You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Corentin DucottetCD

Corentin Ducottet

GRC Cybersecurity Consultant, CISO, ISO27001, DORA

€700/day
Lyon, FR
3-7 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Corentin

Regulatory compliance and cyber risk management have become strategic issues for all organizations. Industrial IoT systems, regulated financial environments, DORA/NIS2 compliance: I intervene where the stakes are critical.

I am Corentin, a CISSP-certified GRC cybersecurity consultant with 7 years of experience advising large groups (Crédit Agricole, Thales, Alstom).

My background has allowed me to develop a comprehensive and strategic vision for securing information systems: from international ISO 27001 audits to third-party risk management (TPRM), including CISO support and regulatory compliance.

Today, I put this expertise to work for your organization:

🛡️ CISO Support / vCISO
🚨 Cyber Crisis Management
📈 EBIOS RM Risk Analysis
📚 Information Security Training and Awareness
👤 Supplier Risk Management (TPRM)
🔧 Security Integration in Projects (ISP)
🔍 Security Audit & ISO 27001 Compliance
📊 DORA / NIS2 / AI Act Compliance
📝 Security Policy Writing (PSSI)
☁️ Cloud Environment Security (AWS)

Want to strengthen your cyber posture or accelerate your compliance?
Contact me 📩. Response within 2H.
  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Lyon (up to 50km), Paris (up to 50km), Marseille (up to 50km), Genève (up to 50km), Toulouse (up to 50km)

Experience

  • Crédit Agricole
    GRC Cybersecurity Consultant
    BANKING AND INSURANCE
    April 2024 - Today (2 years and 4 months)
    Lyon, France
    As an assistant CISO, I am responsible for the following tasks:

    🔍 Compliance checks and audits of the first line of defense (LoD 1)
    📜 Update of the regulatory framework and risk mapping
    ⚖️ Regulatory compliance (DORA, AI Act, PCI DSS, NIS2)
    👤 Management of third-party risks (TPRM)
    🤖 Analysis of risks and compliance of deployed AI solutions
    Risk Analysis CISO Cybersecurity DORA Compliance
  • Thales
    GRC Cybersecurity Consultant
    DEFENSE AND MILITARY
    September 2021 - March 2024 (2 years and 7 months)
    Lyon, France
    TPRM Audits — ISO 27001 maturity assessment of international suppliers (USA, India, Europe):
    📊 Gap analysis, definition of action plans, and monitoring of implementations

    Risk analyses on clinical and industrial medical systems:
    🤝 Support for teams in implementing Threat Modeling (STRIDE)
    🔬 Analysis of penetration test reports and vulnerability scans
    📜 Compliance with UL 2900 and AAMI TIR57 standards
    ☁️ Verification of cloud security requirements
    🎯 EBIOS RM risk analyses

    Implementation of a ransomware crisis management plan:
    🛡️ Clarification of critical activities and organizational principles in case of attack
    📄 Formalization of recommendations and production of quick reference guides
    ISO 27001 Risk Analysis Cybersecurity Security Audit EBIOS RM
  • Alstom
    GRC Cybersecurity Consultant
    TRANSPORTATION
    January 2020 - September 2021 (1 year and 8 months)
    Lyon, France
    Third-Party Risk Management (TPRM) and Supply Chain Compliance:
    🤝 Monitoring and support of international suppliers on the implementation of cybersecurity within their IS and the OT/embedded systems present in trains, trams, and metros
    ✅ Verification and validation of requirements based on IEC 62443 and ISO 27001 standards
    Cybersecurity ISO27001 IEC 62443 GRC Security Audit

Recommendations

DK
DC
Djed R.DR
Daïana Kissi and 2 other people have recommended Corentin

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Engineering Degree, Networks and Cybersecurity
    ESME-Sudria | Ecole Spéciale de Mécanique et d'Electricité
    2019
    Diplôme d'ingénieur, Réseaux et Cybersécurité
  • International Study Semester
    Griffith College Dublin
    2017

Certifications

Skill set

Categories