You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Paolo GrillyPG

Paolo Grilly

Systems & Cybersecurity Engineer | Linux | SIEM

€500/day
Rouen, FR
3-7 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Paolo

Linux Systems & Cybersecurity Engineer specializing in securing, operating, and modernizing critical infrastructures. I assist companies with hardening Linux systems, vulnerability management, implementing patch management strategies, and automating deployments and operations via Ansible and internal tools.

I am involved in deploying and operating security solutions, notably EDR (CrowdStrike), firewalling, and security policies, with a production-oriented approach and for high-constraint environments. I also participate in designing secure architectures, including network segmentation (VLAN, micro-segmentation) and overall infrastructure security enhancement.

I am involved in infrastructure modernization projects, including cloud migrations (Azure / AWS), implementing cloud security policies, and industrializing environments. These projects include a strong focus on observability, with the implementation of monitoring and supervision solutions such as Grafana, Nagios, Zabbix, and Centreon, providing real-time visibility into performance, availability, and incidents.

I also have hands-on experience in setting up and evolving SIEM platforms, notably through migrating Elastic Stack (ELK) architectures to Wazuh, covering the entire chain: log collection, centralization, correlation, and exploitation for security incident detection.

Accustomed to critical environments and multi-team contexts (infra, network, security, DevOps), I work in both build and run phases, with a strong ability to structure, document, and stabilize systems. I combine technical expertise, security vision, and a pragmatic approach to improve the resilience, supervision, and overall security of IT platforms.
  • French

    Native or bilingual

  • English

    Fluent

  • Spanish

    Conversational

Can work on-site
Rouen (up to 50km)

Experience

  • EXTIA
    Security Engineer Consultant M365 / Entra ID - Assignment at COVAGE
    TECH
    April 2026 - Today (4 months)
    Mont-Saint-Aignan, France
    On assignment at Covage, I am involved in securing the Microsoft 365 / Entra ID tenant as part of an audit remediation and overall hardening of cloud access and usage.

    My role is at the interface between cybersecurity, IAM, and Microsoft 365 governance. I work on Entra ID, Conditional Access, Identity Protection, PIM, SharePoint, OneDrive, Teams, and Exchange Online.

    I participate in remediating critical vulnerabilities with a focus on identity management, privileged accounts, conditional access policies, and protection against risky accounts.

    I design and deploy security policies (report-only mode then production), based on user risk, device compliance, and location. I analyze sign-in logs, investigate incidents (MFA, suspicious sessions), and implement remediation actions (session revocation, password reset, MFA security).

    I also work on Microsoft 365 external sharing governance: analyzing SharePoint/OneDrive/Teams usage, building an allowlist of partner domains, and implementing a controlled sharing process via the helpdesk.

    My scope also includes reporting and automation via Microsoft Graph PowerShell, post-remediation verification, technical documentation, and coordination with security, support, and business teams.

    This work is part of a strategy to reduce the attack surface, strengthen the Zero Trust model, and improve access governance in a hybrid environment aligned with ISO 27001 requirements.
    Microsoft Entra ID PIM Zero Trust ISO 27001 Hardening
  • EXTIA
    Systems and Security Engineer Consultant - Assignment at MAE
    TECH
    September 2025 - April 2026 (7 months)
    Rouen, France
    On assignment at a major player in the insurance sector, I am involved in the modernization and security of a critical infrastructure composed of Linux, Windows environments, and a highly segmented network. My role is at the interface between systems engineering, operational cybersecurity, and continuous improvement of production, pre-production, and staging environments.

    I participate in migrating legacy servers to recent systems, notably by rebuilding Debian 8 machines to Oracle Linux 9.6, with service upgrades and configuration hardening. I improve environment reliability through automation of procedures with Ansible and strengthening supervision with Nagios.

    On the security side, I contribute to deploying CrowdStrike (EDR, firewall, Device Control) and studying MFA solutions for sensitive access like bastions. I work on network micro-segmentation, VLAN isolation, inter-tier flow management, and Linux/Windows integration, as well as monitoring and remediation of vulnerabilities from audits.

    I also participate in improving infrastructure observability by extending Nagios supervision and implementing automated remediation mechanisms. I studied and designed a SIEM solution based on Wazuh for log centralization and analysis.

    My scope also includes writing technical documentation, updating network inventories, analyzing security events, ensuring NTP compliance, and coordinating with systems, network, MCO, DevOps, and architecture teams. I also trained MCO members for various projects.

    This work is part of a continuous improvement process aimed at strengthening operational resilience, visibility on system events, and response capability to incidents.
    Ansible Cybersecurity Linux Crowdstrike Infrastructure
  • École de Technologie Supérieure (ÉTS Montréal)
    Research Intern - Blockchain / Distributed Systems
    TECH
    June 2024 - September 2024 (3 months)
    Montréal, Canada
    Research internship within a university laboratory specializing in blockchain and distributed systems, in an international context.

    Design and development of a decentralized voting application aimed at ensuring the integrity, transparency, and auditability of the electoral process via blockchain.

    Complete system architecture:
    - Python backend (FastAPI) for managing interactions
    - React / Tailwind frontend for the user interface
    - Ethereum smart contracts deployed on the Sepolia testnet via Infura

    Design and development of smart contracts with implementation of mechanisms ensuring the immutability, traceability, and verifiability of votes.

    Integration of different application layers and management of frontend/backend/blockchain interactions with a focus on consistency, security, and performance.

    Work on issues of trust, transparency, and tamper-resistance in distributed systems, with a security and data integrity-oriented approach.

    Optimization of exchanges between components and validation of the overall functionality of the solution through functional tests and use cases.

    Work carried out in an international environment, with report writing and technical presentation in English to laboratory researchers.
    front-end-interface-development Back-End Development Blockchain Project Management English

Recommendations

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Computer Engineering Degree
    CESI Rouen Engineering School
    2025
    Diplôme d'ingénieur informatique
  • Integrated preparatory cycle - Engineering Sciences
    INSA Hauts-de-France Engineering School
    2022
    Cycle préparatoire intégré - Sciences de l'ingénieur

Certifications

Skill set

Categories