Freelancer profile translated to English.

Description

Graduated from Sup Galilée in Computer Networks Engineering, I consolidated my skills as an SOC and CSIRT Analyst at Eviden, where I implemented security solutions with Splunk. My passion for cybersecurity and security incident management is reflected in my daily work and professional certifications.

With specific technical know-how in PowerShell, Python, and recognized expertise by Splunk, I focus on defensive security innovation. In collaboration with my team, we have contributed to strengthening our company's security posture, demonstrating the importance of a proactive and reactive approach to threats.

✅ Key achievements:

- Optimization of detection and response processes, reducing intervention times by 40%.

- Active participation in complex investigations, leading to the neutralization of advanced persistent threats (APTs).

📩 Want to connect? Contact me to discuss your cybersecurity projects and needs.

Industry field of expertise

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Champigny-sur-Marne (up to 50km)

EVIDEN FRANCE / ATOS
SOC Analyst
CONSULTING AND AUDITS
August 2022 - Today (3 years and 10 months)
Analysis and handling of incidents as well as continuous service improvement (at Informatique Caisse des Dépôts ICDC):
• Incident handling in compliance with established SOC procedures and SLAs
• Detailed tracking of all open alerts within dedicated ticketing tools
• Maintaining documentation associated with security incidents or creating it if absent
• Analysis of Splunk dashboards for security incidents, monitoring malicious or unauthorized behavior on the IS
• Redesign of security alerts and creation of associated Playbooks
• Periodic review of procedures and documentation via WIKI
Environment
Splunk, Windows, AD, Cortex XSOAR, Virus Total, JoeSandBox, Cyberchef, Fireeye, Cosmos, Cybereason, Internet, Office, Ansible BOSS OF THE SOC, AWS
Suez France
CSIRT Analyst
ENERGY AND UTILITIES
July 2021 - June 2022 (11 months)
Handle cybersecurity incidents as part of incident response, manage level 3 infrastructure projects, and address vulnerability-related issues
• Validation of flow matrix opening
• Approval of privileged accounts and application installations
• Generation of P7B, CER signed digital certificates from CSRs
• Analysis of security incidents and response to these security incidents
• Automation of service account and generic account creation
• Setting servers to prevent mode on Crowdstrike
• Monitoring the project for updating machine KBs for various vulnerabilities
Technical Environment: Splunk, Service Now, Crowdstrike, Qualys, GLPI, MCAS, Active Directory, Infoblox
Airbus
SOC Analyst
January 2021 - June 2021 (5 months)
Onboarding data via Splunk eventgen for testing KPIs created in dashboards
• Development and maintenance of dashboards
• Configuration of eventgen on the development platform
• Historical logging of eventgen over weekly and monthly periods
• Integration of eventgen on the development and integration platform
• Integration tests
• Writing reference documentation on eventgens
• Installing Apps
Technical Environment: Splunk, Linux