Freelancer profile translated to English.

Back to original language

Description

SOC N2 Cybersecurity Analyst with a rare dual expertise:

3 years of incident detection & response on CAC40 scope

(Splunk, Wireshark, Qualys) at Orange Cyber Défense / TotalEnergies,

backed by 15 years of Network & Security foundations (Palo Alto, Fortinet,

Zscaler, F5, Cisco).

🎯 My added value

I analyze SIEM alerts with the perspective of an engineer who has

deployed the infrastructure: fewer false positives, faster qualification,

and the ability to coordinate the response up to WAN isolation.

🛠️ What I do daily

- Splunk Detection & Triage (SPL, dashboards, correlation rules)

- Incident Response (Red Button, FortiGate / Palo Alto isolation)

- Network Forensics (Wireshark analysis, post-incident)

- Vulnerability Management (Qualys, remediation tracking)

- Configuration of Syslog flows to SIEM

🏢 Environments mastered

TotalEnergies · Orange Cyber Défense · Bolloré T&L · ENGIE IT ·

Allianz · EDF / ERDF · Vinci Energies — all CAC40 / critical environments.

📍 Île-de-France · On-site or hybrid mission · Immediate availability

🎓 Certifications: Splunk Core Power User · Fortinet NSE7 ·

AWS SAA · CCNA · CySA+ in progress

💬 Available to discuss your SOC needs, security audits, or Network & Security expertise missions.

Languages

English
Fluent
French
Native or bilingual

Workplace preferences

Can work on-site

Argenteuil (up to 40km)

Orange Cyberdefense
Cybersecurity Analyst SOC N2 | Splunk · Forensics · Incident Response
ENERGY AND UTILITIES
August 2023 - March 2026 (2 years and 7 months)
Courbevoie, France
Configuration of Syslog forwarding (FortiGate, Palo Alto, Zscaler) to Splunk & Dynatrace — centralization of security visibility for TotalEnergies perimeter.
▸ Creation of L1 dashboards: Zscaler tunnel monitoring (up/down), detection of critical flow interruptions, automatic incident triggering.
▸ SPL Support for L2 analysts: customization of Splunk queries, adaptation of detection rules to the TotalEnergies context.
▸ Red Button — Incident Response: immediate isolation of a compromised site's WAN via FortiGate, coordination of security and business teams.
▸ Network Forensics: in-depth analysis of Wireshark frames, investigation of complex packet errors during post-incident analyses.
▸ Vulnerability Management: Qualys campaigns, results analysis, transmission of vulnerability reports to dedicated teams.
Cybersecurity Splunk SIEM Vulnerability Management Syslog
BOLLORE Transport et Logistics
Security Network Expert — Zero Trust Segmentation & Run
LOGISTICS AND SUPPLY CHAIN
November 2022 - May 2023 (6 months)
Puteaux, France
▸Design & implementation of network/security micro-segmentation (Bolloré Africa carve-out → MSC) — isolation of critical environments.
▸Splunk for flow audit: validation of post-deployment segmentation, detection of flows non-compliant with new policies.
▸International infrastructure L3 support: L2/L3 LAN/WAN support, VPN, proxy, Aruba WiFi across ~500 MPLS/IPsec sites
Fortimanager Panorama Splunk Pulse Secure azure
VINCI Energies
Senior Security Engineer
ENERGY AND UTILITIES
February 2020 - September 2020 (7 months)
Saint-Denis, France
▸L2/L3 incident management: Checkpoint & FortiGate firewalls, Zscaler filtering, F5 WAF. Network & security audits, DNS management.
▸L2/L3 LAN/WAN/WiFi incidents, operator coordination (Equinix, Colt, OBS, NTT). Cisco Viptela/Vmanage SD-WAN. AWS & Azure L3 support.
Wifi Zscaler Check Point VPN F5