Aurélien V.

CONTEXT: The company suffered from obsolete IT and telephony infrastructures, impacting the security and continuity of services provided. The situation was urgent as the lack of an obsolescence management strategy facilitated the exploitation of vulnerabilities.

My responsibility was to manage the infrastructure upgrade, coordinate and assist the SECOPS team, ensure the security of the information system, and improve its performance.

● End-to-end management of obsolete network and telephony infrastructure upgrade projects;

● Facilitation of progress meetings with stakeholders;

● Implementation of activity dashboards and presentation of key indicators to management;

● Supervision of daily security incident management for the IS (SIEM, EDR, WAF, FIREWALL, SANDBOXING, VULNERABILITY SCANNER, ANTISPAM);

● Assistance in incident resolution through pivot analysis and investigations with concerned users;

● Coordination of the SECOPS team (4 people) and priority tracking.

RESULTS:

● Significant strengthening of IS security, with a reduction in critical incidents and unaddressed security alerts;

● Better KPI visibility for management, enabling quick and effective decision-making;

● Notable time savings allowing resources to be allocated to other SECOPS service modernization projects;

● Successful modernization of telephony and network infrastructures, enabling rapid return on investment and system stability.

Technical environment: AGILE PROJECT METHOD, SEKOIA SIEM, SENTINEL ONE EDR, NESSUS SCANNER, FORTINET SANDBOXING, FORTINET ANTISPAM, PALO ALTO and FORTINET FIREWALL, UBIKA WAF, ALCATEL LUCENT TELEPHONY (OXE)

CONTEXT: The company lacked OT expertise, thus slowing down the delivery of convergence studies between the building network and the corporate network. As an OSE (Operator of Essential Services), it also faced certain obligations and could be audited at any time. Therefore, it was exposed to sanction risks in case of non-compliance with these obligations.

My role was to support business projects in identifying security risks and to provide my network and security expertise for the GTB (Building Management System) scope.

● Conducting EBIOS RM risk analyses, then drafting technical recommendations to reduce these risks for the GTB scope;

● Contributing to the definition of security requirements for projects;

● Monitoring recommendations and gap analyses post-audits and pentests;

● Qualifying IT department subcontractors against cybersecurity and regulatory compliance requirements (OSE, GDPR);

● Compliance studies for projects with the Security-by-Design approach;

● Feasibility study for a GTB solution in the Cloud;

● Supporting Business Owners (MOA) in classifying personal and sensitive data (DICP criteria).

RESULTS:

● Structuring modernization of OT infrastructures in the real estate scope, enabling more effective management of building network obsolescence;

● Significant acceleration of the connection between the building network and the corporate network, thus improving IT/OT convergence;

● Strengthening project compliance with the regulatory obligations of an OSE;

● Notable reduction in project deliverable delivery times, thus achieving objectives set by management;

● Improvement in project handling times for cyber visa and DICP studies, enhancing the quality of business projects.

Technical environment: EBIOS RM METHOD, SMARTBUILDING, IEC 62443, GDPR, CIS BENCHMARKS, CONFLUENCE, JIRA

CONTEXT: The company struggled to keep up with cybersecurity projects due to a lack of follow-up on IT teams' contributions to SECOPS projects. This led to difficulties in identifying information system weaknesses in an OSE environment.

My responsibility was to manage IT teams' contributions to cybersecurity projects within the SECOPS team and to contribute to IT department projects in their risk analysis needs.

● Management of IT contributions to certain Cybersecurity program workstreams, including:

-> Regulatory compliance: synchronization of compliance studies with the IT department, then breakdown, formalization, tracking, and management of various action plans;

-> Drafting and updating DSSI security standards;

-> System hardening: technical implementation of system hardening rules (from CIS and ANSSI) and adaptation to the AG2RLM scope for the SECOPS service;

● Conducting an EBIOS RM risk analysis on disconnected backup and managing the action plan;

● Analysis of standard cybersecurity processes;

● Creation of a dashboard integrating relevant KPIs from various IT department services and SECOPS tools;

● Facilitation of various project committees;

● Drafting meeting minutes.

RESULTS:

● Significant discovery of several vulnerabilities in the company's Datacenter, allowing for the proposal of an action plan and rapid, sustainable remediation of these vulnerabilities;

● Great improvement in coordination between IT departments and the SECOPS service;

● Notable increase in SECOPS activity visibility thanks to the operational dashboard, facilitating the consideration of these KPIs in management decision-making.

Technical environment: AGILE PROJECT METHOD, NEXPOSE, CYBERARK, VARONIS DATAPRIVILEGE, IMPERVA, MACAFEE CASB, MICROSOFT DEFENDER ANTIVIRUS.