Zied Ourari

• • N3 security operations across multiple vendors in a financial environment

• • Maintaining the security of network, email, and SOC infrastructures

• • Managing critical N3 incidents

• • Participation in several projects

• • Projects 40% / Support 60%

Tasks:

• •

Administration of Fortinet, Palo Alto, Check Point, Cisco Secure Firewall

• •

Analysis and validation of traffic opening requests

• •Advanced troubleshooting of IPSec / SSL VPN

• •

Administration of Cisco ESA & SMA (antispam, spoofing, sandboxing)

• • Management of Skyhigh secure proxy (Traffic opening, Debug ..)

• • Configuration and operation of Netskope for securing WAN traffic and cloud traffic

• •

Administration of F5 BIG-IP (VIP, SSL certificates, L7 troubleshooting)

• • SOC investigation via Splunk, SentinelOne, and Hacknowledge

• •

Analysis of security alerts and remediation

• • Management of RCDevs strong authentication and PAM Wallix

• • Renewal and deployment of SSL/TLS certificates on F5 load balancers

• • PRTG and vCenter monitoring

• • Participation in CABs and security changes

• • Driving security patching campaigns and coordinating vulnerability remediation plans.

• • Documentation of procedures and operating methods. Environment PA-3250, Fortigate 71F/100F/200F, Cisco ESA/SMA, NSX-T, Azure, Netskope, Zscaler, Cisco Secure Firewall 3110

• • Firewall and endpoint expertise (Palo Alto, Checkpoint, Fortinet, Illumio)

• • Cloud Orchestration, Automation, scripting

• • Debugging and resolution of N3 production incidents

• • Management of security policies administration distributed across the group's various firewalls (processing traffic opening requests, VPN, Changes ..)

• • Level 3 Support

• • Participation in infrastructure projects

• • Projects 30% / Support 70%

TASKS:

• • Resolution of Level 3 technical incidents on multiple technologies (Fortinet, Checkpoint, PaloAlto, Illumio, VPN, ..)

• • Optimization and security improvement

• •

Firewall and security equipment administration

• •Processing of traffic opening requests

• • Debugging scripts in cloud orchestration

Workshops with development teams to improve automation solutions and technical APIs after each sprint) Patching participation,

Missions

• • Workstation & Server security expertise

• •

SOC alert analysis

• • Deployment and operation of various security tools

• •

SOC incident analysis and resolution

• • Endpoint installation and upgrade

• • CVE monitoring and remediation

• • Operational activity monitoring (KPI, Escalation, Improvements ..)

• • Projects 50% / Support 50%

TASKS:

• • SOC incident support (malware, network, workstation, VPN, malicious activity.)

• •

URL analysis

• •

MALWARE analysis

• •

CVE analysis and remediation plan

• •

Analysis and validation of software installation requests

• •

Risk analysis and remediation on various topics (phishing, cortex alerts, AD non-compliance..)