Freelancer profile translated to English.

Description

SOC & Cyber Threat Detection Expert with over 9 years of experience, I assist companies in securing their information systems against increasingly sophisticated threats.

Specializing in detection, investigation, and incident response, I cover the entire defense chain: from SIEM deployment and optimization to complex incident management (web attacks, DDoS, compromises). My approach is both technical and results-oriented, with a clear objective: to tangibly improve my clients' security level.

Through my missions, I have developed strong expertise in various environments and with solutions such as Elastic, Microsoft Sentinel, Splunk, Wazuh, and Akamai (WAF, Bot Manager, DDoS). I also work on the continuous improvement of SOC capabilities: detection use cases, false positive reduction, automation, and team upskilling.

What sets me apart: a global vision of operational cybersecurity, the ability to manage critical incidents under pressure, and a true sense of customer service.

Industry field of expertise

Languages

English
Conversational
French
Native or bilingual
Arabic
Native or bilingual

Workplace preferences

Remote only

Primarily works remotely

LA POSTE
SOC N3 Expert
March 2023 - Today (3 years and 3 months)
Advanced Analysis & Investigation
• Handled complex escalations from SOC L1/L2 regarding application and DDoS incidents.
• Correlated Akamai alerts (App & API Protector, Bot Manager) with SIEM, IDS/IPS, and EDR for multi-layered analysis
Incident & Crisis Management
• Qualified, contained, and managed the mitigation of web and DDoS attacks via the Akamai platform
• Initiated advanced response actions: activation of specific rules, challenge/deny switching
• Led and coordinated crisis management for major incidents
Solutions Administration & Optimization
• Administered, configured, and maintained the Akamai platform (Antibot, WAF, DDoS) in line with evolving threats and applications
• Analyzed and addressed Akamai false positives, adjusted security configurations to refine detection and reduce false negatives
• Administered EDR policies and configurations
• Challenged security tools during tender processes (Sandbox, SIEM)
Contribution & Upskilling
• Participated in the continuous improvement of operational security processes
• Trained and mentored the L2 team to enhance detection capabilities
Monitoring & Technical Expertise
• Ensured active monitoring of application and DDoS threats
• Tested and validated new Akamai functionalities
• Collaborated with business teams to define detection scenarios
Reporting & Knowledge Management
• Produced detailed incident reports and documented Akamai playbooks and best practices
• Participated in security reviews and post-mortem exercises
Support & Vendor Relations
• Provided technical liaison with Akamai during major incidents and managed complex escalations with vendor support
WAF DDOS Siem Bot EDR
CONIX
Cybersecurity Consultant
October 2017 - February 2023 (5 years and 4 months)
Deployed and configured SIEM solutions for clients
• Created investigation dashboards for analysts
• Investigated and qualified security incidents: identified infection vectors, analyzed malware, and searched for data exfiltration
• Recommended service recovery measures and wrote analysis reports
Threat intel Siem IPS/IDS Sandbox Antivirus
CONIX
SOC N3 Analyst
October 2017 - February 2023 (5 years and 4 months)
Qualified and evaluated SOC solutions for client implementation
• Performed SIEM audits, optimized existing alerts and dashboards, formalized areas for improvement
• Defined SIEM architectures and proposed new collection architectures
• Integrated and administered SOC tools (Elastic Stack, OSSIM, Suricata, HIDS) and associated equipment
• Developed parsers (Firewall, Windows, Linux, antispam) to enrich detection
• Implemented detection rules and scenarios, proactively managed false positives
• Continuously improved the cyber detection and reaction strategy
• Participated in the development of new offerings and the implementation of new projects
• Supported clients, provided reporting, and raised user awareness
Elasticsearch Wazuh Splunk RSA netwitness Suricata