Nabil HOSNI

Experience

• 

  Institut Supérieur de Gestion de Tunis

  Jul 2003 - Dec 2009

  Network and computer systems administrator

  System & Network Administrator- Fully supporting, configuring, maintaining and upgrading networks and in ISG servers. - Installation and integration new server hardware and applications.- Ensure network security and connectivity. - Monitor network performance (availability, utilization, throughput, and latency).- Resolve problems reported by end user - Apply the best practices /recommendations on assets.

• 

  ANSI - tunCERT

  Jan 2010 - Oct 2018

  - Establishment of Request For Information (RFI), and Request For Proposal (RFP) for a National DDoS attack detection system, as part of the National Cyber Resilience enhancement Program.- Development of the National Cyber Security strategy for Burkina Faso (SNCS).- Setting up, and FIRST Site Visit Requirements and Assessment for Nigerian Computer Security and Incident Response Team, ngCERT.- Development of a general guide to support the establishment of the SOC- Security Operation Center and CERT/CSIRT based on the framework of CERT, FIRST, ENISA and open source tools, in order to integrate it more easily in African countries.- Develop and implement a Risk Management Framework (RMF) process, based on the NIST NIST Risk Management Framework, for national and regional organizations.- Develop and monitor the execution of the National Security assessment/ Penetration Testing program to improve Tunisia Global Cybersecurity Defense. - Study, design, implement, and audit ISMS- ISO 27001:2013 projects (policy, process, procedures and solutions or technical tools).- Technical advice in cybersecurity for several ministries, companies and organizations to develop, and improve their cyber defense.- Trainer, during the event AIS- Africain Internet Summit, on the establishment of a CERT/CSIRT using open source "free and with ROI".- Information Systems Manager: The main functions are the management of information and security technologies and the staff team (05 people), planning and management of IT and data operations, handling followed the IT and cybersecurity projects (studies, Budget, action plan, Business alignment, etc.), audit and evaluation of Information Systems security, management of crisis situations and business continuity, and coordinator of Quality management project, ISO 9001. Show less - National/ International point of contact and coordination with the FIRST, the CSIRT network, Internet Service Provider contacts, CISOs, as part of TunCERT proactive service.- Incident handling operations, when I has responsibility for national technical monitoring via National SIEM, Incident creation/tracking, incident categorization or classification, and finally to document Security Incident steps/ report.- Incident response on site via collection of technical elements, evaluation of the incident; and determine the incident Root cause. - Handling and examination the critical national incidents/ Crisis. - Advise the technical measures to remedy and limit the impact;- Development an Incident Response standard operating procedure- SoP- for several Critical Infrastructure.- Digital forensic analysis for many national cybercrime cases. The important responsibilities are described in 04 phases. The first phase is to collect information and evidence in a legally permitted manner. The second concerns the analysis of technical evidence such as recordings, disk and memory images, event and system logs, network and application traces, static and dynamic analysis of malicious code. The third phase involves presenting the results of ongoing incidents to other members (e.g., the investigation team, law enforcement agencies and clients), and the final phase of the forensic report on Cyber-crime is aligned with the rules and requirements of the United States Department of Justice. Show less

  • Chief Department in Technical Assistance, advice and Monitoring of National Projects

    Apr 2012 - Oct 2018

  • Cyber Security Incident Response (/and Digital Forensics ) Engineer

    Jan 2010 - Mar 2012
• 

  Qatar (Confidential)

  Nov 2018 - now

  Cyber Security Engineer

  -Assist in the building, integration and test of SDWAN Project (solutions)- Cyber Security Operation Center -CSOC- Enhancement Program: CSOC services Assessment and Survey, design of an Effective and Optimized CSOC, update and upgrade for CSOC Services encompasses IT solutions/Tools and CSOC documentation, and the audit of CSOC Services (SOC readiness for FIRST membership).- National Cyber Security Drill Team Coordinator “Star 8”: our team have exercised the single focal point for national cyber resilience, cooperation and coordination.- Establishing a guide for a general cyber security support system to support all mission systems that deal with operating technology (i.e industrial or special system, etc.), so that new systems can be more easily integrated into the business.- Execution of Cyber Security Assessment Mission: Three (03) phases, Pre-Assessment and site survey phase, the second phase is Discovery, Cyber threat hunting, and security Assessment and Penetration testing, and the last phase is reporting and Cybersecurity Defense Posture.- Upgrade the Information Security Documentation Framework include the Charter, Information Security Policy –I.S.Policy-, Processes, and Standard Operating Procedures -SoPs- based on Qatar National Legal/Laws and NIST 800-53 Controls, NATO and ISO requirements.- Follow up and Cyber advise of the majority of Cybersecurity projects. - Building a Cybersecurity Risk Management Framework based NIST RMF. Show less