Paris, Île-de-France, France
Cybersecurity professional with strong expertise in incident response and threat detection within large-scale environments (BNP Paribas, Accenture). I focus on reducing cyber risk and strengthening organizational resilience by aligning security operations with business priorities. Currently evolving toward governance, risk management, and strategic security leadership with the objective of becoming CISO. #CSIRT #SOC #EDR #IncidentResponse #Forensics #MalwareAnalysis #Threat Hunting
Incident Management & Client Delivery ▸ Managed and investigated complex, real-time security incidents across multiple client environments simultaneously, owning the full investigation lifecycle from initial alert to post-incident reporting and remediation recommendations. ▸ Served as the senior technical lead on client-facing security engagements, presenting investigation findings and strategic recommendations to CISOs and security governance committees. Threat Hunting & Forensic Investigation ▸ Conducted advanced threat hunting campaigns using CrowdStrike, identifying stealthy adversary activity and dormant implants that evaded automated detection translating findings into new detection rules and hunting hypotheses. ▸ Performed deep forensic investigations (disk, memory, network) using Volatility, Flare VM, and REMnux on confirmed intrusion cases, producing court-admissible evidence chains and detailed attack reconstruction reports. Security Program & Policy Development ▸ Led security project management workstreams including policy development, playbook creation, and operational process design enabling client SOC teams to scale their detection and response capabilities. ▸ Developed and maintained incident response playbooks and runbooks tailored to client-specific environments, reducing mean time to respond across managed accounts. Capability Uplift & Mentoring ▸ Mentored junior analysts in threat hunting methodology, forensic techniques, and SIEM usage contributing to team skill development and reducing escalation rates over time. ▸ Drove knowledge-sharing sessions on emerging threat actor TTPs and new malware families, keeping the team aligned with the evolving threat landscape. Tools: Splunk · ELK · Volatility · Flare VM · REMnux · CrowdStrike · Tanium · LogRhythm
Ransomware Incident Response (Makop) ▸ Led the incident response effort for a large-scale Makop ransomware attack on a server farm orchestrating containment, forensic investigation, and full eradication under tight operational pressure. ▸ Performed comprehensive memory and disk forensics using Volatility and Eric Zimmermann's toolset to reconstruct the attack chain, identify patient zero, and map lateral movement paths. Threat Hunting ▸ Executed targeted threat hunting operations using SentinelOne to identify residual attacker persistence mechanisms post-containment, ensuring complete eradication before systems were restored to production. Tools: Volatility · SentinelOne · Eric Zimmermann's Forensic Toolki