Your browser is outdated!

To ensure you have the best experience and security possible, update your browser. Update now

×

Mohamed Riadh Zehani

Senior Security Engineer / SOC analyst

Autonomy & initiative
Versatile
Collaborative mindset
Continuous learning mentality
Cybersecurity Manager at EY Belgium with over 11 years of IT experience, specialized in Operational Security (SecOps), SIEM/EDR/XDR architecture, Security monitoring (Log management and Detection engineering), Incident Response, Threat Hunting, Threat Intelligence, and unified vulnerability management within critical, highly regulated environments (NIS2, DORA, ISO 27001). With proven expertise in multi-client and MSP service delivery, he combines a strong technical infrastructure background (system and network hardening) with the ability to collaborate directly with governance stakeholders (CISO, ISM) on policy writing and executive reporting, making him an ideal fit for Testessenderlo group. Based in Brussels, he is available on short notice.
Resume created on DoYouBuzz
Experiences

MANAGER Cyber Security

EY Belgium
Since October 2025
Belgium
  • Leadership of SOC/SIEM transformations for enterprise-scale clients
  • Establishment of monitoring strategies and detection frameworks
  • Modeling of security operations aligned with business and regulatory requirements
  • Incident Response: management of incident responses (investigation, containment, remediation, team coordination), development of IR playbooks and post-incident analysis
  • Conducting advanced threat hunting operations to identify dormant threats and indicators of compromise
  • Collaboration with client security teams to contextualize sector-specific risks
  • Backup Management Audit: mandated as external auditor for comprehensive audit of backup infrastructure and business continuity; maturity assessment and compliance recommendations
  • ISO 27001 Audit: focused on logging and monitoring devices and incident detection, verification of critical domains
  • Technical support to the GRC team for NIS2 compliance: architecture guidance, definition of technical controls and monitoring

Senior SOC Engineer

ODDO BHF
October 2024 to September 2025
  • Operational management of the SOC: alert triage, incident analysis, escalations, technical coordination
  • Development of advanced detection rules and automation playbooks
  • Proactive threat hunting on production environments
  • Investigation of suspicious activities (lateral movement, RMM abuse)
  • Improvement of telemetry coverage and integration of log sources

SR. CYBER SECURITY CONSULTANT | SOC / SIEM ENGINEER

EY TUNISIA
March 2019 to July 2024
  • Management of multi-client SOC engagements: architecture, detection engineering, monitoring
  • Implementation of security solutions: SIEM (Microsoft Sentinel, Splunk, IBM QRadar), EDR/XDR (Microsoft Defender, CrowdStrike), CTI (OpenCTI) integration into operational detection processes
  • Hardening and securing client environments: Server security configuration (Windows Server, Linux)
  • SOC maturity assessments with improvement roadmaps
  • Design and development of Cyber Threat Watch: Web application for threat intelligence (CTI) aggregating critical vulnerabilities (CVSS), zero-day exploits and threat intelligence to inform clients on proactive detection and prioritization of security risks

SOFTWARE ENGINEER (Prior Experience)

Axians / Alliacom / Pixel Web / Ozone Connect
2015 to 2019
  • Full-stack Ruby on Rails development with expertise in RESTful APIs, automation scripting
  • Foundation in software engineering applied to automation & security scripting
Education

Engineering Studies in Computer Science

ESPRIT – Private Engineering School

2015 to 2019

Bachelor's Diploma in Applied Computer Science

Higher Institute of Medical Technologies of Tunis

2008 to 2011
Certifications

Certifications

Microsoft Certifications
• SC-200 – Security Operations Analyst Associate
• SC-900 – Security, Compliance, and Identity Fundamentals
• AZ–104 – Azure Administrator Associate
• AZ-900 – Azure Fundamentals
Professional Training
• QRadar SIEM Administration – IBM Partner Environment
• Splunk Cyber Defense Analyst – Hands-on Training
• Incident Response – INE Training Platform
• Threat Hunting – INE Training Platform
• OT CyberSecurity Foundations -netriders academy
Skills

Security Operations

  • SIEM Administration: Microsoft Sentinel, Splunk, IBM QRadar, ELK
  • EDR/NDR/XDR: Microsoft Defender, Vectra AI, CrowdStrike
  • Development of detection rules and alert tuning
  • Advanced threat hunting and incident investigation
  • Playbooks and automation workflows (SOAR)
  • SOC Management: alerts, incidents, escalations, team coordination

Networks & Infrastructure Security

  • VLANs, VPNs, secure routing and network threat hunting
  • Windows Server & Linux hardening
  • Microsoft 365 & Azure security operations
  • Technical security reviews & remediation plans
  • OT Fundamentals

Multi-Client / MSP Environments

  • Configuration and monitoring of outsourced infrastructures
  • Management of multiple clients in parallel
  • Documentation & scalability
  • Cross-functional technical advisory
Languages
  • French
    C2 Native
  • English
    B2 Profesionnal
  • Dutch
    Currently Learning
Resume created on DoYouBuzz
Download Download