Thomas Fournier

Cybersecurity Engineer | Geneva, CH

contact@thomas-fournier.ch LinkedIn GitHub

About

Cybersecurity professional with 2+ years in SOC and Incident Response (security alert analysis, BEC and ransomware investigations). As a SOC Analyst and Incident Responder, I manage alerts, investigate incidents from end to end, and guide clients throughout the response process from initial detection to resolution. I also contributed to the development of IR processes and response procedures. Aspiring to cloud security (AZ-500 in progress, then SC-300). Based in France near Swiss border.

Experience

Cybersecurity Engineer

æxin, Geneva | 2025 - Today

  • Analyze alerts and respond.
  • Realize red team missions.
  • Migrate to SIEM Sentinel.

Incident Responder & SOC Analyst

ZENDATA, Geneva | 2023 - 2025

  • Lead end-to-end ransomware and BEC investigations.
  • Deploy the SOAR tool and continuously improve it.
  • Create playbooks and automations.

Skills

Adaptability & flexibility
Continous learner
Autonomous
Problem-solving
Collaboration
Persistent

Certifications & Education

Certifications

  • Blue Team Level 1
  • INE Certified Cloud Associate
  • AZ-500 Azure Security Engineer (on going)
  • SC-300 Identity & Access (planned)

Education

  • ESAIP, Ecole d'Ingénieurs | 2018 - 2023
  • Universidad Nacional de Cuyo | 2022
  • SEAMK, Seinajoki University of Applied Sciences | 2021

Tools

SIEM (Sentinel, Elastic & Tehtris)
Microsoft Azure
SOAR (Tines)
ASM (Panop & Group-IB)
SEG (Proofpoint)
EDR (Crowdstrike & Tehtris)

Projects

Red Team

Design and deployment of a complete Microsoft Azure environment. Provisioning of email services and mapping of the infrastructure to a custom domain with appropriate DNS. Conducting OSINT reconnaissance within the organization. Execution of the attack plan.

SOAR Deployment and Continuous Improvement

Led the implementation, deployment, and continuous improvement of the Tines SOAR platform by developing and maintaining automated playbooks designed to streamline repetitive security operations workflows. This automation reduced manual engineer effort on low-value, recurring actions, allowing the team to focus on higher-impact investigations and strategic improvements.