Freelancer profile translated to English.

Description

IT systems security consultant, I support companies in integrating security into their projects. I work on governance, risk, and control (GRC) topics:

- Risk analysis

- Security control (1st and 2nd line of defense)

- Third-party management

- IT security project management

- Operational security management (DRP testing, backup testing)

- Vulnerability and security patch management

Industry field of expertise

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Paris (up to 40km), Lyon (up to 20km), Lille (up to 50km)

TotalEnergies
Head of Cybersecurity Service Center
ENERGY AND UTILITIES
April 2024 - February 2025 (10 months)
Paris, France
Team Management
Organize team activities and report information to management
Manage the service steering committee
Coordinate the deployment of EDR in TotalEnergies subsidiaries
Define stakeholders, geographical scope, and endpoints concerned (on-premise and cloud servers)
Collaborate with technical teams to define installation prerequisites, installation scripts, and error analysis scripts
Validate automated deployment tests via SCCM
Define a progressive deployment plan and communicate with stakeholders
Support local IT managers in error correction during the deployment phase
Present project progress in steering committee meetings
Coordinate incident resolution reported by EDR
Security Management with Suppliers
Conduct cybersecurity assessments of suppliers
Analyze risks in projects, recommend and monitor action plans to mitigate risks
Analyze solution architectures (software and cloud) to integrate security
Develop the security assurance plan for projects and integrate security clauses into contracts
Vulnerability Management
Coordinate the relationship between SOC, CERT teams, and subsidiary Cyber Security managers
Coordinate vulnerability remediation with subsidiaries
Leadership et gestion d'équipe Analyse de risques Coordination de projet Intégration de la sécurité dans les projets Architecture sécurité
bnpparibas
Tribe Security Officer
BANKING AND INSURANCE
January 2022 - February 2024 (2 years and 2 months)
Paris, France
Integrate security into projects
Coordinate security in projects from the initiation phase to production
Define security requirements (DICT, RPO, RTO) for each project
Analyze proposed solution architectures
Perform risk analyses for projects and deliver recommendations
Integrate vulnerability management into projects
Define a source code vulnerability management process
Coordinate SAST/SCA source code vulnerability scans
Integrate vulnerability management into the development cycle through SAST/SCA vulnerability scans
Define a vulnerability remediation plan and integrate it into project sprints
Build a dashboard for project vulnerability tracking
Manage suppliers
Participate in supplier selection
Manage third-party risks (TPRM)
Define the security assurance plan for projects with suppliers
Negotiate and integrate security clauses into supplier contracts
Participate in the Cybersecurity program
Coordinate the security review of applications (Risk Control Self Assessment)
Coordinate application backup and restore tests
Gestion des risques sécurité dans les contrats Intégration de la sécurité dans les projets Gouvernance Cybersécurité Gestion des vulnérabilités
Capsule Technologies / Philips
Cybersecurity risk management for medical device
PHARMACEUTICALS INDUSTRY
February 2021 - November 2021 (10 months)
Cambridge, United States
Manage the manufacturer disclosure statement for medical device security
Study the architecture and security of the medical device
Organize document review meetings with system architects and developers
Produce the MDS2 (Manufacturer Disclosure Statement for Medical Device Security)
Analyze project risks and make recommendations
Risk Management
Organize workshops with various stakeholders according to ISO27005 / EBIOS methodology
Analyze security and HIPAA (Health Insurance Portability and Accountability) risks on the "Capsule Surveillance" medical device
Write documentation on medical solution security for submission to the FDA (U.S. Food and Drug Administration) for accreditation
Train system engineers on Philips' risk analysis tool
formation cybersécurité Analyse de risques Architecture sécurité

Check out Etienne Leon Gauss's experience

Be the first to recommend Etienne Leon Gauss

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

Conception et Architecture Réseaux
Télécom ParisTech
2015

ISO/IEC 27001 Senior Lead Implementer
PECB
2025
Leadership, communication et gestion du changement Planification et mise en œuvre d’un SMSI Évaluation, surveillance et amélioration continue Gestion des risques liés à la sécurité de l’information Documentation et contrôle du SMSI Compréhension approfondie d’ISO/IEC 27001 et de ses annexes
ISO/IEC 27005 Lead Risk Manager
PECB
2017
Evaluation des risques Gestion de risques Surveillance, réexamen et amélioration Identification des actifs, menaces et vulnérabilités Documentation et communication Élaboration d’un cadre de gestion des risques Traitement des risques

Etienne Leon Gauss's certifications are only visible to Malt Community members

Cybersecurity Expert

Etienne Leon Gauss Ngoumnaï

Cybersecurity GRC Consultant

About Etienne Leon Gauss

Experience

Recommendations

These freelancer profiles also match your criteria

Education

Certifications

Skill set

Categories