Sofiane Medhkour, Cyber Security Manager

Sofiane Medhkour

Cyber Security Manager

SORFERT SPA FERTILIZER COMPANY $ 2,2 billion

Location
France - Paris
Education
Master's degree, ingénieur d'état en informatique
Experience
17 years, 2 Months

Share My Profile

Block User


Work Experience

Total years of experience :17 years, 2 Months

Cyber Security Manager at SORFERT SPA FERTILIZER COMPANY $ 2,2 billion
  • Algeria - Oran
  • My current job since September 2022

Cyber SECURITY lead, and cyber SECURITY group member with SORFERT- FERTIGLOBE world's largest export- focused
nitrogen fertiliser Platforms and largest producer of urea and merchant ammonia.
with accomplished task:
- Group Cybersecurity Insurance
- Development and approval of group cybersecurity policies and kicking off the local endorsements and enforcement
- Designing and deploying trust zero network architecture
- laying out cybersecurity capabilities with Microsoft O365 migration project
- Addressing audit and internal control findings
Execution of roadmap, with each initiative being on a different execution phase, i.e., SOC, Cybersecurity Awareness, PAM, and
vulnerability management
- Laying out the required groundwork to have a group OT/Plant enterprise agreement with a well-known OT cybersecurity leader

IT security and infrastructure technical Lead at Apt Sys Mallyance
  • France - Paris
  • My current job since September 2023
Head of System and Security at SORFERT SPA FERTILIZER
  • Algeria - Oran
  • June 2015 to September 2022

Built SORFERT’s on-premise systems solutions and security multi-layering, maintaining, delegating tasks, and upgrading.
A highly skilled and well-seasoned senior level head of systems and security, Microsoft certified professional, Certified information
systems security officer, and Security Architect backed with certification and over 15 years of expertise in planning, designing,
coordinating, implementing and evaluating the effectiveness of systems and enterprise infrastructure, acting as a solution and
security Architect, responsible for the definition and implementation of the systems and Security, oriented multi-site and distributed
solutions.
Recognized and respected as a leader in the IT organization. Evaluate internal security posture, and conduct risk assessment with
report, using appropriate elements framework and tools, from: International Organization for Standardization (ISO) 2700X, ITIL,
COBIT/Risk IT & National Institute of Standards & Technology (NIST), CSET from CISA. Designated as Job Leader for
IT/Security Policies and Controls Framework building and validation with partners- Designed validated and implemented the
architecture of mobility Management and DRP for the company
Designed a tuned predictive SOC IT/OT architecture for the company, with abstract submission to Korea world gas call for
conference 2020 which was delayed to 2022.
Analyze innovative systems and integrate new computers, networks, databases and mobile communications technologies.
Work with and advise team members and customers on best practices, advanced troubleshooting, and future systems designs
update, develop strategies that utilize existing infrastructure to provide enhanced defense to system attacks. Design and
implement system requirements, processes, and design specs based on organizational needs, security/compliance policy, and
industry trends. Designing, implementing and auditing multi-level security, integrity, availability of the company’s data. Designing,
implementing, deploying Enterprise mobility management (EMM), Desing SOC, SIEM automation and Orchestration. Designing,
implementing, and troubleshooting multi-site Active Directory 2003/2008/2012/2016 /2019 environments AND multi-site microsoft
Exchange 2003/2007/2010/2013/2016/2019, and security gateways (ironport email & mobileiron) and site resiliency. Designing,
implementing, and troubleshooting multi-site High Availability, application delivery, reverse-proxy, web application firewalling and
data replication
Designing, implementing, configuring and troubleshooting high availability site to site Exchange server 2016, and cluster cisco
3/10
ironport email security gateway. Designing, implementing, configuring and troubleshooting site to site SCCM 2019, SCOM 2019,
SVMM2019 and storage area networks. Evaluate environments and recommend best practice solutions. Designing, implementing
backup plan and solution for multisite with database replication. Virtualization technologies including VMware ESXi, Hyper-V
Clustering. Expertise in routing and switching technology and terminology as well as the OSI model. Proficient with Storage
solutions. Strong technical experience with all Microsoft enterprise products, Hyper-V, KempTechnology, F5/FORTINET/Cisco
(email security/Web security/ identity security)/Sonicwall firewalls, Microsoft Server, and SAN technologies.
SSL WILDCARD CA Certification, SPF, DKIM, DMARC, PTR, TLS, SSL, PKI, DLP, Encryption
Enterprise Mobility Management (MobileIron, SOTI, BlackBerry, Microsoft Intune, Citrix)
Application delivery control and availability solutions, ESP, WAF, F5 BIG IP LTM, Geographical load balancing, Kemp
LoadMaster, Geo Master, Radware, Fortinet, Barracuda ADC, HAProxy, reverse proxy. Monitoring & analysis: fortisiem, events
logs, SCOM, Splunk, Qradar, Automation thread response and orchestration with Splunk Phantom, fortisiem, labels with python
On-premise deployment of upload and transfer solution nextcloud and linshare

Ingénieur administrateur systèmes niveau 2 at SORFERT SPA FERTILIZER COMPANY
  • Algeria - Oran
  • June 2012 to June 2015

Elaboration et conception de l'infrastructure systèmes de l'entreprise. deux sites Actif.
Déploiement de la messagerie exchange 2010 en multisites, administration et suivie avec résolution des pannes
AD directory, DNS, SCCM, SCOM, EXCHANGE, backup/replique, SAN/NAS, Application en deux site actif /actif
Déploiement SCCM 2007 en multisite pour la gestion de l'asset information, administration et orchestration des taches sur un parc de 600 PC et 60 serveurs
design des noms de domaines et du schéma master, déploiement de l'architecture directories pour l'ensemble du groupe, local et site distant, créations des relations d'approbations
supervisons des performances et des pannes avec SCOM et nagios
Conception et design de l'architecture mobility pour le groupe, déploiement de solution mobileiron pour la gestion de la conformité du parc mobile
design et déploiement de l'Endpoint protection pour le groupe
création des policy et procédures au niveau master et insertion sur tous le parc du groupe
- Déploiement des solution gateway\passerelles de sécurité frontale email gateway cisco ironport en cluster
- Design datacenter hyperconvergés hp blade system
- Déploiement et administration d'HP Dataprotector pour la sauvegardes des donnés
- attribution des droits d'accès, création des gpo
- Gestions des sites web de la company
- Gestion des vulnérabilité et maintien a jours tout les systèmes.

EL MERK Project IT Manager \ Responsable IT at Sonatrach\ Anadarko ELMERK $ 3,5 billion Central Processing Facility Project HASSI BERKINE
  • Algeria - Algiers
  • August 2009 to April 2012

Central Processing Facility ELMERK project bloc 208 lot 1&7 (Anadarko & Sonatrach, HASSI BERKINE, Algeria, in Desert of
Algeria), Project IT Manager from August 2009 to Mars 2012 with mission building company's IT infrastructure from end to end
infrastructure building
solutions architecture
Strategic / Tactical planning
Budget Management
Team Building
Project Management
Vendor negotiations
Staff training and development
Policy / Program Development
Staffing / Employee Relations
- Build IT solutions and facilities from end to end
- Designing and definition of IT needs for the entire Project.
- Planning, realization and implementation of all IT procedures.
- Ensuring continuity of IT services (7 / 7).
- Participation in the implementation of new IT systems in collaboration with suppliers.
- Managing All the IT Needs.
- Participation in the preparation of budgets, control IT costs and reporting activities.
- Ensure coordination with subsidiaries

Project IT engineer (administrating systems and networks ) at SKT- ORASCOM - ALSTOM - SONELGAZ TERGA POWER PLANT $ 1.99 billion PROJECT
  • Algeria - Oran
  • February 2009 to July 2009

IT engineer Support level 2 and 3 for the project
- Reporting to the company Head office at Algiers
- Supported and maintained LAN/WAN and related equipment.
- Exchange 2007 messaging multisite administration and security gateway instalation and administration.
- Diagnosed and resolved all network related issues.
- Created and made changes to end user accounts.
- Designed and implemented a Microsoft SQL 2008 server database greatly improving record keeping and access to records.
- Monitored daily backups, antivirus status, shared storage space and network activity, adjusting network equipment and settings
as needed.
- Designed, managed and maintained group policies.
- Developed and supported custom backend software for use of job tracking, inventory, shipping and workflow management.
- Analyzed and revamped antiquated and inefficient processes to increase productivity while bringing in newer and more efficient
technologies. Brought the company and network up to industry standards, ensuring 99% uptime.

System & Network engineer at EEPAD TISP Internet and communication Provider $ 40 Million
  • Algeria - Oran
  • January 2008 to January 2009

Assuring internet backbone cover and distribution for west Algeria area including connexion for Oran, tlemcen, sidi belabbes,
temouchent, mascara, arzew and mostaganem)
Skilled in the design and deployment of large scale local and wide area network systems including TCP/IP, Subnetting, DNS,
DHCP, xDSL, T1 and DS3.
Extreme attention to detail, capable of thinking independently and quickly resolving critical network issues.
Expertise with Cisco systems.
Recognized for exceptional analytical and problem solving skills with a proven ability to identify and resolve root cause outages or
performance issues.
Design and maintain comprehensive reports on capacity utilization and load balancing.
Implement layer 3 routing and layer 2 switching with dynamic routing protocols.
Set up and configure security systems,
manage domains registrations
- Designing, implementing, and troubleshooting multi-site and metropolitain WAN environments
- Administration internet backbone of west Algeria, installing, deployment of professional solution (Vsat connection, FH, LS,
FTTH…. for big company.
- Cisco router, firewall, switch, and access point configuration and management.
Extensive knowledge of MPLS, BGP, and OSPF.
Expertise in routing and switching technology and terminology as well as the OSI model and how it applies to telecommunications.
- Configuring, administering Cisco’s Gateways
- Monitoring, Problems Troubleshooting, detection and resolving

IT Engineer at NEC $ 36 Billion
  • Algeria - Oran
  • March 2007 to December 2007

- Deploying NEC transmission solutions for Operators ( djezzy, Nedjma, mobilis..)
- installing rack servers and optical fiber
- Deployement of Telecom Solutions, dish & gateways for Telecom operators.
- Wide transmission coverage solutions.

Education

Master's degree, ingénieur d'état en informatique
  • at univercity of sciences and technology of Oran Algeria
  • June 2007

Computer sciences engineer, specialized in distributed systems engineering discipline with expertise in grid computing architecture, conception, implementation and deployement.

Specialties & Skills

solutions architecture
Enterprise mobility management
build informations technologies from end to end ( infrastructure, management, office automation)
Automation thread Response
System information Security
Microsoft exchange 2003/2007/2010/2013/2016/2019
Application White listing
Information protection and analysis
Desaster Recovery Planing
Security information and event Management
Risk Assesment and compliance
Data loss prevention
Vulnerability assesment and management
Microsoft Certified Professional
SOC, NOC, SIEM, SOAR

Languages

Arabic
Expert
English
Expert
French
Expert

Training and Certifications

Tenable SC Specialist (Training)
Training Institute:
Tenable
Date Attended:
October 2023
Duration:
20 hours
Fortinet NSE 4 (Training)
Training Institute:
learneo
Date Attended:
June 2023
Duration:
40 hours
Cloud Computing Security (Certificate)
Date Attended:
April 2023
DMARC Fundamentals (Certificate)
Date Attended:
March 2023
Deploying DMARC (Certificate)
Date Attended:
March 2023
CYBER SECURITY OT AWARNESS (Training)
Training Institute:
sonatrach management academy
Date Attended:
January 2023
Duration:
40 hours
CISSO/CISSP certified information systems security officer (Certificate)
Date Attended:
October 2016
Huawei OceanStore (Certificate)
Date Attended:
March 2021
System Center Server manger 2019 (Training)
Training Institute:
Cogitar
Date Attended:
March 2020
Duration:
40 hours
Kemp certified technical professional (Certificate)
Date Attended:
October 2019
Kaspersky Endpoint Security and Management Fundamentals (Training)
Training Institute:
DECIMA
Date Attended:
March 2018
Duration:
24 hours
CEH V10 Ethical Hacker V10 (Training)
Training Institute:
Keystone Tn
Date Attended:
November 2018
Duration:
40 hours
Microsoft Exchange 2016 Server (20345-1) (Training)
Training Institute:
Cogitar
Date Attended:
September 2018
Duration:
40 hours
Administering System Center Configuration Manager 2012 (SCCM 2012) (Training)
Training Institute:
Cogitar
Date Attended:
March 2018
Duration:
40 hours
Advanced Solutions of Microsoft Exchange Server 2013 20342B (Training)
Training Institute:
COGITAR
Date Attended:
December 2016
Duration:
40 hours
Exchange Server 2013 Core Solutions [22341] (Training)
Training Institute:
COGITAR
Date Attended:
November 2016
Duration:
40 hours
SWSA- Securing the web with ciscoweb security appliance 2.1.0 (Training)
Training Institute:
Fast Lane,ICDD #804 Smart Heights DAMAC, TECOM, DUBAI, UAE
Date Attended:
January 2018
Duration:
20 hours
VMware vSphere: Install, Configure, Manage [V6] (Training)
Training Institute:
Lerneo
Date Attended:
December 2016
Duration:
40 hours
SYNOLOGY NAS (Training)
Training Institute:
NAS Trainingscentrum.nl Ijsselstein, Utrecht Netherlands
Date Attended:
November 2016
Duration:
24 hours
Administrer SQL Server 2012 (Training)
Training Institute:
CESI
Date Attended:
May 2016
Duration:
40 hours
ITIL v3 Foundation (Training)
Training Institute:
Formatech
Date Attended:
September 2016
Duration:
24 hours
Installing and Configuring Windows Server 2012 (MS22410) (Training)
Training Institute:
ICT TOWERS
Date Attended:
November 2015
Duration:
40 hours
Administering Windows Server 2012 (MS22411) (Training)
Training Institute:
ICT TOWERS
Date Attended:
December 2015
Duration:
40 hours
Securing Email with Cisco Email Security Appliance (SESA) (Training)
Training Institute:
Fast Lane,ICDD #804 Smart Heights DAMAC, TECOM, DUBAI, UAE
Date Attended:
November 2015
Duration:
24 hours
Designer Microsoft Exchange 2010 ( Microsoft certified MOC 10233) (Training)
Training Institute:
COGITAR
Date Attended:
February 2014
Duration:
40 hours
Specialist Microsoft Exchange 2010 (Microsoft Certified Technology Specialist MOC10219) (Training)
Training Institute:
COGITAR
Date Attended:
April 2013
Duration:
40 hours
Specialist Microsoft windows server 2008 (Microsoft Certified AF 6432) (Training)
Training Institute:
COGITAR
Date Attended:
May 2013
Duration:
40 hours
CISCO CCNA (Certificate)
Date Attended:
January 2008
Valid Until:
January 2011
Specialist Microsoft windows server 2008 ( Microsoft Certified AF 6431) (Training)
Training Institute:
COGITAR
Date Attended:
May 2013
Duration:
40 hours

Hobbies

  • BOXE
  • SPORT
  • traveling