Cloud teams.
Accustomed to complex and international environments, I am recognized for my ability to communicate with both technical teams and management, and for securing projects without blocking business.
French
Native or bilingual
English
Native or bilingual
German
Basic
Remote only
Primarily works remotely
Experience
- ConfidentielInformation Security OfficerRETAIL (LARGE RETAILERS)January 2023 - Today (3 years and 5 months)Paris, France
- Risk analysis for critical projects (ISO 27005, EBIOS).
- Compliance audits with minimum security standards.
- Cybersecurity project support (Project Security Assessment Tool).
- Evaluation of vendor security maturity (Security Insurance Plan).
- Integration of security controls in Azure (Azure security services, identity/access management, WAF, data security, MFA, etc.).
- Monitoring security strategy implementation in SG/Azure landing zone.
- Development and enforcement of IT security policies.
- Support for Ops/Dev teams and follow-up on remediation from pentesting and security bulletins.
- Preparation of temporary cybersecurity risk exceptions.
- Secure application design and architecture.
- Training users on cybersecurity tools.
- AD hardening, assessment using Bloodhound, Purple Knight and PingCastle to identify misconfigurations, vulnerabilities, and security gaps, ensuring compliance with group policies.
- Development of hardening guides for technical teams.
- Concentrix GroupCybersecurity ArchitectOctober 2021 - December 2022 (1 year and 2 months)
- Planning, researching, and designing reliable, powerful, and flexible security architectures for all IT projects
- Performing vulnerability testing on the completed infrastructure, including risk analyses and security assessments
- Researching the latest security standards, new security systems, and updated authentication protocols
- Defining, creating, implementing, and maintaining all needed corporate security policies and procedures, making sure that all employees abide by them
- Developing requirements for all IT assets including routers, firewalls, local area networks (LANs), wide-area networks (WANs), virtual private networks (VPNs),
- Reviewing and approving the installation of all firewalls, VPN, routers, servers, and IDS scanning technologies
- Preparing cost estimates for all cybersecurity measures and identifying any potential integration issues
- Designing critical public infrastructures (PKIs), including digital signatures and certification authorities (CA)
- AD assessment (Tenable.ad), support & assistance in the remediation process.
- Providing technical guidance and supervision for security teams
- ConfidentielSenior Cybersecurity consultant / Team LeaderJanuary 2017 - October 2021 (4 years and 9 months)
- Security configuration and operations standards for security systems and applications, including policy assessment, network security appliances, and host-based security systems.
- Develop and validate baseline security configurations for operating systems, applications, and networking and telecommunications equipment.
- Perform internal and external technical control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls and recommend remedial action.
- Security monitoring and log analysis
- AD vulnerability Assessments.
- IT infrastructure/ Application security configuration reviews
- Maintain and follow up continuous improvement process
Recommendations
Be the first to recommend Moad
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master's degreeNational Institute of Posts and Telecommunications (INPT)2022Master's degree
- State engineer in computer scienceUniversity of Mohamed V (ENSIAS)2011State engineer in computer science
Certifications
- OffSec Certified Professional+ (OSCP+)Offsec2025
- OffSec Certified Professional (OSCP)OffSec2025