Security Operations Center (SOC) Implementation (Personal Project)
→
Summary
Designed and implemented a personal Security Operations Center (SOC) to centralize security monitoring and incident management.
About
Highly motivated Cybersecurity Engineering student pursuing a Master M2 in Information Systems Security, actively seeking a PFE (End-of-Study Project) internship starting February 2025. Possessing a strong foundation in governance, risk, compliance, defensive and offensive cybersecurity, and development, complemented by practical experience in security audits, risk management, and digital forensics.
Work
Bontaz Centre Maroc
|End-of-Study Internship in Information System Security
→
Summary
Contributed to the implementation of information security management systems and conducted risk assessments for the automotive industry.
Highlights
Participated in the implementation of the ISMS to achieve TISAX label compliance (inspired by ISO27001 standard) for the automotive industry.
Conducted risk analysis and evaluation using the EBIOS Risk Manager methodology.
Performed audit and evaluation of information security policies.
Sekera Services à Casablanca
|Linux Forensics Application Internship
→
Summary
Contributed to digital forensic investigations on Linux systems and automated analysis processes.
Highlights
Contributed to a digital investigation on a Linux machine, including memory analysis, artifact extraction, and inspection of logs and user activities.
Developed a Bash script to automate forensic analysis processes under Linux.
Volunteer
ENSA Cybersecurity Club
|Active Member
→
Summary
Actively participated in and contributed to the university's cybersecurity club activities.
School Volleyball Team
|Team Member
→
Summary
Actively participated as a member of the school's volleyball team.
National CTF Competition (Morocco)
|Participant (3rd Place)
→
Summary
Achieved 3rd place in a national Capture The Flag (CTF) competition in Morocco.
Education
Université de Technologie de Troyes, France
→
Master M2
Information Systems Security
Ecole Nationale des Sciences Appliquées de Marrakech, Maroc
→
Engineering Degree
Cyber Defense
Lycée Cadi ayyad de Marrakech, Maroc
→
Baccalauréat
Physical Science
Grade: Mention très bien (Very Good Honors)
Languages
French
Fluent
English
Proficient
Certificates
(ISC)² Certified in Cybersecurity (CC)
Issued By
(ISC)²
ISO/IEC 27001:2022 Information Skillfront Security Associate
Issued By
Information Skillfront
TryHackMe Junior Penetration Tester
Issued By
TryHackMe
TryHackMe SOC Level 1 & 2 Certification
Issued By
TryHackMe
Skills
Governance, Risk & Compliance
Audit & Compliance (ISO27001, RGPD, NIST, NIS2), Risk Analysis & Management (ISO 27005, Ebios RM), Security Policy Development (PSSI), BCP, DRP, ROI, BIA Development (PCA, PRA, ROI, BIA).
Defensive Cybersecurity
Log Analysis & Intrusion Detection (SIEM: ELK Stack, Splunk), Network Security & Traffic Analysis (Firewall, IDS/IPS: Snort, Wireshark, Zeek, Brim), Endpoint Security (Sysmon, Wazuh), Digital Forensics (Volatility, Autopsy), Phishing Analysis, Encryption & Key Management (OpenSSL).
Offensive Cybersecurity
Penetration Testing & Vulnerability Assessment, Vulnerability Scanning (Nmap, Nessus, OpenVAS, OWASP ZAP), Vulnerability Exploitation (Metasploit, Burp Suite).
Development
Python, C, Java, Shell Scripting.
Technical Knowledge
Active Directory, Virtualization, Cloud Computing, Networking & Systems, Linux & Windows Environments.
Soft Skills
Adaptability, Teamwork, Analytical Thinking, Enthusiastic Learner.
Interests
Cybersecurity Competitions
CTFs.
Sports
Swimming, Volleyball.
Strategy Games
Chess.
Projects
University Infrastructure Penetration Testing and Vulnerability Assessment (Personal Project)
→
Summary
Conducted a comprehensive penetration test and vulnerability assessment targeting the university's infrastructure (with authorized consent) to identify and mitigate security weaknesses.
Integrating Security as Code in a Spring Boot Application
→
Summary
Implemented robust security measures directly within the codebase of a Spring Boot application using Security as Code principles.
Information System Security Risk Analysis Post-Ransomware
→
Summary
Conducted a comprehensive risk analysis and security review of an information system following a ransomware attack, focusing on recovery and resilience.
DevSecOps Monitoring Integration in Spring Boot Application
→
Summary
Integrated comprehensive monitoring components into a DevSecOps pipeline for a Spring Boot application, enhancing visibility and incident response.
Linux Hardening Script Development
→
Summary
Developed a Shell script to enhance the security posture of Linux systems by hardening file systems, kernel, and authentication/identification mechanisms.
Business Continuity & Disaster Recovery Plan for Educational Institution
→
Summary
Developed a comprehensive business continuity and disaster recovery plan tailored for an academic institution to ensure operational resilience.