Freelancer profile translated to English.

Description

Guillaume, an expert in IT audit, governance, and cybersecurity, with over 15 years of experience in complex and demanding environments. Certified CISA and ISO 27001 Lead Auditor, I support organizations in mastering their IT and cyber risks with a pragmatic and business-oriented approach.

I served as Head of IT Audit within a large international group, where I conducted audits for numerous subsidiaries worldwide. These missions covered the entire IT scope: governance, security, projects, operations, internal controls, and regulatory compliance.

As a consultant, I led cybersecurity audits, participated in security approval missions in the defense sector, and supported a major player in the banking sector in implementing and improving its IT risk management systems: maturity audits, risk mapping, risk analysis, continuous controls, integration of security into projects, and remediation monitoring.

What sets me apart is my ability to adapt requirements to the realities of your organization. I do not offer standard models disconnected from the field: I assess the size, maturity, and challenges of your structure to define the right level of control with concrete and prioritized recommendations.

What drives me is IT audit and governance, fully integrating the cyber aspect. I act as a proactive and advisory force to help structure, improve, and evolve practices, while strengthening risk management and the confidence of leaders.

I then support leaders, CIOs, and CISOs in their strategic decisions related to IT and cyber risks, providing them with a clear, structured, and operational vision. My goal: to secure critical activities, strengthen governance, and sustainably support business performance.

Industry field of expertise

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Aix-en-Provence (up to 50km)

SQUAD - Cabinet de conseils et d'expertises
Senior Cybersecurity Consultant
BANKING AND INSURANCE
December 2024 - Today (1 year and 6 months)
Aix-en-Provence, France
Consulting mission for Groupe BPCE (Banque Populaire Caisse d’Épargne):
Implementation and management of risk management processes for the Group's headquarters
Conducting security maturity assessments, asset classification, level 2 controls, and remediation requests with follow-up
Support for Group projects (ISP): analysis of initiatives and assistance to business teams on cybersecurity and GDPR requirements
Development, maintenance, and presentation of risk maps to Group CISOs
Coordination and supervision of a team of 4 cybersecurity consultants
Risk Analysis ISP Audit
SQUAD - Cabinet de conseils et d'expertises
Senior Cybersecurity Consultant
DEFENSE AND MILITARY
January 2024 - December 2024 (11 months)
Toulon, France
Consulting mission for Naval Group:
Responsible for the security approval of a strategic information system hosting over 2,000 users
Conducting risk analysis and defining the approval strategy
Carrying out a complete risk analysis according to the EBIOS RM method (EGERIE tool), including the organization and facilitation of all workshops
Drafting security policies and procedures constituting the approval file
Security Approval Risk Analysis
Nomios Group
Security Consultant
CONSULTING AND AUDITS
January 2021 - December 2023 (2 years and 11 months)
Paris, France
ISO 27001 internal auditor for the certified ISMS
Conducting IT governance audit missions, risk analyses, and CISO assistance
End-to-end management of maturity audit missions (ISO 27001, SecNumCloud, NIST, etc.)
Contribution to risk analyses according to the EBIOS RM methodology
Assisting CISOs in defining their cybersecurity strategy and deploying action plans
Participation in the development of Nomios' GRC offering and support for bids
ISO 27001 EBIOS RM CISO Support