Freelancer profile translated to English.

Description

SENIOR CONSULTANT RISK IT

Expert in IT risk management, I support companies in securing their technological environment and mastering their regulatory challenges. My role is to identify, assess, and reduce IT risks in order to protect critical assets, ensure compliance, and support your organization's strategic objectives.

👉 Expertise:

IT Governance and Risk Management (ISO 27005, NIST, EBIOS, FAIR)

Cyber-resilience, business continuity, and disaster recovery plans

Regulatory Compliance (DORA, GDPR, SOX, Basel III, etc.)

Audit & assessment of security measures maturity

Cloud strategy & hybrid environment security

🎯 Added Value:

Strategic vision coupled with solid operational experience

Ability to transform risks into value creation opportunities

Pragmatic and tailor-made approach, adapted to your business priorities

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Paris (up to 50km)

Crédit Agricole Assurance
MRSI Manager, IT Risk and BCP
April 2024 - Today (2 years and 2 months)
Contribution to the implementation and monitoring of risk permanent controls. Contribution to updating ICT risk maps. Analysis and monitoring of Major Incidents. Participation and contribution to various SSI, Digital ICT, and SSP Committees. Participation in the implementation of audit recommendations. Contribution to the preparation of reports on the level of risk mastery. Construction of remediation action plans related to the DORA (Digital Operational Resilience Act) regulation. • Production of DORA information registers (ROI). DORA project management (control of ICT providers).
NIST COBIT DORA Compliance BCP/DRP ISSP
KPMG SA
Senior Consultant
September 2021 - January 2024 (2 years and 4 months)
La Défense, France
External IT audit and internal IT audit consulting mission; Review of companies' information system control environment; Review of business process design and reliability of associated application controls, particularly for Procurement and Sales processes (ITAC); Review of IT General Controls (ITGC) for application, database, and operating system layers across various environments; Analysis of security incidents to determine root causes and recommend corrective measures; Awareness training for employees and management on IT security and risk management best practices.
TOTALENERGIES
Junior Internal Controller and Risk Assessor
September 2019 - October 2020 (1 year and 1 month)
La Défense, France
Development of subsidiary risk maps; Assessment of the effectiveness of existing controls in terms of prevention, detection, and correction of issues; Analysis and follow-up of recommendations to strengthen internal controls and mitigate identified risks; Development of quarterly summaries and audit reports; Updating internal control procedures.