ENSA Khouribga — RIC / Cybersecurity 2024–Present

OTHMANE
NECHCHADI

// Cybersecurity & Intelligent Networks Engineer

Final-year engineering student at ENSA Khouribga, specialising in OT/ICS security, SOC operations, and threat detection. Passionate about securing industrial systems, building automated detection pipelines, and bridging the gap between IT and OT environments.

Get in Touch View Projects

nechchadi@khouribga:~$

$ whoami

othmane.nechchadi

$ cat profile.json

{

"role": "Cybersecurity Engineer",

"school": "ENSA Khouribga",

"focus": [

"OT/ICS Security",

"SOC / SIEM",

"Threat Detection"

"status": "Open to PFA 2026"

}

$ ping c2-server

BLOCKED — firewall active ✓

// 01 — Experience

Professional Background

Cybersecurity & Intelligent Networks Intern

July – August 2025

OCP Group — MIK/G/E/E (Eaux, Électricité & Télécommunications) · Khouribga, Morocco

Secured Modbus TCP communications to protect industrial control exchanges between PLCs (OT Security).
Contributed to a feasibility study for converting Komatsu 730E-10 mining trucks to green hydrogen (control, safety & operations).
Supported industrial supervision architecture design: CAN, private LTE, secure MQTT, SCADA — with technical recommendation documentation.
Implemented OT cybersecurity measures aligned with industrial best practices.

// 02 — Projects

Academic & Personal Work

SOC · Blue Team

Automated SOC Deployment & Detection Coverage

Designed and automatically deployed an open-source SOC architecture with Wazuh, OpenSearch, Sysmon and Auditd, orchestrated via Ansible. Centralised log ingestion, real-time threat correlation and detection coverage evaluation via MITRE ATT&CK Navigator. Metrics: MTTD, false-positive rate, coverage ratio.

Wazuh OpenSearch Ansible Sysmon MITRE ATT&CK Auditd

SIEM · EDR · Honeypot

SIEM/EDR, Keylogger & Honeypot Infrastructure

Full SOC lab under VirtualBox: pfSense firewall, Suricata IDS, Wazuh SIEM/EDR/FIM, Syslog-ng transport and automated Active Response. Real-time SYN Flood detection and blocking with custom decoders (filterlog, EVE JSON) and MITRE ATT&CK correlation.

pfSense Suricata Wazuh Syslog-ng VirtualBox

GRC · Risk Analysis

Risk Analysis — ISO 27005 / EBIOS RM

Complete threat modelling on a vaccine laboratory scenario: attacker profiling, attack path mapping, MITRE ATT&CK alignment, risk scoring and treatment plan generation following ISO 27005 and EBIOS RM methodologies.

ISO 27005 EBIOS RM MITRE ATT&CK STRIDE

Malware Analysis

Static & Dynamic Malware Analysis — brbbot.exe

Full malware analysis lab on brbbot.exe in an isolated VirtualBox environment. Static analysis via PEStudio (imports, entropy, hashes), dynamic analysis via Procmon and Regshot (+227,852 registry keys delta). IoC identification and C2 behaviour classification.

PEStudio Procmon Regshot Sysmon VirtualBox

Virtualisation · Storage

iSCSI Configuration — ESXi & TrueNAS

Lab deployment of an iSCSI SAN between VMware ESXi (Type-1 hypervisor) and TrueNAS in a VMware Workstation environment. Storage target configuration, initiator mapping and datastore provisioning.

VMware ESXi TrueNAS iSCSI VMware Workstation

Web · Dev

Task Management Web Application

Full-stack task management platform developed with HTML, CSS, PHP and XAMPP with MySQL database integration for CRUD operations, user sessions and task tracking.

PHP HTML/CSS MySQL XAMPP

// 03 — Certifications

Credentials

☁️

AWS Cloud Security Foundations

Amazon Web Services · Academy

2026 · 20h · Verify ↗

🔒

HCIA-Security V4.0

Huawei

2026

🛡️

Network Security

Cisco Networking Academy · ENSA Khouribga

Dec 2025

🌐

CCNA: Switching, Routing & Wireless

Cisco Networking Academy · ENSA Khouribga

Sep 2025

📡

Cisco Certified Network Associate (CCNA)

Cisco

2024

🏗️

Red Hat System Administration I (RH124)

Red Hat

2024

🔍

Introduction to the Threat Landscape 2.0

Fortinet

2024

// 04 — Skills

Technical Stack

⚙ Operating Systems

Linux (Ubuntu/RHEL) Windows Server Kali Linux

🔐 Cybersecurity

ISO 27005 EBIOS RM MITRE ATT&CK STRIDE OWASP EDR/XDR SIEM IDS/IPS PKI IPsec

🌐 Networks & Protocols

TCP/IP SSH MQTT Modbus TCP CAN DNP3 SCADA VPN ACL/NAT

🛠 Security Tools

Wazuh Suricata pfSense Wireshark Nmap PEStudio Procmon Regshot Sysmon

💻 Scripting & Dev

Python Bash PowerShell C LaTeX Git

☁ Cloud & Virtualisation

AWS (IAM/EC2/Lambda) VMware ESXi Hyper-V VirtualBox TrueNAS Ansible

// 05 — Contact

Let's Connect

I'm actively looking for a 6-month end-of-studies internship (PFA) in cybersecurity — OT/ICS security, SOC operations, PKI, or critical systems.

Feel free to reach out on any channel below.

$ Available for PFA internship — 2026
$ Location: Morocco · Open to relocation
$ Languages: French · English · Arabic

✉

Email othmane.nechchadi@gmail.com

LinkedIn linkedin.com/in/othmane-nechchadi

☎

Phone +212 664 142 883

OTHMANENECHCHADI

Professional Background

Academic & Personal Work

Credentials

Technical Stack

Let's Connect

OTHMANE
NECHCHADI