As a cybersecurity engineer, I have been working in the field for more than 10 years with a focus on cloud architecture for the last 2 years.
Curious, eager to do things right and happy to share my knowledge, I was able to discover many cyber topics including Identity and Access Management (IAM), Security Incident Detection (SOC) and securing AWS and GCP cloud environments under different roles: architect, project manager, project coach, technical / functional analyst, system administrator, …
Certifications
Experiences
Cloud security consultant at Accenture [2021 to now]
I joined Linkbynet Cybersecurity (Paris, France) which was acquired by Accenture in June 2022. I became the lead of the AWS security community which aims to train consultants, centralize skills and offers, share feedback and participate in events. To date I have helped two customers with very different contexts to secure their cloud environments.
AWS Architect - CAC 40 energy [December 2022 to today]
- Design the functional requirements of the AWS Landing Zone squad in accordance with the group’s cyber and architecture requirements
- Contribution to the security improvement work of the AWS landing zone
- Application of agile practices (Scrum team) with 2 weeks sprints.
Cloud security expert - CAC 40 bank [November 2021 to November 2022]
- Coaching and validation of AWS & GCP security architectures (security by design)
- Validation of cloud service usage through technical security analysis and recommendations
- Contribution to the implementation of controls on the centralized deployment pipeline, at the border of cloud environments as well as on the deployed environment (runtime)
Cloud & SOC consultant at Conix (France) [2016 to 2021]
With my engineering degree in hand, I continued in a consulting firm specialized in cybersecurity where I was able to support two clients on issues of incident detection (SOC), project management and technical expertise on the cloud.
Technical project leader - CAC 40 bank [July 2020 to June 2021]
- Public Cloud security
- Securing the group’s public email domain names (SPF, DKIM, DMARC)
SOC Analyst L3 (Group SOC) - CAC 40 bank [April 2018 to June 2020]
- Run: Sensitive and difficult security incidents.
- Continuous improvement: incident process, security contacts directory (130+ teams).
- Relationship: exchanges with the Group CERT and business security teams (delivery role).
- Project: PoC of a user behavior detection tool and its implementation.
SOC Analyst & System administrator - CAC 40 manufacturer [October 2016 to March 2018]
- Operational leader of SOC analysts in customer facilities
- Run: analyze security incidents, log and detection architecture maintenance
- Projects & improvements: setup and maintenance of new detection tool, on-boarding of new business scopes (collect, parsing, use-cases)
IAM officer & DLP analyst at BNP Paribas CIB (France) [2012 to 2016]
I started my working life in a work-study program in parallel with my last four years of studies.
- Identity and Access Management (IAM): access validation, process definition, daily/weekly controls, annual access reviews.
- Project of integration of a thousand assets into the global CIB access right tool : owner census, on-boarding, validation process and access right auto-provisioning.
- Trainings and help on change management to the new CIB IAM tool.
- Handle security incidents with CSIRT/CERT teams.
:(fa-sharp fa-solid fa-graduation-cap): Education
- ESIEA: French IT engineer school
- Paris-Saclay / IUT d’Orsay:
Projects
CyberGordon
CyberGordon quickly provides you threat and risk information about observables like IP address or domain.
It’s a personal project hosted on AWS.
:(fa-solid fa-user-secret): The genesis and architecture of my CyberGordon project
AWS Extra
AWS Community Builder
Member since August 2022 (directory listed) in the Security & Identity topic.
The AWS Community Builders program offers technical resources, education, and networking opportunities to AWS technical enthusiasts and emerging thought leaders who are passionate about sharing knowledge and connecting with the technical community.