You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Amdouni A.AA

Amdouni A.

GRC RGPD LPM ISO NIS2 Cybersecurity Consultant

€650/day
Paris, FR
3-7 years
GDPR Compliance
GRC
Cybersecurity
Audit Pilot
GDPR Compliance

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Amdouni

Experienced GRC Consultant, I have held key roles throughout my career: Assistant CISO, Assistant DPO, ISO 27001 Certification Manager, and Security & Compliance Audit Manager. Each assignment has given me a 360° view of IT security, at the intersection of technical, regulatory, and human challenges. Persistent, pedagogical, and results-oriented, I work under a payroll management system with organizations seeking reliable and seamless expertise.
I am under payroll management and seeking at least part-time remote work. Feel free to consult my LinkedIn profile: a-bb73b591/
Telecommunications
Banking and Financial Services
Insurance
Consulting and Audits
Rail and Public transport

  • French

    Native or bilingual

Can work on-site
Paris (up to 50km)

Experience

  • GROUPE BPCE
    Cybersecurity Consultant
    BANKING AND INSURANCE
    January 2025 - August 2025 (7 months)
    Charenton-le-Pont, France
    BPCE Group's Security Department has established a Technology Risks Expertise Center (CETRM) whose main second-line-of-defense missions consist of:
    🎯 Assisting all CISOs and CIOs of the banks and branches in managing outsourced and network footprints (Nessus, SSL Certificate, crt.sh, DNS Brute force, Whois and Reverse Whois, risk management, quarterly vulnerability scanning, penetration testing, Yogosha, SecurityScoreCard…)
    🎯 Preparing and leading quarterly management committees
    🎯 Producing dashboards and reports for group security management
    🎯 Assisting all CISOs in implementing the TRM (Technology Risks Management) process, including ISP/ESP, Asset Classification, and cyber and IT risk assessment
    🎯 Piloting the project to sustain inventories (centralized CMDB)
    Cybersecurity GRC Consultant
  • BOUYGUES TELECOM
    PASSI-LPM IT Audit Pilot
    TELECOMMUNICATIONS
    September 2023 - January 2025 (1 year and 4 months)
    Vélizy-Villacoublay, France
    Bouygues Telecom is a French telecommunications operator offering mobile telephony, fixed internet,
    television, and fixed telephony services.
    🎯 Scoping the audit with the various stakeholders
    🎯 Drafting the specifications for the audit to be carried out by the firm
    🎯 Issuing the call for tenders and coordinating with the various bidders
    🎯 Assisting in the decision-making process for selecting the audit firm
    🎯 Contracting with the service provider
    🎯 Organizing the project, leading the necessary meetings with the various stakeholders (launch, follow-up, interviews,
    reporting, etc.), monitoring its progress, including reporting
    🎯 Identifying and implementing the prerequisites for the audit by the firm: document collection, operational prerequisites, access
    and testing resources
    🎯 Monitoring the activities carried out by the technical audit firm
    🎯 Contextualizing detected vulnerabilities in relation to cybersecurity governance, development, operations, and challenging the
    firm on associated recommendations.
    🎯 Defining actions associated with recommendations, including their priority and deadlines. o Drafting a presentation
    for management summarizing the audit findings
    🎯 Preparing and leading management presentations
    Audit Audit Pilot Cybersecurity KPI Awareness
  • SETELIA
    ISO27001 Certification Maintenance Manager
    TELECOMMUNICATIONS
    October 2022 - September 2023 (11 months)
    Issy-les-Moulineaux, France
    Present in Northern Europe, Southern Europe, and the Middle East, SETELIA is a company specializing in technological homologation,
    consulting, outsourcing, and mobile technologies, providing expert solutions to telecommunications players.
    As part of maintaining the ISO27001 certification for Service and Consulting in Telecommunications and Information Technologies:
    🎯 Analysis of the existing situation:
    — Documentary review of the ISMS
    — Gap analysis
    — Review of corrective measures from the last audit
    🎯 ISMS Update:
    — Update of the security policy
    — Risk review and update of the risk analysis
    — Update of the Statement of Applicability (SoA)
    🎯 Internal Audit:
    — Participation in the internal audit before the certification maintenance audit
    🎯 Preparation for the certification audit
    — Team awareness
    — Documentation verification
    — Preparation of evidence to be presented
    🎯 Recertification Audit:
    — Coordination with the certifying body
    — Support during the audit
    ISO27001 CISO Risk Analysis Audit Awareness
Check out Amdouni's experience

Recommendations

Be the first to recommend Amdouni

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Engineering School in Computer Science
    EPITA
    Master
  • Scientific Baccalaureate
    Lycée Jean-Pierre Vernant

Certifications

  • Data Protection Officer
    PECB
    2021
  • GDPR Certificate
    MOOC CNIL
    2020
Amdouni's certifications are only visible to Malt Community members

Skill set

Bug Bounty
Performance Indicators
PIA
Risk Analysis
Regulatory Compliance
Team Management
GDPR
GDPR
LPM
Audit
Awareness
GRC Consultant
KPI
ISO27001
CISO
Definition and monitoring of indicators (KPI)
Cybersecurity Awareness
Documentation
NIS2

Categories