Mathias

My background

With a Two-year technical degree in Computer Services for Organizations from the Université Pierre-Marie Curie, a vocational degree in Network and Computer System Security from the Université d’Orsay and a Master’s in Computer Security from a private engineering school, my higher education studies were very varied.

My professional career started very early. At the age of 18, I was doing a block release training in the IT department of a major international corporate strategy consultancy. Two years later, I continued my studies, with the Wenture group (now Hifield, Almond’s parent company) as a system and network administrator.

At 21, already passionate about IT security, I joined Almond’s Information Security business unit and SOC CERT CWATCH (Security Operation Center and Computer Emergency Response Team) practice. In 2017, I joined a 2-person team with the aim of creating from scratch the SOC and CERT products and services that would be sold by the company. Today, the team numbers 50 employees, all highly motivated.

My missions

When I first joined the SOC CERT practice, I was also joining a company on a human scale, with a start-up spirit and always up for a laugh or some activity. The first year was certainly one of the most rewarding of my career: the creation of an SOC and incident response processes. For each new product or service to be implemented, the first thing to do was to analyze the products or methodologies available, test them, develop new ones, and build up as we went along what would a few months later become the SOC CERT infrastructure, services and products.

My missions have been diverse and varied. Almond’s SOC CERT has opted for an operational model that encourages versatility. There are no N1, N2 or N3 grades. All team members will be required to work on an alternating basis on: processing alerts and security incidents, improving our detection modules, maintaining the SOC infrastructure in operational condition, incident response, IT monitoring, etc. This encourages team cohesion and rigor, as there is no single, unchanging “front-line”. As a SOC CERT consultant, I also have a technical sales role, and it’s my job to build customer loyalty, lead operational meetings, identify and meet their expectations.

Finally, the missions I’m particularly fond of are very often linked to incident response activity (DFIR and reverse engineering), threat intelligence or Purple Team. The use of a firing range infrastructure enables each team member to increase their skills in these different subjects, to test TTP (Tactics, Technique and Procedure) and to considerably improve our detection perimeters or our reactions to incident response situations.”

My daily routine at Almond

It’s impossible to have two identical days in the same week when you work in IT security. Even so, apart from the exciting missions and hyper-stimulating challenges, my daily routine at Almond could be summed up as moments of exchange and sharing with teams and individuals all passionate about one and only goal: protecting our customers!

The learning is immediate, and the friendly environment is a great help in developing skills. Finally, this job fulfills my desire for a diversity of tasks and actions, in a highly varied technical environment, within a close-knit and dynamic team, all while being in a company that allows me to grow professionally!