Freelancer profile translated to English.

Description

Cybersecurity consultant specialized in Governance, Risk, and Compliance (GRC), I assist organizations in analyzing, managing, and structuring their cyber risks.

I am involved in risk analysis, regulatory compliance, and security governance missions, drawing on key market frameworks and standards (ISO 27001, ISO 27005, EBIOS RM, NIS2, DORA, GDPR).

I have experience in large and international corporate environments, interacting with IT, security, and business teams, with the goal of translating technical challenges into clear, understandable, and actionable decisions.

I also work on business continuity and cyber resilience topics (BCP/DRP, crisis scenarios, resilience governance), with a pragmatic and operationally oriented approach.

My approach is structured, rigorous, and results-oriented, with particular attention to the quality of deliverables, clarity of documentation, and alignment with business objectives.

Available for cybersecurity consulting, operational support, or cross-functional management missions.

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Paris (up to 50km)

SERVIER
IT Security Consultant
April 2025 - Today (1 year and 2 months)
• Performed risk analyses (preliminary, complementary, summary reports) on on-premise, SaaS, cloud, OT/industrial, and application solutions for over thirty international subsidiaries.
• Monitored complete remediation of vulnerabilities identified by scans and coordinated with IT, cloud, network, data, and business teams.
• Managed network flow openings, security validation, and supported application and OT projects.
• Handled security exceptions, compensatory measures, and associated documentation.
• Participated in RFIs/RFPs: analyzed cybersecurity clauses, assessed supplier risks, and contributed to negotiations alongside Legal and Procurement teams.
• Provided strong support to the Legal and Data Privacy departments: GDPR compliance, contractual review, security validation, data protection analysis support.
• Engaged in regular exchanges and project monitoring for cybersecurity across more than 55 group subsidiaries worldwide, working directly with local teams to ensure global consistency and alignment.
• Undertook regular site visits to the Gidy industrial site to supervise, secure, and support critical on-site projects.
• Conducted ad-hoc evaluations ("one-shot") on sensitive, urgent, or strategic topics.
• Supported local IT teams in implementing in-house AI solutions in countries unable to use group solutions (e.g., Russia).
• Produced Information Security deliverables (reports, roadmaps, risk matrices) and security reporting to stakeholders.
ICYBER-SSI
CISO
October 2024 - April 2025 (6 months)
• Assisted clients in defining, implementing, applying, and piloting their cybersecurity policies and processes, while advising business and IT teams.
• Raised awareness among executive teams and trained teams on cybersecurity challenges, threats, and best practices.
• Developed and monitored action plans for managing IT security risks for systems. Integrated security requirements into contracts and directed the communication of security standards and practices.
• Coordinated the information system security governance for clients.
• Applied NIS2 and DORA directives to enhance organizational resilience and compliance.
• Conducted in-depth risk analyses using the EBIOS RM methodology to manage operational risks.
GENERIX GROUP
Cybersecurity Engineer
September 2021 - September 2024 (3 years)
• Led the initiative to improve the management and compliance of internal SSL certificates to ensure optimal security.
• Drove a major project to align company processes with ISO 27001 security standards.
• Managed the complete migration of the company's Public Key Infrastructure (PKI) to enhance security and efficiency.
• Implemented a continuous monitoring platform for security alerts and rapid, effective responses to counter potential threats.
• Regularly analyzed data and adjusted strategies to maximize return on investment.
• Led an employee awareness project on cyber risks.