You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Anaïs T.AT

Anaïs T.

GRC & Audit Cybersecurity Consultant | CISO

€900/day
Nantes, FR
15+ years
SSI Governance & Outsourced CISO
Incident & Vulnerability Management
Configuration & Security Audit
EBIOS RM Risk Analysis
Cybersecurity Project Management

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Anaïs

Cybersecurity consultant with 18 years of IT experience, including over 3 years in cybersecurity. Hybrid GRC/Audit profile: Deputy CISO experience (governance, SSI policy, EBIOS RM, incident management, vulnerability steering) combined with technical audit practice (Ping Castle, configuration audit).
Accustomed to working as a consultant for an end client, I undertake freelance assignments via payroll support in Nantes and the north of its agglomeration, with mobility to Rennes (hybrid, 3 days/week available).
Available for outsourced CISO and/or security audit assignments.
Real Estate
Education Systems, Research, and Universities
Insurance
Digital and IT Services
Education Companies

  • French

    Native or bilingual

  • English

    Fluent

  • Italian

    Basic

  • Spanish

    Basic

Can work on-site
Nantes (up to 10km), Rennes (up to 10km)

Experience

  • Groupe de courtage d'assurances
    Deputy CISO / Cybersecurity Coordinator
    BANKING AND INSURANCE
    September 2025 - Today (9 months)
    Nantes, France
    Coordination of SOC, VOC, Security Tools activities
    • Prioritization of log collection coverage
    • Main interface between SOC, IT teams, business units, and CISO for incident and security requests processing
    • Participation in steering committees representing the CISO for SOC, Varonis, and other security solutions
    • Steering vulnerability management (application, system, middleware) and remediation tracking
    • Implementation of a vulnerability and patching workflow
    • Construction of vulnerability monitoring dashboards in Cyberwatch (views dedicated to Executive Management, IT Department, SSI) with Kibana/Elasticsearch
    • Steering and administration of SentinelOne (EDR) deployment: migration, security policies, definition of use cases for SOC integration
    • Steering and administration of Bitwarden (password vault) deployment for all users, definition of use cases for SOC integration
    • Coordination of security tooling evolution (partner monitoring, feature requests) and contract management (study/negotiation of contract renewals)
    • Participation in the selection of a provider for an IAM audit and a Keycloak presentation meeting
    • Support for recruitment and service provider management
    • EBIOS RM risk analysis within the framework of a partial support outsourcing project: risk report, recommendations, and checklist of prerequisites to be validated during a visit to the hosting provider
    • Writing and updating SSI documents (Policy, procedure, DAT, DEX, etc.)
    • Security awareness: administrator training, developer sessions (KnowBe4), Cyberdays
    Bitwarden CISO Support SSI Governance & Outsourced CISO EBIOS RM Risk Analysis EDR
  • Groupe de courtage d'assurances
    SSI Project Manager / Cybersecurity Consultant
    BANKING AND INSURANCE
    April 2023 - August 2025 (2 years and 4 months)
    Nantes, France
    •Contract Manager for Varonis and SOC – management of steering/operational committees, CISO representation, SLA monitoring
    •Security incident management (Incident Manager): SOC/IT coordination, corrective actions, continuous improvement, and writing of response sheets, notification matrix, lessons learned
    •Steering and creation of the workflow for security incident processing
    •Monitoring improvement and implementation of log collection coverage (Splunk, WEC)
    •Writing and updating SSI documents: SSI policy, charters, notification matrices, response sheets, procedures
    •Account review on AD (Varonis + Ping Castle), Bitwarden, EDR, and SharePoint: detection of orphaned accounts and excessive privileges
    •Monitoring of remediation actions following an audit of the Azure tenant by a provider
    •Optimization of security solutions (decommissioning, cost reduction)
    •Wallix (PAM): functional scoping with colleague managing provider deployment, then usage as a user (infrastructure connections) – without administrative role
    •Security awareness: for new administrators, presentation of the SSI team, documentation, and the security incident management process with presentation of response sheets
    Project Monitoring CISO Support Security Incident Management Change Management Training Delivery
  • Groupe de courtage d'assurances
    System and Network Administrator – Transition to Cybersecurity
    BANKING AND INSURANCE
    September 2022 - March 2023 (6 months)
    Nantes, France
    •Implementation of remediation actions related to Ping Castle reports with the external CISO (e.g., implementation of AD Recycle Bin, AD Group Cleanup, ...)
    •Monitoring of Varonis operational committees
    •Contribution to the evolution of user onboarding/offboarding processes by updating related documentation and procedures
    •Update and clarification of the process for managing outgoing user mailboxes to secure their closure and processing
    •Renewal of critical PKI certificates (KRA), management of named account dependencies, and maintenance of service continuity
    •Investigation and remediation of a configuration incident affecting anti-spam and anti-malware rules on an email security solution (Cisco ESA), restoring the level of protection and filtering flows
    •Remediation of an email misconfiguration (named mailboxes used instead of shared mailboxes), with compliance of access and improvement of rights management
    •Administration of Windows, Linux, Active Directory, VMware, LAN/WAN networks
    •Writing of procedures and technical documentation
    Ping Castle Active Directory Remediation System Administration Network Administration
Check out Anaïs's experience

Recommendations

Be the first to recommend Anaïs

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Network Systems Administrator Title (Bac +4), Computing
    ENI School of Computing
    2018
    Titre Administratrice Système Réseau (Bac +4), Informatique
  • Higher Technician in IT Maintenance and Support
    CESI
    2009
    Technicienne supérieur en maintenance et support informatique

Skill set

Windows Server
System Administration
Network Administration
VMWARE
Active Directory
Veeam
Office 365
Virtualization
VMware ESX
Microsoft Exchange
GPO
WSUS
vSphere
vCenter
ESXi
DHCP
SonicWall
VMware vSphere
EDR
SSI Policy
Writing
Project Management
Cryptography
Security Incident Management
Planning
Training Delivery
Project Monitoring
CISO Support
Change Management
Writing
POC
Cybersecurity Incident Management
GRC (Governance, Risk and Compliance)
Least Privilege Principles
Risk and Vulnerability Assessment
Security Awareness Training
Cybersecurity
IT Security
ISO 27001
Cyberwatch
SentinelOne
Bitwarden
Hogo
Yubico

Categories