Youness Azdoud

- Management and operational exploitation of the information system: servers, networks, storage, and security solutions.

- Administration of Cisco/HP network infrastructures, Check Point Firewall and VPN, AD/LDAP, databases, and Linux/Windows systems, Datacenter Urbanization.

- Implementation and maintenance in operational and security condition (MCO/MCS) of technical and application environments.

- Vulnerability remediation, N3 incident management, and continuous improvement of the security posture.

- Deployment, automation, and industrialization of environments via Ansible playbooks, GPO, and orchestration tools.

- Monitoring and observability via the ELK stack, Centreon, and log collection tools.

- Participation in architecture projects (networks, security, infrastructure): design, integration, and platform evolution.

- Drafting procedures, technical documentation, and supporting N1/N2 teams.

- Contribution to technical compliance and the application of internal security standards.

- SIEM Monitoring (SEKOIA, ELK Stack), IDS/IPS alert correlation, and threat analysis (Zero-day exploits).

- SOC/CERT Interface: Alert validation, critical escalations, and corrective action coordination with XSOC and CERT-AG.

- Incident Response: Analysis (SentinelOne, AntiMalware), (NSX-T/Fortinet/FMC), remediation, and RCA.

- Firewall flow validation and optimization via Fortimanager and Algosec (workflow, change management, Policy compliance)

- Patch management and vulnerability management via Qualys, JFrog module XRAY, CyberWatch

- Implementation of security policies, hardening of configurations and OS.

- Administration of user authentication and authorization (Keycloak) for web applications and services, and MFA.

- Monitoring of ISPS (Information Security Policy) and audits (ISO27001, Pentest)

- PoC on vulnerabilities, reducing the number of critical vulnerabilities.

- Watchkeeping on CVE/exploits and adjustment of FW/EDR rules and network segmentation.

- Application of the company's defined ISPS and monitoring of security audits with IT teams

- Analysis of the IS to identify vulnerabilities and assess risks, applying CIS Benchmark recommendations on various perimeters (PDT, FW, AD…)

- Integration of security into projects: architecture review

- Vulnerability management and implementation of the patch management process via Qualys

- Application of recommendations for email security (DMARC, DKIM, SPF)

- Technical referent for security solutions: Qualys, Tehtris EDR/XDR, Userlock, Keepass, Yubikey for MFA

- Management and administration of secure network infrastructures (NSX-T, WAF, Cisco)

- Deployment and maintenance of firewalls and network equipment (ACL, NAT, VPN, VLAN, segmentation)

- Network monitoring and supervision to ensure infrastructure availability and performance

- Implementation of cyber best practices on environments (Zero Trust, segmentation, hardening)

- Participation in audits and infrastructure compliance (ISO 27001, NIS2)

- Incident management and resolution of connectivity and security issues

- Raising employee awareness of cybersecurity best practices (password management, MFA, phishing…)

- Training internal teams and transferring skills on deployed solutions