Freelancer profile translated to English.
Back to original languageAbout Abdoulaye
SPECIALIST IN GOVERNANCE, RISK AND
COMPLIANCE, I PARTICIPATE IN SECURITY
SUPPORT IN PROJECTS, CONTRACTUALIZATION,
THIRD-PARTY EVALUATION AND
REMEDIATION PLAN MONITORING.
I AM ALSO CERTIFIED EBIOS, ISO27001, ISO 27005, IAM, AZURE AND MICROSOFT 365.
English
Fluent
French
Native or bilingual
Can work on-site
Paris (up to 30km)
Experience
- AG2R LA MONDIALEISP and IAgen ConsultantBANKING AND INSURANCEOctober 2023 - Today (2 years and 8 months)Levallois-Perret, FranceResponsibilities- Risk analysis based on ISO 27005, EBIOS, NIST standards- Security support for projects related to artificial intelligence (Copilot, GCP, creation of business chatbot assistants)- Application of GDPR, DORA, AI Act, NIS 2 regulations- Raising awareness among stakeholders (Management, Business Lines) of cyber risks and threats- Analysis of supplier pentest reports- Collaboration with technical teams to integrate internal security solutions (SIEM, bastion, firewall, SSO,…)- Evaluation of supplier questionnaires (analysis of responses and evidence, evaluation)- Assistance to projects and evolutions: support and monitoring of remediation plans- Assistance in project contractualization (Monitoring and comparison of Security Assurance plans, contractual clauses)- Drafting of Governance documents (IT Security Policy, IT charters, user guides...)- Having a role as a reference for information protection technologies;- Monitoring of exemptions- Publication of articlesTechnical environment- Deployment of tools (EDR Crowdstrike, software versioning, …)- HSM KMS deployment (Google)- Generative AI (internal chatbot, augmented developer, …)- API security (Apigee)- Mainframe z OS securityOperational environment- Office 365 suite (Outlook, Excel, Powerpoint)- Collaborative tools (Microsoft Teams, Planner)- Internal application referencing tool (Atlas)- ServiceNow, JIRA- Confluence
- AllianzThird-Party Cybersecurity ConsultantBANKING AND INSURANCEJanuary 2023 - Today (3 years and 5 months)Puteaux, FranceContextWithin the SSI team's Center, I am responsible for carrying out the SSI assistance services entrusted by the operational manager.My main activity consisted of providing technical expertise through risk analyses of third-party and Cloud infrastructure projects.Responsibilities- Conducting third-party risk analyses (Cloud providers, Insurance Delegates, etc.)- Assistance to projects and evolutions: support and monitoring of remediation plans- Assistance in the contractualization of Cloud projects (PAS monitoring, amendments)- Community animationDeliverables- Risk analysis documents- Project validations- Supplier questionnaire responses- Security Assurance Plans- AmendmentsFunctional environment- EBIOS format risk analysisOperational environment- Office 365 suite (Outlook, Excel, Powerpoint)- Collaborative tools (Microsoft Teams)Technical environment- EGERIE for risk analyses- ADO IT for project information (infras, project code…)- Archer RSA for monitoring Group-level risk analyses
- L'Oréal SA - L'Oréal FranceAssistant CISOFASHION AND COSMETICSOctober 2022 - December 2022 (3 months)Levallois-Perret, FranceContextWithin the IT department, I am responsible for carrying out the SSI assistance services entrusted by the operational manager. Mymain activity consisted of providing technical expertise through the risk analysis of the Salesforce software package and its variousbranches through the ServiceNow tool, distributed as follows:- Digital: Includes all of the organization's digital sales and marketing activities.On the IT side, we mainly find websites (mainly e-commerce and showcases) and the management of marketplace flows(sales on social networks such as Instagram or via platforms such as VeePee for example).- CRM: Includes all prospecting activities (marketing campaign for example) and customer follow-up (customer base,loyalty program, etc.).On the IT side, we find the customer database and associated software bricks, tools for analyzing sales andloyalty systems.- Retail: Includes all in-store sales activities.On the IT side, we find the IT environment of points of sale (cash register & EFTPOS in particular) & the interconnections between thestores and the rest of the IS (link with the CRM, stocks, loyalty programs, etc.).- B2B: Includes all sales activities to professionals. On the IT side, we find two bricks. On the one hand, aweb environment, made up of sales sites for hairdressing salons, pharmacists and independents. On the other hand, anenvironment for sales representatives, made up of sales analysis tools, marketing campaigns (by email or other) and amobile application.Responsibilities- Update risk analyses on the B2B Sales and Marketing scope.- Vulnerability management and interface with IT owners on the monitoring, orientation of remediations across the entire O+O perimeter.- Assist the O+O CISO on various tasks within their scope (preparation of analyses, audits, documentation...)Deliverables- ServiceNow reports (extractions)- JIRA reportOperational environment- Office 365 suite (Outlook, Excel, Powerpoint)- Collaborative tools (Microsoft Teams, Skype)Technical environment- ServiceNow (Risk management, vulnerabilities, monitoring of recommendations)- JIRA (Creation of vulnerability correction tickets)
Recommendations
Be the first to recommend Abdoulaye
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master Organisation et protection des Systèmes d'Information en EntrepriseUniversité Lumière Lyon 22018Formation sur les moyens de protection des systèmes d'information (analyses de risques, PCA/PRA, Audit technique) et les meilleures pratiques en terme de durcissement des infrastructures
Certifications
- Microsoft 365 SecurityMicrosoft2020