You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Waoundé GassamaWG

Waoundé Gassama

SOC / CSIRT Manager

€750/day
2 projects
Rueil-Malmaison, FR
8-15 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Waoundé

16 years of experience, including over 7 years in offensive and defensive cybersecurity, in critical sectors (healthcare, finance, telecoms, automotive, utilities).

I support CIOs, CISOs, and SecOps teams in implementing or optimizing their operational cybersecurity strategy: SOC, vulnerabilities, detection, orchestration, KPIs, etc.

**My approach**:


Structure a clear and actionable roadmap aligned with the IT strategic plan.
Translate cybersecurity strategy into operational and measurable deliverables.
Develop or enrich your SIEM use cases, challenge them, framed by frameworks (MITRE ATT&CK, NIST, ISO, etc.).
Intensify the use of APIs and automate key routines (XSOAR, Sentinel, etc.).

My added value:

Excellent communicator bilingual (FR/EN), I synthesize technical topics to make them understandable and actionable at the managerial level.
I design precise, usable KPIs, tailored for Executive Committees/Steering Committees as well as SOC Analysts.
I have a strong results-oriented and trust-based culture, because a successful cybersecurity project relies above all on collective buy-in.
  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Rueil-Malmaison (up to 50km), Orléans (up to 50km), Le Havre (up to 10km), Rouen (up to 10km)

Experience

  • RYDGE CONSEIL
    SOC Manager
    CONSULTING AND AUDITS
    November 2025 - February 2026 (3 months)
    Courbevoie, France
    Project management for the redesign of cyber defense activities (SOC, VOC, CTI) and operational implementation, consisting of:

    Project management and governance
    • Strategic scoping with management and stakeholders
    • Development of the master plan and critical milestones
    • Facilitation of weekly/bi-monthly steering committee meetings (COPIL)
    • Risk, budget, and dependency management
    • Progress reporting (dashboards and tracking KPIs)

    Operational coordination
    • Organization of the transition between service providers (outgoing/incoming)
    • Management of interfaces between client teams, service providers, and integrators
    • Maintenance in operational condition (MCO) plan during transition
    • Validation of technical and organizational deliverables (with VISA)

    Build and implementation of the new SOC
    • Definition and configuration of detection and response policies
    • Deployment of tools (SIEM, EDR, SOAR, CTI platforms)
    • Configuration of incident management workflows (Jira, ServiceNow)
    • Functional and technical acceptance testing of deployed solutions

    Go-live and change management
    • Development of runbooks and operational procedures
    • Training and skill development for SOC teams
    • Post-deployment support (stabilization phase)
    • Lessons learned and closing documentation
    Technical project management Build SOC Maintenance in operational condition
  • Servier
    SOC Manager
    PHARMACEUTICALS INDUSTRY
    July 2024 - March 2025 (8 months)
    Suresnes, France
    Transition between outgoing and incoming provider, 3-month project
    Management of a 24/7 "follow the sun" MSSP (SOC level 2, CERT)
    🔹 Definition of the strategic and operational roadmap for 2025/2026
    🔹 Implementation and monitoring of governance bodies: Steering Committee, Working Committee, Project Committee, Strategic Committee
    🔹 Organization of pentest campaigns to reduce SOC's MTTD/MTTR
    🔹 Management of daily activities
    🔹 Team monitoring via PowerBI, ServiceNow, Jira and human resources management (SDM)
    🔹 Challenge of playbooks (xSOAR), logic of detection rules, incident management
    🔹 Launch and steering (COPIL) of the following topics:
     – DMARC (Merox)
     – Incident Response (cyber crisis management project)
     – Vulnerability Management (Qualys)
     – Brand monitoring (RecordedFuture)
    🔹 Point of contact for SOC escalations via ServiceNow
    🔹 Project to draft specifications (RFP) for EDR (servers) and NDR solutions
    🔹 Definition of RACI version 2 for the SOC team
    🔹 New Azure "landing zone" implemented
    🔹 Custom detection rules for specific business applications
  • AMAYAS Consulting
    Vulnerability manager
    ENERGY AND UTILITIES
    August 2022 - February 2024 (1 year and 6 months)
    Joinville-le-Pont, France
    Project for Veolia water technologies, international context (North America, South America, Europe, MEA, APAC):

    Vulnerability Management - 90% of the time
    Job title: Vulnerability manager
    International scope (North America / South America / Europe / APAC / Africa & Middle East)
    Technical lead of the team (including 1 person dedicated to Acunetix (URL scans) and public IPs).
    Creation of the target Qualys architecture design
    Creation of general documentation, procedures
    Creation of the RUN framework (based on NIST's)
    Implementation of the RUN
    Creation of Qualys, Splunk, ServiceNow dashboards
    Creation of managerial and operational KPIs
    Qualys support (MCO)
    Automation of common tasks
    Creation of a vulnerability prioritization framework (Excel matrix)
    Complete integration of an entity (ex-Suez) > Project management

    SoC - 10% of the time
    Creation of an incident prioritization model (co-author)
    Vulnerability intelligence and weekly reporting (task performed in pairs)
    Incident tracking
    Preparation of the Gsoc GAP analysis (provided by I-tracing) > Project started in December 2023
    Technical project management Maintenance in operational condition Build KPI Dashboards Deliverables

Recommendations

Be the first to recommend Waoundé

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Master of Management
    CESI École Supérieure de l'Alternance
    2020
    Master 2, Management SI, option sécurité
  • Manager in IT maintenance and support, IT system and information security
    CESI École Supérieure de l'Alternance
    2015
    Gestionnaire en maintenance et support informatique, Sécurité / sûreté de l'information des systèmes informatiques

Skill set

Categories