Freelancer profile translated to English.
Back to original languageAbout Yasine
Operational expertise: Modern SOC, SIEM/XDR (Microsoft Sentinel, Splunk, Google SecOps, CrowdStrike), threat intelligence (OpenCTI, MITRE ATT&CK, Sigma), detection engineering, AI applied to cybersecurity (Security Copilot, autonomous SOC agents, LLM-based detection), cloud security (CNAPP, Zero Trust, ITDR).
French
Native or bilingual
English
Fluent
Can work on-site
Paris (up to 50km)
Experience
- Code75Cybersecurity Architect & Fractional CISOTECHOctober 2023 - Today (2 years and 8 months)Paris, France
- Fractional CISO mandate, B2B SaaS scale-up (15 months): took over from departing incumbent. Full IT infrastructure refresh and target security architecture. ISO 27001 and GDPR governance framework, security policy, risk management, security committee setup, employee awareness, third-party and vendor management.
- Security architecture for a multi-tenant hospitality PMS platform (personal R&D product): cloud-native target architecture design, multi-tenant IAM RBAC, PCI-DSS scoping and scope-reduction strategy, payment integration via Stripe Connect (zero-commission model, direct hotel flows), hybrid PIN / email authentication, API security, encryption at-rest and in-transit, audit logging.
- SOC architecture advisory for SMEs and mid-market: target SOC design, SIEM / EDR / SOAR tooling selection matched to budget and maturity, sizing, make-or-buy model (in-house vs MSSP), post-audit remediation plans.
- Regulatory compliance programmes: NIS2 readiness (essential and important entities), DORA (digital operational resilience for financial services), PCI-DSS, GDPR. Gap analysis, action plans, regulatory deliverables, audit support.
- ISO 27001 certification preparation: scope, gap analysis, remediation plan, ISMS rollout, documentation, internal and certification audit support.
- Cross-sector cybersecurity maturity assessments: evaluation against frameworks (NIST CSF, ISO 27001, ANSSI), benchmarking, executive committee read-outs, security investment prioritisation.
- Strategic advisory to executive leadership: decision support on security investment prioritisation, risk vs business trade-offs, communication to governance bodies.
- Architecture deliverables: HLD, LLD, security standards, frameworks, architecture dossiers for security validation.
- Orange CyberdefenseHead of Use Case FactoryTECHJune 2021 - August 2023 (2 years and 2 months)Paris, France
- Take-over and industrialisation of Orange Cyberdefense's Use Case Factory: scaled the team from 10 to 30 experts in 2 years, transformed an artisanal activity into an industrialised service line serving 15 tier-1 MSSP clients (CAC40, regulated industries).
- Target operating model design: structured three specialised pillars — Detection Engineering (rule authoring and fine-tuning in YAML / Sigma), Threat Hunting and Threat Modeling (proactive hunting, MITRE ATT&CK TTP modeling), Platform and Tooling (in-house developers for automation and self-service).
- Production and fine-tuning of 2,000+ detection rules deployed and maintained across Splunk, IBM QRadar and Microsoft Sentinel, with broad MITRE ATT&CK coverage and continuous adaptation to client contexts.
- Cortex XSOAR playbook engineering: design and industrialisation of incident response playbooks, automated enrichment, alert triage and multi-tool orchestration (EDR, firewalls, CTI, ITSM).
- Architecture of an internal self-service detection-as-code platform: led the development of a tool allowing analysts and clients to author, test, validate and deploy YAML rules with a full CI/CD workflow (Git, automated validation, detection unit tests, multi-tenant deployment, versioning, rollback).
- Multi-SIEM detection-as-code pipeline: designed connectors and adapters translating Sigma / YAML rules into Splunk SPL, QRadar AQL and Sentinel KQL automatically.
- CTI ↔ SIEM ↔ SOAR integration: end-to-end architecture connecting OpenCTI (STIX / TAXII) to the detection chain and Cortex XSOAR for enrichment and automation, systematic MITRE ATT&CK alignment.
- Operational outcomes: MTTD / MTTR reduced by 40 % across the MSSP portfolio.
- Business management: service line restructuring (eliminated legacy cash drains), contribution to go-to-market strategy and tier-1 pre-sales, definition of internal SOC architecture standards aligned with NIST and MITRE ATT&CK.
- Orange CyberdefenseSenior SOC Manager — Managed Security ServicesTECHDecember 2020 - June 2021 (6 months)Paris, France
- Take-over of a critical MSSP account: account in crisis on arrival — technical chaos across the detection and response chain, deteriorated client relationship, missed SLAs, lost trust.
- End-to-end technical clean-up: SIEM platform and detection rules audit, identification and resolution of failures, SOC L1 / L2 / L3 process redesign, incident response chain uplift, SLA restoration.
- Client relationship rebuild: communication reset, transparency on corrective actions, reinstatement of regular governance (Comops, Steerco), restored trust with the client's CISO and security leadership.
- Tier-1 delivery management: planning, budget, project risk, stakeholder reporting and reporting to Orange Cyberdefense leadership.
- L2 / L3 team coaching and development: skill uplift, internal process structuring, identification of business development opportunities on the account.
- Promotion to Head of Use Case Factory at Orange Cyberdefense following the successful turnaround of the account.
Recommendations
Be the first to recommend Yasine
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master MIAGEUniversité Grenoble Alpes1999Information Technology applied to Business Management
- IT Service Management PMP TrainingPMI2015IT Service Management PMP Training
Certifications
- ISO/IEC 27001 Lead ImplementerPECCB2016
- MITRE ATT&CK FundationMITTRE2021