Dominique Ciupa

Cyber Security Governance Risk Management Missions for various clients

• Transition management. Management consulting. Cybersecurity governance. Risk and crisis management. Business Continuity and Disaster Recovery Plan / BIA.

• Regulatory compliance: Military Programming Law / SAIV and OIV. Accreditation. GDPR. Preparation for ISO 27001, HDS, etc. certification. Expertise on legislative and regulatory issues regarding the transposition of REC (resilience of critical entities) and NIS2 directives. Contractual work.

Missions carried out:

. Engie / Storengy Group: Industrial cybersecurity, regulatory compliance (LPM, REC and NIS2). PKI/ ICG, cryptography. Security governance.

. ISO 27001 audits: various organizations.

. Engie / GRTgaz Group: review of the risk management process within the framework of an ISMS.

. Fiducial Bank: transition management, IT security (before DORA / ACPR recommendations (Banque de France)

. Afnor Normalisation: work from 2018 to 2022, on the evolution of reference frameworks.

GDPR support, 2018-2019.

2017- 2018 ATEXIO (cybersecurity consulting)

Cyber Security Consultant Manager GDPR support, compliance and international certifications. Audit, inventory; processing register; subcontractors; data breach. Support for organizations for ISO 27001 certification.

Security Banking sector: Société Générale. Migration security in cloud computing. Analysis of regulatory requirements in the banking sector for the identification of cross-functional projects: LPM, NIS directive, PSD2, trade secrets, GDPR, etc. Healthcare sector: CNAM TS. Management of a team of 14 people. PGSSI and Security Policies for the shared medical record (DMP), personal data protection. Work validated by the CNIL before the launch of the DMP.