You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Anis B.AB

Anis B.

CyberSecurity & IT Risk Expert

€950/day
Savigny-sur-Orge, FR
15+ years
GRC
Audit Sécurité
ISO27001
ISO27005
GDPR

Average response time: 1 hour

About Anis

I'm currently a Cybersecurity & Monetic Security Expert, over 20 years of a experience in Information Security System, perspectives including more 10 years in complex Security Project Management & program across world wide banking & assurance.

With a focus on GRC (Governance, risk management, and compliance) and Information System Security, I currently serve in a key role of leading requirements contract security appendix with third-party & provider, guiding the development of strategic and tactical Cyber-Security efforts, designing and driving implementations to completion, and function overall as a IT Risk security leader for traditional and evolving security strategy across various sector clients specialy Electronic Banking.

//Technical environments
• New technologies & innovations “Business” projects;
• Technical infrastructures (Firewall "CheckPoint, Fortinet", Router, Switch, F5, IDS / IPS, VPN SSL / IPSEC, NAC CISCO ISE, Proxy, Reverse Proxy, WAF, servers, storage, network, workstation), Multi environment -Cloud (MS AZURE, AWS);
• Tools / Technologies & methodologies applicable to security: Microsoft (AD, ADFS, AZURE AD, AD CONNECT, EXCHANGE, ONEDRIVE, SCCM), SYMANTEC DLP & SEP, SIEM “Splunk”, MDM / MAM, Patch management, Scans “Qualys , Nessus, Rapid7 ”, Agile (Scrum), PMP, ITIL.
• Frameworks : ISO 27x; PCI, NIST, CIS, LPM.
• Regulatory compliance: PCI-DSS standard, GDPR regulation, ANSSI and NIS directive.
Insurance
Banking and Financial Services

  • English

    Fluent

  • Arabic

    Native or bilingual

  • French

    Native or bilingual

  • Italian

    Conversational

Can work on-site
Savigny-sur-Orge (up to 50km)

Experience

  • Société Générale / CyberSecurity
    CISO Assistant
    August 2024 - Today (1 year and 10 months)
    ï Goal : ¨ Support the Chief Information Security Officer (CISO) in overseeing the organization's information security program to protect information assets, ensure compliance with regulations and standards, and strengthen the overall security posture.
    ï Work accomplished : ¨ Development and implementation of enterprise-wide information security strategies and policies.
    ¨ Providing technical expertise in information security engineering and architecture.
    ¨ Collaborating with IT, business, and compliance teams to integrate security into organizational processes.
    ï Risk management : ¨ Conducting comprehensive risk assessments related to information security.
    ¨ Developing and implementing mitigation plans for identified risks.
    ¨ Continuous monitoring to identify and address emerging vulnerabilities.
    ï Results Achieved : ¨ Implementation of security solutions aligned with standards such as NIST CSF.
    ¨ Significant reduction of vulnerabilities and potential threats.
    ¨ Ensured compliance with information security regulations.
    ¨ Enhanced organizational resilience against cyber threats.
  • BNP
    Paribas / Cybersecurity Expert - Payment Systems
    September 2021 - August 2024 (2 years and 11 months)
    ï Goal : ¨ Provide cybersecurity consulting and expertise within the IT Security & Risk team (Regulatory Audit, Risk Assessment, Outsourced Services, Security Cloud Maturity), focusing mainly on IAM APIs and data protection for the Co-branded Digital Payment Card App & EPI (European Payments Initiative).
    ï Work accomplished : ¨ Security support and compliance for contracts, considering legal and regulatory constraints.
    ¨ Ensuring compliance across ITG/ITPS for payments, following the IRPP methodology.
    ¨ Risk assessment and monitoring for projects, producing reviews on security, resilience, and project risks, proposing mitigation measures.
    ¨ Conducting risk analyses following the EBIOS RM methodology.
    ¨ Contributing to security audits to identify risks, define controls, and develop action plans.

    ï Tasks : ¨ RFP/RFI (client/supplier), managing and monitoring audits (vulnerabilities, configurations, architecture, and code).

    ï Risk management : ¨ Formalizing risk sheets, security reviews, and proofs on due diligence/risk assessment..
    ï Team management : ¨ Contributing to committees with internal partners (RSSI, IT Risks & Cyber Committee).
    ¨ Leading and coordinating contributing teams.
    ¨ Managing collaborators or service providers on audit-related projects in the context of outsourced services.

    ï Results Achieved : ¨ Drafting/reviewing contracts (Security Annex) with suppliers
    ¨ Defining security controls and action plans for ITPS (Mobile/Web/Payments) and applicable security frameworks (DSP2, 3DSecure, OTP SMS, MFA, 2FA, etc.)
  • AXA Technology Services
    Infrastructure & Security Project Manager
    February 2016 - December 2018 (2 years and 10 months)
    ï Goal : ¨ Define and lead projects for optimal outcomes, meeting business requirements in terms of quality, performance, cost, timeline, and security.
    ¨ Multi-Cloud migration (AWS & AZURE) for application bases, implementing secure multi-cloud architecture, Encryption, ExpressRoute, CyberArk, etc.
    ï Work accomplished : ¨ Defining and analyzing needs with a relevant business representative.
    ¨ Analyzing constraints, prerequisites, and client expectations.
    ¨ Writing project budgets and proposals.
    ¨ Establishing a provisional plan.
    ¨ Adapting and improving tools and functionalities to meet evolving business needs

    ï Monitoring of project progress : ¨ Planning and monitoring projects, reporting to governance bodies ;
    ¨ Purchases, budget monitoring.
    ï Team management ; ¨ Organizing and leading: steering committee, technical committee, and crisis cell.
    ¨ Coordinating all project contributors (Business, Publishers, Operators, and Providers).
    ¨ Modeling and specifying necessary environments for application functionality
    ¨ Leading and coordinating the project team ;
    ¨ Managing resources for technical implementation operations (WH/ NWH) ;
    ¨ Managing collaborators or providers on national or international projects.
    ï Results Achieved : ¨ Delivered projects within deadlines and budgets with full security compliance.
Check out Anis's experience

Recommendations

Be the first to recommend Anis

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • PhD of Information and Communication Sciences - PhD
    Université Vincennes-Saint-Denis (Paris VIII)
    2012
    Topic: Metatechnologies: Interdependence between the level of hypermediatization and the (ecosophical) consideration of the living.

Certifications

  • Project Management Professional (PMP)
    Project Management Institute
    2016
  • Methodology Risk Analysis - MESARI
    Credit Agricole Consumer Finance
    2015

Skill set

PMP
Expert Sécurité
Cybersécurité
CISSP
Gestion de projet
Gestion de projet technique
Analyse de risques
Management d'équipe
Stratégie SI
Amazon Web Services
Mise en conformité
RSSI
Scan de vulnérabilité
Cyber-résilience
Assistance RSSI
architecte Cybersécurité
Togaf
EBIOS RM
MEHARI
NIST Cybersecurity Framework
LA DIRECTIVE NIS
LA DIRECTIVE ANSSI
Architecte sécurité
Assistance CISO
GRC (Governance, Risk and Compliance)
Risk and Vulnerability Assessment
Security Awareness Training
Threat Intelligence
IT Project Management
Agile Project Management
Change and Transformation Management
IT Strategy
IT Service Management
System Integration

Categories