Freelancer profile translated to English.
Back to original languageAbout Abdelhak
Senior GRC Consultant and Cybersecurity Project Manager with 5 years of experience in critical and regulated environments. Specializing in steering and integrating security into projects (ISP), IT risk management, compliance with European directives, monitoring post-audit remediation plans, and vulnerability management. Accustomed to multi-team contexts (management, legal, IT, business units, suppliers) and environments with strict regulatory constraints. Delivery-oriented approach, risk mastery, and securing regulatory commitments.
French
Native or bilingual
English
Fluent
Can work on-site
Paris (up to 20km)
Experience
- Secteur LuxeSecurity Architect and Global Security Referent for the ProgramLUXURY GOODSFebruary 2023 - February 2025 (2 years)Paris, France
- Cybersecurity steering of an international multi-region program (5 geographic zones, multiple IT, business, and local CISO stakeholders)
- Implementation of the Security by Design approach (ISP)
- Performance of risk analyses (EBIOS RM / ISO 27005) and definition of risk treatment strategies
- Definition and integration of security requirements into architectures and projects (cloud & on-premise)
- Support for IT, DevSecOps, and regional CISO teams in implementing security measures
- Guarantee of regulatory compliance (GDPR, PIPL) and alignment with Group standards
- Steering and facilitation of governance committees (COMEX, COPROJ, security committees)
- Organization and facilitation of cybersecurity workshops (awareness, scoping, architecture, risks)
- Security incident management (qualification, investigation, remediation, communication, continuous improvement)
- Steering of Third Party Risk Management (TPRM): supplier evaluation, compliance monitoring, and remediation
- Drafting and maintenance of the IS Policy documentation corpus: policies, standards, procedures, guidelines
- Review and validation of secure architectures (Zero Trust, network segmentation, defense in depth)
- Steering of security audits: Code Review, Configuration Review, Penetration Testing, SAST / DAST / SCA
- Vulnerability monitoring and remediation plan management
- DeloitteSenior GRC Consultant & Cybersecurity Project ManagerCONSULTING AND AUDITSNovember 2019 - October 2025 (5 years and 11 months)Paris, FranceIntervention on strategic cybersecurity programs for major international groups, in complex regulatory and operational contexts:
- PMO steering of international multi-project cybersecurity program
- Cyber risk management for over 100 IT projects (EBIOS RM, ISO 27005)
- Integration of security into IT projects from the design phase (Security by Design) for over 100 projects
- Contribution to regulatory compliance (GDPR, NIS2, DORA, PIPL)
- Qualification and evaluation of supplier risks (Third Party Risk)
- ATMB - Autoroutes et Tunnel du Mont BlancDeputy CISO AssistantApril 2019 - November 2019 (7 months)Rhône, France
- Participation in Tenders and CASB POCs (definition of IS criteria)
- Project risk analyses (EBIOS RM).
- Technical audits (firewall, architecture, cloud)
- Contribution to the definition of CASB security policies
Recommendations
Be the first to recommend Abdelhak
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Expert in Information Technology and Information Systems, Computer ScienceSUPINFO International University2019Expert en Informatique et Systèmes d'Information , Informatique