Skip to main content

Experience πŸ’Ό

Professional Background & Tasks​

experience card

Experience

Every experience I have gained throughout my academic and professional path has allowed me to face real-world challenges, manage critical tasks, and deliver concrete solutions.

Instead of just listing my roles, here is what I have actually seen, built, and managed in the field - proving that I am ready to adapt and hit the ground running.

πŸ›‘οΈ Cyber Operations & Threat Management​

  • Cybersecurity Tooling Configuration & Operation:
    • Implementation: Installed and configured Wazuh in a dedicated lab environment. In a corporate setting, actively participated in configuring and operating CrowdStrike EDR, FortiNet Firewalls, and the F-Secure management console.
  • Incident Management & Vulnerability Tracking:
    • Implementation: Utilized the CrowdStrike console to perform granular CVE (Vulnerability) analysis across virtual machines and servers. Handled security incidents from detection to containment (host isolation, remediation).
    • Knowledge Base (RETEX): Documented all incident outcomes into a shared Post-Incident Review (PIR / REX) database, using a multi-keyword tagging system to streamline future troubleshooting and research.
  • Phishing Alert Handling:
    • Implementation: Analyzed suspicious emails reported by users within isolated sandbox environments and blocked malicious senders and Indicators of Compromise (IoCs) globally using Darktrace.
  • SI Alert Monitoring:
    • Implementation: Maintained a continuous watch over internal system alerts (Firewalls, Active Directory, SIEM), investigating anomalous behaviors such as suspicious out-of-hours VPN connections to preemptively block unauthorized access.

πŸ“Š Infrastructure Supervision & SLA Enforcement​

  • Monitoring Platform Exploitation:
    • Implementation: Monitored the overall health and performance (CPU, RAM, Storage) of servers and network components daily. Acted proactively on alerts (e.g., disk space reaching 92%) to mitigate risks before they could cause service downtime.
  • IT Component Integration & Maintenance:
    • Implementation: Configured and integrated new network and infrastructure assets (such as NAS backup servers) into the central monitoring platform using the SNMP protocol.
  • SLA & Incident Response Commitment:
    • Implementation: Adhered strictly to Service Level Agreements (SLAs), ensuring critical security tickets were acknowledged and processed within the required 15-minute window.

βš–οΈ Governance, Compliance & Process Optimization​

  • GDPR Implementation Support:
    • Implementation: Collaborated with the CISO (RSSI) and DPO to enforce technical GDPR requirements. Applied the principle of least privilege by restricting and encrypting access to sensitive HR data folders and enabling comprehensive access audit logs.
  • Information Security Policy (PSSI) Enforcement:
    • Implementation: Translated corporate security policies into technical rules (e.g., password complexity and 90-day expiration policies) directly implemented via Active Directory.
  • Patch Management Procedure Design:
    • Implementation: Established a standardized patch testing and deployment workflow (initial validation on a test group of machines before orchestrating a centralized, mass rollout).

πŸ“ Reporting, Dashboards & Cyber Awareness​

  • Security Playbooks & Documentation:
    • Implementation: Authored and updated technical operational procedures on the internal company Wiki (e.g., step-by-step guides for blocking malicious IPs on newly deployed firewalls).
  • Dashboard Creation & Reporting:
    • Implementation: Designed visual security dashboards using dataviz tools to track system health, and generated monthly metric reports for the CISO covering phishing trends, blocked malware, and patch compliance rates.
  • User Security Awareness:
    • Implementation: Coordinated with HR to launch simulated phishing campaigns, automatically redirecting users who interacted with the bait to short, targeted micro-learning training videos.

Every point listed above represents practical skills validated on the field. I would be glad to discuss the technical challenges and solutions behind these achievements during our interview.