Hi, my name is

Bilel.

I build things for security.

I'm a Security Research & Penetration Tester specializing in uncovering vulnerabilities and designing robust defenses for enterprise organizations.

Get In Touch

About Me

With over 12 years of experience at organizations like Microsoft, IBM, Splunk, and BlueVoyant, I've built a career focused on identifying vulnerabilities and implementing effective security solutions. My expertise spans MSSP and MDR services, having worked across the EU, US, Asia, and UAE with clients ranging from financial institutions to manufacturing giants.

I specialize in translating complex security challenges into practical, implementable solutions. My approach combines deep technical knowledge with business acumen, ensuring security measures enhance rather than hinder operations. I've led SIEM implementations, SOC operations, and threat hunting initiatives that have measurably improved clients' security postures.

When I'm not immersed in cybersecurity, I train in Brazilian Jiu-Jitsu—a discipline that, like security work, requires strategy, patience, and adaptability. I also enjoy fishing and spearfishing, activities that provide both the thrill of the hunt and moments of reflection.

Key focus areas: Security Architecture, Penetration Testing, SIEM Implementation, SOC Operations, Threat Hunting.

Areas of Expertise

Security Architecture & Engineering

Designing and implementing robust security infrastructures including firewalls, SIEM systems, and endpoint protection. Experience with cloud security (Azure, AWS) and hybrid environments.

Specialized in creating defense-in-depth strategies that protect critical assets while maintaining operational efficiency.

Penetration Testing & Red Teaming

Conducting comprehensive penetration tests, vulnerability assessments, and red team exercises to identify and remediate security weaknesses.

Expertise in network, web application, and cloud environment security testing using both automated tools and manual techniques.

Threat Hunting & Detection Engineering

Proactive threat hunting using advanced analytics and threat intelligence. Developing custom detection rules and automating threat response with SOAR platforms.

Created MITRE ATT&CK-aligned detection strategies that reduced mean time to detection by 65%.

SOC Operations & Incident Response

Building and managing Security Operations Centers (SOC). Leading incident response efforts, including containment, eradication, and recovery from security breaches.

Developed playbooks that improved incident resolution times by 40% across multiple enterprise environments.

Professional Experience

Client Security Architect

BlueVoyant

Advised enterprise clients across Asia, Europe, the US, and UAE on MXDR and Microsoft security platforms, leading technical strategy across Sentinel, Defender, and Splunk. Delivered global platform reviews, detection engineering, log optimization, and SOAR automation. Directed SIEM/EDR gap assessments, created custom detections, and handled service transitions such as EDR-to-XDR migrations. Acted as the daily technical liaison to CISOs, engineering teams, and product teams on a global scale.

Head of SecOps

Ministry of Justice

Directed the SecOps function, overseeing national firewall and endpoint security environments. Championed the implementation of robust security controls and best practices across cloud (Azure, Defender) and on-premises systems. Enhanced detection capabilities, improved SOAR workflows, and delivered comprehensive SOC analyst training. Managed Splunk engineering and log quality assurance, developed MITRE ATT&CK–aligned dashboards, and led the response to critical security incidents.

Security Architect

IBM

Delivered SIEM engineering, SOC architecture, and incident response for clients like NHS England, Mercedes-Benz AG, and Citi Bank. Led Splunk ES, Sentinel, and ITSI deployments; developed MITRE-based use cases; and optimized EDR platforms including CrowdStrike and Cortex XDR. Directed SOC teams, reported to CISOs, and traveled extensively across Europe for client-facing workshops, investigations, and board-level security reviews.

Network Security Administrator

ADVA Optical Networking

Migrated global firewalls to Palo Alto Networks and secured global connectivity using Panorama, GlobalProtect, and MFA. Automated deployments with Terraform and Ansible. Supported acquisitions with full-stack assessments and endpoint protection rollouts using Palo Alto Traps. Maintained compliance with ISO 27001 and executed high-availability upgrades across regions.

Cyber Security Analyst

BAE Systems Applied Intelligence

Managed threat response and detection rule creation for ArcSight environments. Developed operational SOC processes, mentored junior analysts, and authored correlation rules targeting emerging attack trends. Delivered actionable risk analysis to clients across sensitive sectors.

Interested in the full career story or more technical detail? I'm happy to share my complete CV upon request.

Request Full CV

Certifications

OffSec

  • Offensive Security Certified Professional
  • Offensive Security Wireless Professional
  • Offensive Security Web Application Professional

CompTIA

  • CompTIA Linux+
  • CompTIA Linux Network Professional
  • CompTIA Network+
  • CompTIA Network Vulnerability Assessment Professional – CNVP Stackable Certification
  • CompTIA PenTest+ ce Certification
  • CompTIA Security+ ce Certification
  • CompTIA Security+

ISC² & Palo Alto

  • CISSP Certification
  • Palo Alto Networks Accredited Configuration Engineer (ACE)

Splunk

  • Splunk Knowledge Objects – Onsite
  • Splunk Using Enterprise Security
  • Splunk Architect
  • Splunk Consultant I
  • Splunk Consultant II
  • Splunk Admin
  • Searching and Reporting with Splunk 6.x – eLearning
  • Splunk Accredited Consultant
  • Splunk Administration – Virtual

Get In Touch

I'm always open to discussing new projects, security challenges, or opportunities to collaborate. Whether you have a question or just want to say hi, feel free to reach out!

Say Hello