You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Florent BakaFB

Florent Baka

GRC Cybersecurity Consultant

€500/day
Paris, FR
3-7 years
Security Policy
Risk Analysis
ISSP
Regulatory Compliance
Cybersecurity Strategy

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Florent

Cybersecurity consultant specialized in governance, risk management, and compliance, I assist individuals and organizations in strengthening their security posture.

I address issues related to:
  • Risk Analysis (EBIOS RM, ISO 27005)
  • Compliance with ISO 27001 / NIST / NIS2 / GDPR / DORA
  • Organizational and documentary audits
  • Threat Modeling
  • Security of processes in regulated environments (IEC 62304, ISO 14971)
  • Drafting of PSSI, policies, procedures, cyber management plans
  • Integration of Privacy by Design into projects
My approach is risk-oriented and pragmatic: prioritization of actions, alignment with business constraints, clear and actionable deliverables.

Available for ad-hoc audit, scoping, or compliance support missions.

  • French

    Native or bilingual

  • English

    Conversational

Remote only
Primarily works remotely

Experience

  • Devoteam
    GRC Cybersecurity Consultant
    October 2023 - Today (2 years and 8 months)
    Levallois-Perret, France
    SSI Support / Risk Analysis
    • Participation and execution of internal, external, and third-party security audits
    • Maturity assessments and compliance with ISO 27001, NIST, NIS2, and sector-specific frameworks
    • Participation in the identification, assessment, and monitoring of cybersecurity risks
    • Contribution to conducting cyber and operational risk analyses (ISO 27005, EBIOS RM, ISO 14971)
    • Management of vulnerabilities related to third-party software components and associated security impact analyses
    • Production of cyber indicators, dashboards, and security reporting elements
    • Drafting and maintenance of security policies, procedures, and plans
    • Awareness and support for business and project teams (Security by Design)
    • Continuous regulatory and normative monitoring, with anticipation of security requirement evolutions
    Design and structuring of a DORA compliance management tool
    • Analysis of the DORA regulation and its associated implementing texts (RTS).
    • Decomposition of DORA requirements into operational requirements including risk management, incidents, ICT third-party management, digital operational resilience...
    • Definition of control points with evaluation criteria and expected evidence.
    • In-depth gap analysis, formalization of standard recommendations, and prioritization of actions.
  • Devoteam
    Risk and Compliance Consultant
    CONSULTING AND AUDITS
    September 2022 - September 2023 (1 year)
    Levallois-Perret, France
    GDPR Compliance:
    • Update of the data processing register.
    • Audit of security practices and drafting of the ISSP. Contractual review of service providers and partners.
    • Management of data breaches and team awareness
    Industrialization of internal tools and processes:
    • Execution of a detailed DPIA integrating the EBIOS RM method
    • Development of a Privacy by Design checklist.
    • Drafting of an ISP procedure integrating security into projects.
    • Mapping of ISO 27001 / NIST controls to analyze maturity and identify security gaps.
    Inventory and analysis of cybersecurity and data protection regulations:
    • Development of regulatory summary sheets by country (Belgium, South Africa, India...)
    • Assessment of the regulatory maturity level, identifying key gaps to address
    • Prioritization and recommendation of actions for country correspondents
    • Awareness of correspondents regarding regulatory requirements
    Fraud Analysis Phishing Campaigns Information Security Awareness Writing security training materials Digital Risk Prevention
  • France Travail
    Digital Security Assistant Manager
    February 2022 - August 2022 (6 months)
    Bordeaux, France
    Digital Trust Plan in partnership with the Police, Gendarmerie, ANSSI, and CYBERMALVEILLANCE.COM ( ), aiming to strengthen the digital security of the public: job seekers and SMEs.
    • Monitoring and analysis of cyber threats targeting job seekers and SMEs (fraud, phishing, fraudulent job offers).
    • Design and dissemination of educational materials (guides, fact sheets).
    • Organization and logistical support for awareness webinars hosted by institutional partners.
    • Raising public awareness of cybersecurity best practices.

Recommendations

Be the first to recommend Florent

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Master in Information Systems Risk Management
    IRIAF - University of Poitiers
    2023
    Master Management des Risques des Systèmes d'Information
  • Master in Information Systems Security
    International University of Tunis
    2020
    Master Sécurité des Systèmes d'Information
Check out Florent's education

Certifications

Florent's certifications are only visible to Malt Community members

Skill set

Cybersecurity Incident Management
Data Privacy (GDPR, CCPA)
GRC (Governance, Risk and Compliance)
Risk and Vulnerability Assessment
Security Awareness Training
Threat Intelligence
Workshops Facilitation
Digital Transformation
IT Project Management
IT Service Management
Cyber Risk Analysis
DORA Compliance

Categories