Enzo LE NAIR

Consultant in defensive and operational security.
EDR, threat hunting, incident response, AI tooling.

Cybersecurity Consultant · AI × Cyber Explorer

Let's talk

About

From infrastructure to intelligence.

Six years building and operating systems and networks gave me something most security consultants don't have: a ground-level understanding of how things really work before they break. That foundation is what shaped my approach to cybersecurity — not just defending perimeters, but understanding what's behind them. Today, I bridge operational security with emerging AI capabilities to build programs that are both resilient and forward-thinking.

⚙️

From the Ground Up

6 years of infra expertise turned into a cybersecurity advantage.

🤖

AI-Augmented Security

LLMs, agentic workflows & automation applied to real security challenges.

🛡️

Ops & Strategy

BUILD & RUN mindset: from architecture design to day-to-day security operations.

Expertise

What I do best.

🛡️

EDR & Endpoint Security

Deployment and management of EDR solutions at scale (+20k endpoints), including regulated and air-gapped environments. DevSecOps integration.

🎯

SOC Operations & Threat Hunting

Proactive threat hunting, SIEM use case development, threat intelligence operationalization, and detection enhancement.

🔬

Incident Response & Forensics

Cyber incident handling, root cause analysis, digital forensics investigations, and coordinated remediation.

🤖

AI Tooling for Security

Research and development of AI-powered security tools. Local LLM deployment, LangChain, HayStack, agentic workflows and automation at the intersection of AI and Cyber.

🔍

Audit & Architecture

Infrastructure and configuration audits, security architecture design, compliance assessment, and GRC advisory (CISO assistance).

Experience

The journey so far.

SQUAD Conseil & Expertises
Dec. 2024 – Present · 1 yr 6 mo
System Security Consultant, EDR/EPP Aug. 2025 – Present · Lyon
  • Deployment of a new EDR solution in a regulated context: +20,000 endpoints, on-premise, air-gapped environment.
  • Embedding the product in a DevSecOps culture and workflow.
  • Technical consulting, hands-on expertise, and fit-for-purpose validation.
Operational Security Engineer Mar. – Aug. 2025 · Montpellier
  • Proactive threat hunting and threat intelligence operationalization.
  • Cyber incident handling, root cause analysis, and remediation coordination.
  • SIEM/SOC integration and detection use case development.
Cybersecurity Consultant, R&D Dec. 2024 – Mar. 2025 · Lyon
  • Research on AI applications in cybersecurity — emerging threats and defense mechanisms.
  • Local LLM deployment and experimentation with LangChain and HayStack frameworks.
  • POCs for AI-powered security tools, automated reporting with Python and Jupyter.
Axians France
Sept. 2018 – Nov. 2024 · 6 yrs 3 mo
Network & System Engineer Sept. 2023 – Nov. 2024 · Le Mans
  • Infrastructure and configuration audits (on-premise & cloud), security assessments and compliance action plans.
  • Security solution integration: FortiGate, Stormshield, TrendMicro, Veeam.
  • CISO assistance (GRC), architecture design, and on-call incident management.
Systems & Network Technician Sept. 2018 – Sept. 2023 · Apprenticeship
  • Systems, networks and security solution deployment and configuration.
  • Change request management and incident handling (systems, network, security).
Seed'IT / Les Entrep'
Oct. 2022 – May 2023 · Laval
Entrepreneur, Freelance 8 months
  • National entrepreneurship program — cross-functional team project at the intersection of ecology, gardening and technology.
  • Led brand vision and identity definition, technological choices and project roadmap.

Education

Built to last.

2021–2023

Master's in Cybersecurity & Management

Institut Informatique Appliquée (ESIEE-IT)

  • 🏛️ ANSSI SecNumEdu label
  • 🌍 TOEIC 930/990
  • 📝 Thesis: Machine Learning in Cybersecurity
2020–2021

Bachelor's in Computer Science, Cybersecurity

CNAM

  • 📝 Thesis: Cybersecurity Crisis Management
2018–2020

BTS in IT Systems & Networks

UFA Saint Charles Sainte Croix

  • 🥇 Gold Medal, Olympiades des Métiers (regional & national)
2015–2018

Bac Pro, Telecommunications & Networks

Lycée Touchard Washington

  • ⭐ Mention Très Bien

Projects

Building at the edge of AI & Cyber.

AI × Cyber

ClickFixAgent

ReAct agentic AI that autonomously hunts ClickFix social-engineering infrastructure, extracts malicious payloads, and generates structured threat intelligence reports with IOCs & TTPs.

PythonLangGraphLangChainLLM
AI × OSINT

SExAI / SExAI-CLI

Multi-mode CTI tool combining FOFA search engine with AI-powered analysis. OSINT automation, C2 hunting, open directory scanning and geolocation enrichment.

PythonAIFOFACTI
Defensive

MailSecWatcher

Python tool for auditing and monitoring DNS-based email security mechanisms — SPF, DKIM, DMARC, BIMI and SSL/TLS validation.

PythonDNSSPFDMARC
SOC

eBPFSecMonitoring

Ready-to-run Linux security monitoring using Python + BCC and eBPF. Real-time syscall visibility for SOC and threat detection use cases.

PythoneBPFLinuxBCC
Vuln Mgmt

VulnWatcher

Aggregates vulnerability data from ENISA, NIST and OpenCVE APIs to collect and track CVEs for specific CPEs. Automated reporting pipeline.

PythonNISTCVEAPIs
AI × UI

CyberPunk STT App

Cyberpunk-themed speech-to-text application with AI voice recognition integration — where aesthetics meet functionality.

HTMLJSAIVoice
View all on GitHub

Contact

Ready to work together?

Always open to new opportunities, collaborations, or just a good conversation about cyber and AI.

✉️ enzo@enzolenair.fr 💼 LinkedIn ✍️ Blog