Freelancer profile translated to English.

Description

Governance, Risk, and Compliance (GRC) Consultant with 8 years of experience in cybersecurity and complex banking environments. I specialize in implementing security measures, IT risk management, SWIFT, LPM, GDPR regulatory audits, and team leadership. Certified ISO 27005 & ITIL, I leverage a dual technical and strategic skillset to support organizations in their compliance and performance. I am open to market opportunities to take on new challenges.

Languages

French
Native or bilingual

Workplace preferences

Can work on-site

Noisy-le-Grand (up to 10km)

Crédit Agricole d'Ile de France
Information System Security Correspondent for BPCR
BANKING AND INSURANCE
August 2022 - Today (3 years and 9 months)
Saint-Quentin-en-Yvelines, France
RUN:

SI security coordination for the CA-TS entity within the BPCR cluster

Monitoring SOC incidents, middleware and server vulnerability management

Management of security action plans & AWS non-compliance handling

Management of security risk treatment action plans

Tracking waiver requests and providing visibility to the entity CISO

Implementation of indicators and dashboards

Handling protocol obsolescence: TLS 1.0, 1.1 / SMB v1 / NTLM

GDPR (Handling security traces in the context of fraud, HR investigations)

Process implementation

Review of fireflow traffic in network zones and initiating requests for traffic closure upon expiry.

PROJECTS:

Qualification and management of security EDBs + Budget validation

Deployment of ARS strategy for pending security projects

Monitoring of security project implementation

Participation in drafting and updating company security procedures.

AUDITS AND REGULATIONS:

Contribution to SWIFT audits (interviews, evidence collection, corrective action plans)

Handling recommendations: Shared directories, orphaned and rogue accounts, SWIFT action plan

Committee Meetings (Support production, facilitation, action plan monitoring):

RUN: Security Run Committee, Operational Security Committee, Vulnerability Monitoring, Incident Monitoring Committee

Projects: EBs management monitoring, Project Steering Committee, LPM
BNP Paribas
Security & IT Risk Team Lead (Team of 8 employees)
BANKING AND INSURANCE
January 2018 - August 2022 (4 years and 8 months)
Montreuil, France
Management of the NIST/CIS program – SI and dedicated LPM administration:

Strategy (Deployment, control plan review, risk management).

Solution deployment (DAM Guardium on SWIFT assets, MyPSM for CyberArk access)

Monitoring and management of KPIs, reporting to IT department, client entity CISOs

Server obsolescence management (patching, sanity reboot, vg_apps monitoring...)

Team Management:

Team leadership (recruitment, task monitoring, man-day budget tracking, setting team objectives…)

Urgency/priority management and task delegation

Daily meetings/Brainstorming

Regulations:

Internal/external IT audits (IG Swift, CAC, Finance, HR, Imex, CIS)

Handling recommendations resulting from cybersecurity audits (Vulnerability Management, IAM, OS & middleware hardening, PSM)

ITIL: Major application controls on changes/incidents/problems.

User Training:

Coordination and implementation of an IT cybersecurity awareness program.

Coordination and development of a business continuity plan for the team, ensuring skill development for new joiners.

Customer relationship management, ensuring interface between development and service provider through SLA compliance.
Cybersecurity IT Audit Agile Project Management
BNP Paribas SA,
IT Risk and Cybersecurity
January 2019 - July 2021 (2 years and 6 months)
93100 Montreuil, France
Management and coordination of middleware patching campaigns for a fleet of 11,000 servers. Monitoring of remediation and vulnerability management. Identity and Access Management (IAM) / Handling of rogue and orphaned accounts. Change, incident, and problem management.