Jérémy Catelain

Jérémy Catelain

French-flag

PwC Cybersecurity consultant

Cybersecurity engineer graduated from the ECE Paris-Lyon with a cybersecurity speciality. I've spent one semester at the RUAS (Rotterdam Universtity of Applied Science) to receive a penetration testing training. I am currently a senior cybersecurity consultant at PwC with 6 years of experience in the following areas of activity:

  • Cybersecurity technical assessment (penetration testing, internal audit, Red Team, SOC assessment, phishing campaigns...)
  • Active Directory security and remediation
  • Multi-scope audits expertise (audit manager, penetration testing, configuration review, architecture review and physical and organizational review)
  • Cybersecurity assessments (NIST, internal audit technical support...)
  • Incident Response (1st Responder)
  • Cyber risk analysis (IEC/ISO 62443, EBIOS, EBIOS RM...)
  • And various cybersecurity supports (RSSI support, post incident review, white papers writting...)

Detailed previous experiences

Certifications

OSCP - OffSec Certified Professional AWS Certified Cloud Practitioner Microsoft Certified: Azure Fundamentals SLAE32 - X86 ASSEMBLY LANGUAGE AND SHELLCODING ON LINUX

Experiences

November 2023

AWS Certified Cloud Practitioner

July 2023

OffSec Certified Professional (OSCP)

November 2022

SLAE32 - X86 ASSEMBLY LANGUAGE AND SHELLCODING ON LINUX

March 2022

Microsoft Certified: Azure Fundamentals

January 2020

Bluecyforce - blue team cyber security training center

February 2019

PwC - Cybersecurity consultant

2018 - 2019

Hogeschool Rotterdam - Security-Lab, Cybersecurity

2016 - 2019

ECE. Ecole d'ingénieurs. Engineering School

DETAILED PREVIOUS EXPERIENCES

technical-assessment

Technical assessment

  • Web penetration testing
  • Mobile penetration testing
  • External penetration testing
  • Internal penetration testing
  • SOC Assessment (Technical and organizational maturity evaluation of Security Operating Centers)
  • Red Team (technical assessment, social engineering, phishing campaigns, USB dropping…)
  • Configuration review (Linux, Windows, switch, router, firewall…)
technical-assessment

Security audit

  • Multi-scope audits in Operational Technology (OT) and Information Technology (IT) environments: Organizational and Physical review, Architectural review, Configuration review and Penetration testing
  • Internal audit team support
technical-assessment

Remediation

  • Security assessments of infrastructures (Active Directory, Exchange server, ADCS, network…)
  • Technical security support for the rebuild and the hardening of Active Directory environments
  • Design of a secure target architecture (Active Directory, network segmentation, administration…)
  • Design of an Active Directory migration roadmap
  • Security support during the migration to the target architecture
  • Security support for the cleaning and rebuilding of applications and services
technical-assessment

PwC CSIRT - Incident Response

  • Incident response as First Responder
  • Definition of the global Incident Response process of a worldwide aviation and aerospace company
  • Post incident review (technical and organizational review incident response measures)
technical-assessment

CISO & Security team supports

  • CISO support
  • Cyber risk analysis in OT and IT environments (IEC/ISO 62443, EBIOS, EBIOS RM…) and Roadmap definition
  • Technical security support in all project phases (tender process, project definition, building phases…)
technical-assessment

Diverse cybersecurity expertises

  • High level security assessments based on security standards (e.g. NIST) and on custom assessment frameworks
  • Writing of white-paper and security analysis (passwordless, Active Directory in industrial environment, Infrastructure Security Analysis with Active Directory Alternatives…)
  • Writing of security guides (workstation, server, domain controller, proxy, firewall, etc.)