Freelancer profile translated to English.

Description

My name is Hermann KAMGA II and I am a cybersecurity consultant with nearly 8 years of professional experience.

Throughout my career, I have worked on various projects, particularly in Cloud (Azure, AWS, and M365), access and application security, implementing security measures, and designing secure architectures for many of my clients in the banking, industrial, energy, and transport sectors.

Are you looking for a consultant to implement strategies to improve the compliance and security of your assets in Cloud and On-premise environments? We can discuss further during a meeting.

Industry field of expertise

Languages

English
Fluent
French
Native or bilingual

Workplace preferences

Can work on-site

Villiers-sur-Marne (up to 50km)

COPYLY
Cloud & AI Cybersecurity Architect
TECH
January 2025 - Today (1 year and 5 months)
Paris, France
Objectives: Ensure the compliance, security, and robustness of the Cloud infrastructure in a context of strong growth and international scalability with the integration of AI solutions.

Design, deployment, and security of the Azure Cloud infrastructure, with a focus on separating environments (dev, staging, prod) and implementing secure access rules via RBAC
Implementation of AI-based threat detection solutions: deployment and configuration of automated security anomaly detection systems, behavioral analysis of accesses, and automated incident response via Azure Sentinel and Machine Learning
Security operational maintenance (MCS/MCO): log supervision, vulnerability management, configuration hardening, regular review of privileged accesses and critical resources
Drafting of HLD/LLD documents for security and AI compliance, to formalize the target architecture, security requirements, monitoring mechanisms, and authorized flows
Active participation in client AI project governance: definition of AI project management methodologies from design to implementation, establishment of model validation and approval processes, implementation of AI risk management frameworks
Development of the AI ethical and regulatory framework: ensuring platform compliance with GDPR and European AI Act requirements, defining policies for responsible AI use, assessing algorithmic bias, and implementing sensitive data governance mechanisms
Development of Cloud security policies, implementation of Azure policies, monitoring via Microsoft Defender for Cloud, and support for remediation of detected non-conformities
Tracking performance indicators (security KPIs, cloud SLAs, availability).
Cloud Azure Generative AI Cloud Security Cloud Architect artificial intelligence
EQUANS
Deputy CISO Assistant
ENERGY AND UTILITIES
November 2023 - November 2024 (1 year)
Courbevoie, France
Objectives: Implement the global cybersecurity strategy

• Technical assistance to the S-CISO on daily tasks.
• Improving Cloud security (RBAC, Backup, Patching, Logs, VMs, etc.) in AWS and Azure environments
• Audit and technical monitoring of the remediation of vulnerabilities detected via CSPM
• Creation and revision of security documentation
• Assistance to third parties (Network Team, Digital Workplace, Zscaler, etc.) for security tasks
• Improving network security (best practices and rules, configuration, etc.)
• Improving network application security (Zscaler, SDWAN, Palo Alto, Fortinet)
• Implementation and monitoring of remediation plans following technical audits in AWS and Azure environments
• Verification and validation of network traffic openings (analysis of all security risks before opening traffic) on ServiceNow
• Monitoring of remediations and improvement of KPIs (performance indicators) on Ivanti
• Periodic reporting on activities conducted
• Participation in associated committees
Cloud AWS Cloud Azure CSPM Remediation Cybersecurity Audit
Société Générale
Cloud Security Risk Officer
BANKING AND INSURANCE
January 2023 - September 2023 (8 months)
Fontenay-sous-Bois, France
Objectives: Improve the quality of IT system management

• Provide security and operational risk expertise in project support (CLOUD and TRADITIONAL)
• Planning of necessary actions for projects within the announced objectives and deadlines
• Periodic reporting on activities conducted
• Security review of implemented components
• Provide security assistance for the design and implementation of various support tools
• Specification of controls necessary for risk and compliance monitoring
• Support project teams in securing On-Premise and Cloud infrastructures
• Participation in associated committees
Private Cloud Network Security Cybersecurity Security Audit