Freelancer profile translated to English.

Description

I find what you don't know that is known about you.

Employee credentials in public leaks. Infrastructure mappable from a simple browser. Forgotten subdomains, orphaned accounts, exposed personal data without anyone noticing.

────────────────────────────────────

WHAT I DO

────────────────────────────────────

◆ OSINT & EXPOSURE SURFACE

Reconstruction of your digital footprint as an attacker sees it: exposed infrastructure, forgotten assets, presence on forums and underground markets. Concrete deliverables, evidence, actionable recommendations.

◆ LEAK RESEARCH & COMPROMISED DATA

Analysis of leaked databases, pastebins, specialized Telegram channels. Credentials, internal documents, data of your employees or executives — I qualify the impact and prioritize actions.

◆ CYBER THREAT INTELLIGENCE

Monitoring of APT groups targeting your sector. I transform noise into actionable intelligence for your CIO or CISO.

────────────────────────────────────

MY PROFILE

────────────────────────────────────

Cyber Defense Manager in the energy sector. I have led SOC, CERT, and CTI teams of up to 30 people and coordinated major incident responses.

→ Certified CEH & CISSP

→ Comfortable in a terminal as in a COMEX meeting

Want to know what an attacker already knows about you?

Contact me.

Industry field of expertise

Languages

French
Native or bilingual
Portuguese
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Paris (up to 50km)

NaTran
Head of Cyber Defense
ENERGY AND UTILITIES
January 2026 - Today (5 months)
Head of the Cyber Defense department, leading a multidisciplinary team of 30 employees across 6 units: SOC, CERT, CTI, Vulnerability Operations Center, and Red Team.

Scope & Responsibilities:
Operational and strategic supervision of detection, incident response, and threat management activities
Leadership of the transition from a project team to a structured Cyber Defense department
Coordination with CIOs, CISOs, and business unit leaders on major incidents and overall security posture
Definition of processes, tooling, and team skill development

Areas of Expertise:
Threat Intelligence & targeted threat analysis (APT, data leaks, external exposure)
OSINT & attack surface mapping
Incident Response & digital forensics (DFIR)
Cyber crisis management and communication to decision-makers
OSINT CTI cybersecurity-incident-management Cybersecurity Strategy Team Management
NATRAN
Operational Lead SOC and CERT
April 2022 - December 2025 (3 years and 8 months)
🎯 Supervision of SOC & CERT teams: Coordination of operational activities, KPI definition, dashboard creation, daily team animation.

🚨 Crisis & Major Incident Management: Leading crisis cells, cross-functional coordination between CIOs, CISOs, and technical stakeholders.

🚀 Business Development: Implementation and structuring of CTI, Digital Forensics, and Red Team units. Team growth from 5 to 20 analysts.

🧬 Digital Forensics: Forensic analysis, IOC extraction, detailed report writing usable by incident response teams.

🛰️ Cyber Threat Intelligence (CTI): Monitoring targeted threats, APT groups, and information leaks via OSINT and strategic partners.

🌐 Attack Surface Management: Mapping of exposed assets, identification of risks related to shadow IT, and remediation recommendations.

💰 Budgetary & Contractual Management: Budget creation, expense tracking, contracting, and selection of specialized external profiles.
Cybersecurity CTI Incident Management
GRTGAZ
CERT Analyst
June 2020 - April 2022 (1 year and 10 months)
📊 Security Alert Supervision: Analysis, triage, and prioritization of alerts generated by the SOC and detection tools (EDR, SIEM, etc.), in relation to real threats.

🔍 Incident Management: Rapid investigation, qualification, and response to security incidents, in coordination with IT and business teams.

🔧 Vulnerability Qualification: Risk assessment, prioritization based on context, support for patch management teams.

⚙️ Automation & Scripting: Creation of Python and PowerShell scripts to automate recurring tasks (alerting, enrichment, IOC deployment, etc.).

📘 Playbook Development: Design of operational procedures to structure SOC/CERT response and enhance analyst effectiveness.
Forensics Digital Forensics CTI