Freelancer profile translated to English.

Description

Cybersecurity specialist with expertise in SOC analysis, incident response, and Threat Hunting. This expertise allows me to improve detection capabilities, particularly in Cloud environments, to contribute to the security of IS.

Industry field of expertise

Languages

English
Fluent
French
Native or bilingual
Arabic
Native or bilingual

Workplace preferences

Can work on-site

Paris (up to 50km)

CMA CGM
SOC Analyst N3
LOGISTICS AND SUPPLY CHAIN
March 2023 - Today (3 years and 3 months)
Puteaux, France
Management of the 24/7 SOC environment (Env. Follow the Sun)
Monitoring, analysis, and contextualization of incidents on ~150K endpoints spread across more than 20 tenants, covering various sectors including maritime transport, logistics, and media (Tech Env.: XSOAR, Azure Sentinel, ELK, MS XDR, etc.),
Technical support to N1/N2 analysts, with support for the analysis and resolution of security alerts.
Participation in incident response
Conducting detailed investigations into security events,
Application of remediation actions, proposal of specific recommendations, and communication/escalation of conclusions to the teams concerned,
Participation in incident simulation exercises (Tabletop Exercises-TTX).
Improving the SOC posture
Development and adjustment of detection use cases with a focus on Cloud technologies (Office 365, Azure activity, AWS services, etc.),
Contribution to the creation of Playbooks, cheat sheets, and operational procedures,
Conducting Threat Hunting sessions across the entire multi-tenant organization (MTO),
Participation in Purple Team exercises with the AppSec team (Vectr, Sentinel Hunt, MS XDR),
Facilitation of workshops and mini internal training sessions (Auditd, Persistence, Privesc etc.).
XSOAR Microsoft Azure Amazon Web Services ELK Azure Sentinel O365 MITRE ATT&CK EDR threat hunting Trend Micro Microsoft Defender
ATOS Digital Security
Cybersecurity Consultant
CONSULTING AND AUDITS
October 2020 - March 2023 (2 years and 5 months)
Bezons, France
SOC Analyst - MSSP Atos (Multi-client Environment)
Analysis and interpretation of security alerts from various equipment (SIEM RSA, EDR Ecat-HarfangLab, NDR, PCAP), with proactive and reactive incident management,
Participation in the implementation of a detection rule development environment (Atomic Red team, Preprod Env.),
Creation of correlation rules covering several tactics (Persistence, Data exfiltration, Lolbins, etc.),
Facilitation of client operational committees, writing follow-up reports and contributing to service documentation.
Deployment of Microsoft Azure Sentinel SIEM in a client environment
Identification and configuration of data/log sources to be monitored,
Implementation of an alert transmission architecture to the RSA SIEM,
Definition and creation of detection rules and supervision dashboards (Analytics, Workbooks),
Organization of workshops and support for the client's security teams.
Implementation of a detection LAB for Windows AD
Installation and configuration of the technical environment including Windows AD, EDR Cybereason and SIEM Splunk,
Definition and execution of test scenarios based on the Mitre ATT&CK matrix,
Analysis of test results and writing of design and implementation deliverables.
RSA netwitness Ecat HarfangLab Cybereason Splunk Darktrace Azure Sentinel SIEM
Avanade France
Security Consultant
CONSULTING AND AUDITS
March 2020 - September 2020 (6 months)
Issy-les-Moulineaux, France
Implementation of a governance solution with Azure Policy in the Azure Cloud

Configuration of Azure services (Keyvault, Storage Account, Network, etc.),
Application of security strategies via Azure Blueprint,
Integration of the solution into a CI/CD chain with Azure DevOps,
Writing of design and implementation deliverables.
Microsoft Azure Azure Policy Blueprint Azure DevOps