Freelancer profile translated to English.

Description

Do you need to structure or evolve your cybersecurity governance, secure your projects, and comply with regulatory requirements without burdening your organizations?

I assist in the implementation and management of ISO 27001 ISMS, transforming regulatory constraints into concrete, effective, and adapted measures for your business needs.

As a specialized Consultant in Governance, Risk, and Compliance, I provide end-to-end support for your SSI projects: scoping, ISO 27001 gap analyses, EBIOS RM risk analyses, document structuring, process formalization, and audit preparation.

My approach is distinguished by a pragmatic and cross-functional vision: I work closely with business, IT, and security teams in complex and critical environments, with a clear objective: to make security understandable, applicable, and useful.

Industry field of expertise

Languages

French
Native or bilingual
English
Conversational

Workplace preferences

Can work on-site

Paris (up to 50km), Bordeaux (up to 15km)

Confidentiel
Cybersecurity Manager
ENERGY AND UTILITIES
September 2025 - Today (9 months)
Responsible for the ISMS component, I support the definition, structuring, and deployment of an information security management system in a context of high operational stakes.

Key achievements:
ISMS scoping and workshop facilitation with stakeholders
ISO 27001 gap analysis and development of the compliance plan
Construction of the ISO 27001 documentation corpus (policies, procedures, evidence)
Process formalization and integration of security into projects
Risk analysis and definition of the treatment plan
Supervision and skill development of a resource
ISMS Implementation ISO 27001 Project Management Team Management Cyber Risk Analysis
EY
Cybersecurity Consultant (Permanent Contract)
ENERGY AND UTILITIES
November 2018 - September 2025 (6 years and 10 months)
France
Cybersecurity consultant specialized in Governance, Risk, and Compliance (GRC), I work in complex and regulated environments to support the implementation, maintenance, and improvement of ISO 27001 certifiable ISMS.

My missions cover the scoping and management of SSI projects, ISO 27001 gap analysis, documentation corpus construction, process formalization, and the integration of security into business and IT projects.

I also have strong expertise in EBIOS RM risk analysis (multi-objectives, critical contexts), including workshop facilitation, stakeholder reporting, and treatment plan development.

I regularly work on regulatory compliance topics (GDPR, HDS), cyber maturity audits, awareness training, and the supervision of junior consultants.

Sectors of intervention: energy, transport, health, public sector.
Cyber Risk Analysis GDPR Compliance DPIA Governance ISO 27001

Be the first to recommend Fatou

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

CISSP Training – EY
Learning + Udemy
2024
Formation CISSP – EY
Prince 2 Training
Mooc ANSSI
2019
Formation Prince 2

Check out Fatou's education

CISSP
ISC²
2025
Identity and Access Management (IAM) Communications and Network Security Asset Management Security Architecture and Engineering Risk Management Secure Development SecOps Penetration Testing
ISO 27001
ESD
2024
Information Systems Security ISMS ISO 27001 Governance ISMS Audit Data Protection

Fatou's certifications are only visible to Malt Community members

Cybersecurity Expert

Fatou Diop

Cyber GRC Consultant | ISO 27001 ISMS | EBIOS RM

About Fatou

Experience

Recommendations

These freelancer profiles also match your criteria

Education

Certifications

Skill set

Categories