Freelance ARCSIGHT : Trouvez les savoir-faire dont vous avez besoin

Je dépose une mission gratuitement
Je dépose mon CV
Vous êtes freelance ?
Sécurisez votre activité grâce au portage salarial !

Exemple des emplois d'Amine,
freelance ARCSIGHT résidant dans les Hauts-de-Seine (92)

  • Freelancer as Senior Incident Responder/ Cybersecurity

    Jan 2022 - aujourd'hui

    Analyst Level 3 at Big company that provides access to water and waste services
    in France
    o Handling and response to all cybersecurity incidents
    o Improve and maintain all the steps of handling and responding to an incident.
    o update the standard operation process.
    o Update Incident response guidelines based on React Matrix.
    o challenge the SOC team about detection rules by identifying the gap in detection or logs.
    o Improve the detection by reducing the false positive alerts and giving other logic and ideas to
    improve the rules.
    o Search and improve the tools used to respond to an incident (forensic tools, telemetry for logs that
    help during investigation, artifact collector,)
    o Work with SOAR team by transforming the Incident response Guideline to playbook or workbook
    in SOAR level to reduce incident response time and automate the response process.
    o Threat hunting based on cyber threat intelligence:
     get the detection logic or the pattern behind the new cyber-attack and transform them to use
    cases or rules of detection.
     Retro hunting/post-mortem analysis once we have a hit of an IOC and try to understand the
    root cause and if there was any gap in detection or logs.
     Challenge the EDR by testing new techniques or new patterns of attack and seeing its
    reaction.
    o Cyber threat intelligence:
     Monitoring and check any new fraudulent domain that can be used as a cybersquatting or
    phishing campaign.
     Monitoring any critical services that are exposed without any onboarding in our cyber
    security solution.
     Monitoring any brand abuse (exposed portal, …)

     Technical Environment Splunk/ Phantom SOAR/ Crowdstrike/proofpoint/Microsft defender/ Microsoft MCAS/ Microsoft sentinel/Qualys/Skybox/Zscaler/Intel471/Intrinsec cyberboard CTI/ Forensic (Volatility, UAC,)
  • ❖ Senior Soc Analyst/Incident Responder consultant at SSII France November

    Jan 2022 - aujourd'hui

  • ▪ Mission at Luxury Company CSIRT engineer L3/Analyste Soc L3 since July

    Jan 2020 - Jan 2022

    o Handling security incidents
    o Investigate incidents and identify root causes.
    o Update security playbooks
    o Implementation of operating procedures to facilitate research and investigation.
    o Threat hunting: process implementation, IOC collection, investigations.
    o Integration of business applications into Siem (choice of logs, use cases, etc.)
    o Deployment of Mitre Att&ck rules (mapping, log studies, testing, etc.)
    o Deployment of reports & dashboards on Siem
    o Major incident management (DDOS, compromised servers, etc.)
    o Dealing with vulnerabilities
    o Participation in Siem RFP (request of purchase) preparation

    Technical Environment Splunk/Entreprise Security Splunk/Tehtris Proofpoint/Zscaler/intrinsec CTI/ Cybereason EDR/Azure/Bitsight/ Alsid/
  • ▪ Mission at financial institute as Soc Analyst/CSIRT engineer L3 consultant

    Jan 2020 - Jan 2020

    o Handling PCI DSS incidents within the Author perimeter (the network that checks if a client can
    pay using his payment card).
    o Implementation and improvement of detection rules.
    o Handle security requests (phishing e-mails, suspicious machines).
    o Monitor vulnerabilities in various infrastructures.
    o Creation of procedures (reflex sheet, incident contextualization procedure) for L1/L2-level soc
    analysts.
    o Monitor technology and propose security solutions to reduce identified risks.

    Technical Environment Splunk/Entreprise Security Splunk/Darktrace/DfirOrc/Fortimail/Ironport/Python/SentinelOne/JoeSandbox/
  • ❖ Senior IT Security Engineer at an insurance company in Algeria
    Jan 2019 - Jan 2019

    o Improving the design and architecture of MACIRVIE's infrastructure from a security point
    of view, based on the Cyber Kill Chain model.
    o Implementation of Elasticsearch SIEM solution.
    o Audit and remediation of web server and collaboration vulnerabilities.
    o Audit and remediation of firewall configurations.
    o Work on the business continuity plan and recovery plan: set up a backup site; test
    restoration of backups; test failover to another site.
    o Monitor technological developments and propose security solutions to reduce identified
    risks.

    Technical Environment Windows server/ Ubuntu server/ Elasticsearch/Fortinet/Burpsuite/Nexpose/ Pingcastle
  • ❖ Senior Network Security Engineer at Internet Provider Company

    Jan 2018 - Jan 2019

    ▪ MSSP project (Managed Service Security Provider) a dedicated customer project:
    o Define the different components of an MSSP:
     Administration of customer dedicated NGFWs
     Vulnerability management
     Cyber Security analysis: identification of gap of detection, coverage of mittre
    Att&ck(log management, covered technique,…)
     Threat hunting and sandboxing
    o Develop POCs and labs for each phase, based on different vendors.
    o Present the results of the various tests and choose the appropriate solution.
    o Prepare project description sheets in collaboration with the marketing department.
    o Train sales staff in the MSSP concept.
    ▪ Implement a SOC service for the company:
    o Define security perimeter and criticality of various services and servers.
    o Realize POCs for each level of security (endpoint, front end, network), with the aim of finding a
    solution that meets the company's budget, infrastructure and security requirements.
    o Vulnerability management and analysis.
    o Draw up remediation plans and work with system administrators to implement them.
    o Ensure backup of data and configurations of various important solutions and services.
    o Deployment of an Alienvault OSSIM SIEM solution.

    o Contribution to the definition of a logging policy (types of events to be considered, retention
    times, log standardization/parsing).
    o Creation of use cases and rules of detection.
    o Analyze and handle cyber security incidents.
    o Supervise students on SOC projects:
     Define an incident management process: try to deduce a process based on the Nist 800-
    61 r2 review.
     Test and compare solutions for each part of SOC.
     Vulnerability management: a test between Rapid7 and openvas
     SIEM: a POC for Arcsight, Splunk , Alienvault
     Endpoint: Epo McAfee, Kaspersky
     NGFW: Palo alto, Fortinet
    o cybersecurity Intelligence
    o Monitor and analyze the production network to detect security breaches or intrusions.

    Technical Environment Linux/Fortinet/ Alienvault/ SIEM/ UTM/ Juniper/Windows Server/ DNS BIND/ Pingcastle/Nexpose/Openvas
  • ❖ Cybersecurity Consultant at Ota Djezzy Veon Algeria
    Jan 2015 - Jan 2018

    o Analysis and processing of security alerts.
    o Studies the security aspects of platforms for various projects.
    o Administer security solutions (NGFW, IPS, IDS, Mcaffe, etc.).
    o Network auditing.
    o Audit systems (Windows, Unix/Linux, etc.).
    o Audit and remediate vulnerabilities in information system components.
    o Integrate security platforms with SIEM to create GSOC (global SOC).
    o Design and deploy DNS solution for 3G/4G users.
    o Ensure security watch and share it with the cyber security group.
    ▪ ARCSIGHT ESM + Arcsight Data Platform SIEM project:
    o Conduct interviews with various technical teams.
    o Log ability study.
    o Define a data collection strategy.
    o Develop and deploy connectors for log collection.
    o Development of use cases to monitor the activities of privileged users (SU administrator).
    o Check incident traceability and ticket entry quality.
    o Formalize and distribute reports and directories.
    o Deploy and monitor security policies, in line with VEON Group security policy.
    o Compliance with Sarbanes-Oxley "SOX IT General Control" standards.
    o Implementation of SOX IT Control at SIEM level: log study, log standardization, use case
    testing.

    Technical Environment Arcsight/Juniper Netscreen/ Huawei/ DNS secure64 / Huawei /Palo Alto/ Fortinet/ oracle/Sql server/Windows server/ Mcaffe EPO
  • ❖ IT Security Engineer at Quantum Network Security QNS/SSRI

    Jan 2013 - Jan 2014

    o System Engineer Cisco Sourcefire May2014-August2015.
    o Network security consultant for public companies.
    o Perform security audits in public companies.
    o Integration and deployment of Sourcefire solutions (NGFW+IPS+IDS).
    o Network administrator at SSRI.
    o Configuration of security policies.
    o Train engineers on Sourcefire products (acquired by Cisco).

    Technical Environment: Sourcefire: Firepower / FireAmp / Idappcom / Rapid7 / Linux / Windows Server / Cisco
  • #10070; End-of-study internship From
    Jan 2012 - Jan 2013

    ********'etudes

    Technical Environment: IDS/IPS: ( Snort,Suricata,…) / JAVA / PostgreSQL / NSL KDD / WEKA 3
Voir le profil complet de ce freelance

Les derniers freelances ARCSIGHT

CV Consultant cybersécurité
Aurélien

Consultant cybersécurité

  • ACHÈRES
EBIOS ISO 2700x EXCEL WINDOWS POWERSHELL VBA JIRA LINUX ACTIVE DIRECTORY IAM
Disponible
CV Consultant cybersécurité
Moussa

Consultant cybersécurité

  • ASNIÈRES-SUR-SEINE
Cybersécurité CYBERARK SIEM FIREWALL SSO IAM F5 APPLICATION SECURITY MANAGER (ASM) PALO ALTO NETWORKS FORCEPOINT FORTIFY
Disponible
CV Chef de projet IT
Somdeth

Chef de projet IT

  • CHAMPS-SUR-MARNE
CISCO WINDOWS WAN LAN ITIL LINUX FIREWALL WIFI NAS SAN
CV Consultant cybersécurité SIEM
Lauryane

Consultant cybersécurité SIEM

  • ASNIÈRES-SUR-SEINE
SIEM SECURITE Cybersécurité AZURE
CV Ingénieur cybersécurité Cybersécurité
Aghiles

Ingénieur cybersécurité Cybersécurité

  • CREIL
Cybersécurité SECURITE McAFEE SOX SIEM
CV Chef de projet AGILE
Vincent

Chef de projet AGILE

  • TOURCOING
PROJECT MANAGEMENT OFFICE AGILE ITIL
Disponible
CV Consultant cybersécurité Cybersécurité
Amine

Consultant cybersécurité Cybersécurité

  • CHÂTENAY-MALABRY
Cybersécurité SIEM SPLUNK
CV Consultant cybersécurité Cybersécurité
Gilles

Consultant cybersécurité Cybersécurité

  • LE MANS
Cybersécurité ISO 2700x EBIOS SECURITE
CV Ingénieur cybersécurité SIEM
Rym

Ingénieur cybersécurité SIEM

  • ASNIÈRES-SUR-SEINE
SIEM Cybersécurité IBM QRADAR RSA ARCHER SPLUNK MOA
CV Chef de Projet PMP - AMOA/MOE - Directeur de Projet
Omar

Chef de Projet PMP - AMOA/MOE - Directeur de Projet

  • MONTROUGE
PMI PMP MOA AGILE TEST DIRECTOR
Je trouve mon freelance ARCSIGHT

Les nouvelles missions ARCSIGHT

Consultant Cybersécurité Technico-Fonctionnel SIEM

ARCSIGHT IBM QRADAR PENTAHO HITACHI
ASAP
Paris
218 jours ouvrés
Voir la mission

Consultant ARCSIGHT

ASAP
92 - Hauts de Seine
3 mois
Voir la mission

Consultant Arcsight

ARCSIGHT
ASAP
Luxembourg
3 mois
Voir la mission

Consultant Arcsight

ARCSIGHT
ASAP
Luxembourg
120 jours ouvrés
Voir la mission

Formateur Arcsight Enterprise

ARCSIGHT
ASAP
75 - paris
5 jours ouvrés
Voir la mission

Consultant sécurité bancaire FORTIFY / ARCSIGHT

FORTIFY ARCSIGHT
ASAP
75 - Paris
3 mois
Voir la mission
Je trouve ma mission ARCSIGHT