Sid Ahmed Yousfi

🏗️ Definition of technological strategy

• Development and management of the overall IT strategy, aligned with the company's business and operational objectives.
• Acceleration of digital transformation through relevant and sustainable technological choices.
• IT budget management, technical priority arbitration, and support for strategic decision-making.

🧠 Architecture & technical development

• Direct contribution to the development of tailor-made solutions, particularly back-end (APIs, automation, internal systems).
• Involvement in software and cloud architecture: design, technical stack choices, security by design.
• Development of critical modules related to operations (booking management, API integrations, internal dashboards…).

👥 Leadership & technical management

• Supervision of multidisciplinary teams: development, infrastructure, data, support, and cybersecurity.
• Implementation of agile rituals (Scrum, Kanban), product roadmap management, workflow documentation.
• Recruitment, skill development, and retention of tech talent around a common vision.

🚀 Innovation & continuous modernization

• Permanent technological watch and experimentation with new approaches (applied AI, intelligent automation, microservices…).
• Launch of POCs and deployment of new internal solutions to optimize operational efficiency.
• Culture of documentation, IT performance measurement (KPIs), and constant feedback.

🔍 Execution of over 150 penetration tests

• Conducting pentests on various scopes: web applications, REST/SOAP APIs, internal/external infrastructures, Active Directory, cloud environments (AWS, Azure).
• Rigorous application of recognized methodologies: OWASP, PTES, OSSTMM.
• Development of comprehensive and actionable reports, with concrete attack scenarios, risk assessment, and adapted technical recommendations.

⚠️ +2000 vulnerabilities identified and corrected

• Detection of critical vulnerabilities: SQL injections, XSS, RCE, IDOR, CSRF, privilege escalation, misconfigurations, etc.
• Support for technical teams in understanding, reproducing, and correcting vulnerabilities.
• Performing re-tests to validate implemented remediations.

🛠️ Mastery of tools and automation

• Tools: Burp Suite Pro, Nmap, Nessus, Metasploit, SQLmap, Gobuster, Hydra, etc.
• Development of custom scripts in Python, Bash, or PowerShell to automate certain exploitation or reconnaissance tasks.
• Use of lab platforms (Hack The Box, TryHackMe) to strengthen and validate internal approaches.

🎓 Awareness & continuous improvement

• Technical and educational debriefings with development, security, or management teams.
• Contribution to improving security practices in the software development lifecycle (DevSecOps).
• Active monitoring of CVEs, technical publications, and participation in cybersecurity events (conferences, challenges…).

🔧 SOAR Integration

• Participation in the integration and configuration of a SOAR platform within the client's environment.
• Automation of incident response scenarios (phishing, malware detection, SIEM alerts…).
• Connection of various security tools (SIEM, EDR, ticketing, threat intelligence) to the SOAR via API.
• Creation of playbooks (automated workflows) to standardize and accelerate threat responses.

🧩 Incident Analysis & Management

• Analysis of alerts from the SIEM and handling of security incidents.
• Qualification and categorization of suspicious events.
• Recommendation of corrective or preventive actions after analysis.

🛠️ Development of automation scripts

• Writing Python or Bash scripts to enrich or automate certain steps of SOAR playbooks.
• Testing and validation of automated scenarios.

📊 Reporting & documentation

• Writing incident reports and activity reports.
• Contribution to the documentation of operational security procedures (SOPs).

🔍 Security Watch

• Monitoring of critical vulnerabilities (via CVE, CERT-FR, etc.).
• Analysis of IOCs (indicators of compromise) to enrich detection tools.