Faissal Bakadir

Conducted in-depth audits to assess the organizations cybersecurity
framework and ensure compliance with DORA (Digital Operational
Resilience Act) and ISO27001 requirements.
Designed and implemented a comprehensive roadmap to achieve and
maintain full compliance with DORA and ISO27001, including timelines,
milestones, and actionable steps.
Reviewed and evaluated existing security policies and processes,
identifying gaps and developing new policies aligned with DORA and
ISO27001 standards.
Created and maintained detailed documentation, including compliance
reports, incident management procedures, and operational resilience
frameworks.
Collaborated with cross-functional teams to establish a governance
structure for DORA compliance, ensuring clear roles and responsibilities.
Defined and implemented the three lines of defense framework for
operational resilience
Led awareness sessions and training programs to educate staff on DORA
and ISO 27001 requirements and the importance of operational
resilience.
Conducted advanced threat detection and investigation using Trend
Micro Vision One, ensuring rapid identification and response to
cybersecurity threats.
Monitored, analyzed, and responded to security incidents using Microsoft
Sentinel and Microsoft Defender for Endpoint (EDR).
Performed triage, analysis, and escalation of alerts generated by SIEM
and EDR platforms, ensuring accurate and timely resolution.
Developed and maintained playbooks, workflows, and automation to
streamline incident response processes.
Provided detailed reports and actionable recommendations to
stakeholders on detected threats and mitigations.

Developpe and deploy a cybersecurity program based on the NIST
framework.
Adapt NIST recommendations to meet the specific needs of the
organization.
Draft security policies in line with NIST principles.
Conduct regular security audits to ensure compliance with NIST
standards.
Prepare audit reports and continuous improvement recommendations.
Integrate NIST-recommended cybersecurity best practices.

Manage security projects.
Conducting PCI-DSS / ISO27001 certification renewal audits.
Follow-up on actions and recommendations from security audits and
penetration tests with operational security teams.
Conduct security Workshops for business and technical projects.
Monitor the Rapid7 vulnerability management solution.
Follow-up on audit action plans and penetration tests.
Monitor SOC alerts and security incidents.
Formalize security technical baselines (Dashboards and KPIs).
Collaborate with technical teams to define and study business needs.
Coordinate with all stakeholders to ensure timely development of
solutions.

Conduct technical installations.
Define architectures for new sites.
Detect, analyze, and qualify cyber incidents, threats, and attacks.
Ensure data analysis for various IT systems.
Collaborate with stakeholders to ensure timely development of
solutions.
Design technical solutions and deliver technical documents: HLD, LLD,
support documents.
Provide technical support and assisted teammates.
Administer Palo Alto, F5 (WAF, LTM, APM, DNS), and ISE.
Manage the CyberArk solution for administrator and contractor access.
Guarantee the analysis of the different IT data
Definition and redaction of the security policy of the company.
Supervision and management of projects.
Management, follow-up and coordination of projects with service
providers.

Designed and implemented secure network infrastructures for
enterprise environments, ensuring optimal performance and scalability.
Implementing network and Security solutions.
Ensuring security infrastructure & Networks Audit
Drafting of documents within the framework of the mission.
Troubleshooting hardware / software incidents
Providing support for Level 2 and 3 teams
Ensuring Technical installations & technical on-call service.