Freelancer profile translated to English.

Description

Cybersecurity consultant with 8+ years of experience in regulated environments (banking, telecom, airport, transport).

Specializing in IS governance, regulatory compliance (ISO 27001, DORA, NIS2, LPM, GDPR) and building detection capabilities (SOC, SIEM, EDR, DLP). Versatile profile comfortable with scoping, risk analysis (EBIOS RM), technical integration, and remediation management phases. Experienced with large accounts and service delivery.

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Paris (up to 50km), Lyon (up to 50km), Toulouse (up to 10km), Nantes (up to 50km)

YPTO / SNCB (Belgique)
Security Architect—Oct
January 2025 - March 2026 (1 year and 2 months)
Achievements
• • Definition and formalization of security requirements (Secure Architecture Exploitation Workshops – AEDAS)
• • Strengthening EDR/XDR capabilities, threat modeling, asset categorization
• • Contribution to architectural choices for security components (segmentation, hardening, traceability)
• • Risk analyses (including AI, chatbot projects) and processing of approval files
• • Mobile security strategy (Intune/Samsung Knox), application whitelisting, COBO/COPE hardening
• • Strategic recommendations (MDM migration, PKI, Power Platform, Shadow-IT Countermeasures)
• • Production of scoping deliverables and security files for project teams
Frameworks used: ENISA, MITRE ATT&CK, STRIDE
Société Générale
IT Resilience Consultant
October 2022 - December 2023 (1 year and 2 months)
Achievements
• • Scoping notes and design of user and workstation isolation bubbles (VPN provision, EDR)
• • Definition of URL whitelists ensuring minimal IT and business continuity
• • Identification and certification of key partner connection IP ranges
• • Certification of dangerous flows: Top 3 (VMI, SMB/NetBIOS, RDP) and extended Top 14 (X11, FTP, RSH…)
• • Activity reporting, project tracking, and budget monitoring
Aéroports de Paris — DGAC (Direction Générale de l'Aviation Civile)
Security Consultant
June 2021 - July 2025 (4 years and 1 month)
• • Support for ISO 27001 maturity and IS management via the Tenacy platform
• • Benchmark, evaluation, and selection of solutions: antivirus (TETHRIS), awareness training (RIOT), PKI (Certigna, Let's Encrypt), certificate monitoring (BerryCert)
• • Development of an awareness roadmap (phishing, spear-phishing, CEO fraud)
• • Development of a DLP strategy and delivery of the associated security file
• • Management of IS audits (Trust HQ, Microsoft 365) and subcontractor evaluation
• • Implementation of remediation actions from audits and regular reporting
• • Preparation of approval files: EBIOS RM risk analyses, map update, exception processing
• • Contribution to cyber crisis exercises
• • Contribution to regulatory compliance: EIOPA, ACPR, DORA
• • Formalization of security requirements (AEDAS)