Freelancer profile translated to English.
Back to original languageAbout Hamzatlaye
I assist the CISO and SecOps business lines in properly considering security and regulatory compliance; this includes Governance, Risk and Compliance activities, deployment of cybersecurity solutions, integration of security into projects, Operational Security, execution and management of risk analyses.
French
Native or bilingual
English
Fluent
Can work on-site
Paris (up to 50km)
Experience
- BNP ParibasIT Risk OfficerJuly 2024 - Today (1 year and 11 months)As an IT Risk Officer, my goal is to ensure and promote the security of the IS, particularly through conducting risk analyses, monitoring risks, and supporting business teams in their security needs to maintain a good security posture of the IS.- Execution of security audits and risk analyses in compliance with DORA- Periodic review of suppliers- Analysis of department requests for cybersecurity consulting needs- Drafting and updating procedures based on requirements- Guiding IT teams on fixes to implement- Review and validation of security deliverables- Supporting IT teams in the context of Governance and execution of security programs- Development of security procedures and training of project managers- Continuous updating of a security dashboard- Collection and monitoring of KRIs with gap analysis- Organization and conduct of operational and decision-making committees- Cyber awareness- Risk mapping, in compliance with Group procedure and regulatorsSkills: Risk Analyses, Project Management, ISP, SDLC, OWASP, GDPR, IT Audit, ISO 27001, ISO 27005, EBIOS RM
- MDM FranceCybersecurity ConsultantFebruary 2024 - June 2024 (4 months)As a Cybersecurity consultant, I assisted the business in conducting risk analyses and remediating non-compliance as part of its ISO 27001 certification.- Audit of existing documentation (DRP, BCP, risk analysis deliverables)- Analysis of ISO 27001:2022 gaps- Remediation of non-compliance- Drafting and updating documentation- Risk mapping- Strategic and operational management of teams- Cyber awarenessSkills: Risk Analyses, Project Management, IT Audit, ISO 27001, ISO 27005, EBIOS RM
- CAL&F - Crédit Agricole Leasing & FactoringCloud Security Referent / IT Risk ManagerBANKING AND INSURANCEJuly 2022 - December 2024 (2 years and 5 months)Paris, FranceAs a Security Referent, I am involved in maintaining security, integrating cybersecurity solutions, and improving the organization's compliance with Group and regulatory frameworks.- Support in the context of Governance and execution of security programs- Assistance to MOA and MOE in developing risk analyses and understanding security standards- IT risk analysis based on Ebios RM and monitoring of residual risks- Management of code audits and penetration tests- Risk mapping, in compliance with Group procedure and regulators- Implementation of Cloud Governance within the Group- Cloud Referent for the assessment of new projects (migrations and evolutions) in the Cloud (IaaS, PaaS, SaaS) in collaboration with the Group Cloud Reference Center (CRC)- Creation, review, and validation of security deliverables (contract, DPO annexes, security annexes, security assurance plan, MESARI risk analysis, pre-DPIA form, security questionnaires, architecture diagrams...)- CMDB consistency (asset, application, process, maintenance window, ASA, ...)- Vulnerability remediation following DAST/SAST scans- Implementation of NIST controls (deliverables, operational committees)- Integration of Security in Projects (ISP) in DevSecOps mode- Cyber compliance and support for architects and development teams on CI/CD pipelines (Salesforce, Uipath)- Threat Modeling- Management of security projects (AD compliance, integration of security tools...)- Contribution to the implementation of the annual SSI action plan- Contribution to the SI hardening project- Management of the project to block USB and Bluetooth ports with the SentinelOne solutionSkills: Risk Analyses, NIST, LPM, ISP, IT Compliance, IAM, Business Continuity, Project Management, OWASP, PAS, GDPR, IT Audit, ISO 27001, ISO 27005, ISO 22301
Recommendations
Be the first to recommend Hamzatlaye
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- MBA BUSINESS MANAGEMENT & ADMINISTRATIONIAE PARIS SORBONNE2021Stratégie, Finance d’entreprise, Economie, Innovation , Marketing, Communication RSE, RH , Compliance & Risques Management
- Telecommunications Engineering DegreeTELECOM LILLE2015Cybersécurité, Sécurité des Réseaux & Services, Réseaux Mobiles , Conception & Gestion des S.I
Certifications
- ISO 27005GlobalKnowledge2018
- ISO 22301GlobalKnowledge2018
Skill set (39)
Categories
- Other