Freelancer profile translated to English.
Back to original languageAbout Guillaume
Cybersecurity initially seemed like an obscure and complex subject. Being curious by nature, I wanted to understand its various aspects. I began to take an interest in it by focusing on the technical side towards the end of my studies in 2012. Understanding and mastering the methods and tools used to launch cyberattacks should allow me to deduce the measures to protect against them. After a work-study network engineering degree, a lot of monitoring and training on the subject, as well as technical training, I defined a list of measures and participated in implementing them within the information system of a large international group (now considered vital). This significantly improved the cybersecurity level of the perimeter. I quickly realized that without follow-up, purely technical security measures were very quickly bypassed, forgotten, or obsolete. I then became interested in organizational methods to maintain and improve an organization's cybersecurity level. The ISO 27001 standard seemed to address this issue correctly by proposing the creation and implementation of processes, procedures, indicators, etc. for the security management system in a continuous improvement approach. I therefore obtained the ISO 27001 Implementer/Lead Implementer certification in 2019. Since then, I have implemented this standard in various contexts and have had to work on other demanding frameworks (LPM and RGS, for example). In the course of these missions, I have had to communicate, raise awareness, gain acceptance, implement, etc. And this, with many different stakeholders, ranging from operational staff to directors. I participated in the development of risk analyses using the "EBIOS RM" and "ISO 27005" methods.
French
Native or bilingual
English
Fluent
Can work on-site
Paris (up to 15km)
Experience
- SodexoCybersecurity ExpertPUBLIC SECTORNovember 2023 - Today (2 years and 7 months)Support technical and business management in implementing cyber measures for various public sectors to meet contractual requirements.Development of EBIOS RM risk analyses.Development of approval files.Project management.
- Société GénéraleCybersecurity ExpertBANKING AND INSURANCESeptember 2022 - November 2023 (1 year and 2 months)Integration of security into projects.Development of risk analyses.Project monitoring.Supervision of technical audits (Pen-tests).Raising business awareness on cybersecurity.
- Veolia EauISO 27001 Standard ImplementerRAW MATERIALS INDUSTRYOctober 2021 - Today (4 years and 8 months)Toulouse, FranceImplementation of ISO 27001 compliance for the SIIV perimeter:Establishment of a statement of applicability.Establishment of a risk treatment plan for DG approval.Establishment of a cyber action plan to be implemented for the perimeter, taking into account business needs, existing cybersecurity measures, and regulatory and contractual context.Assistance to operational teams in carrying out security tasks.Development of project progress indicators.Drafting of documentation expected by an auditor.Gathering of evidence expected during an audit.
Recommendations
Be the first to recommend Guillaume
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- General Engineer - Specialization in Telecommunications and NetworksECE Paris2015
Certifications
- Implementer/Lead Implementer ISO 27001LSTI2019
- Hacking and Security, Level 2, ExpertiseOrsys2018