You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Herve LamourouxHL

Herve Lamouroux

RSSI de transition

€900/day
Paris, FR
15+ years
DORA
NIS2
ISO 27001
RSSI de transition

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Herve

En tant que Responsable Sécurité des Systèmes d’Information de transition, je me concentre sur l’accompagnement des organisations dans les secteurs de la finance, de la banque, de la santé, de la retraite, du public et du digital pour renforcer leur résilience face aux cybermenaces. Grâce à des certifications multiples en ISO 27001, ISO 27005 et une implémentation réussie des cadres réglementaires européens tels que DORA , je soutiens mes clients dans leur conformité et la gestion des vulnérabilités.

Mon expertise inclut le remplacement temporaire des RSSI internes pour garantir la continuité de la sécurité , la mise en place de systèmes de management de la sécurité de l’information (SMSI), la gestion des incidents et la sensibilisation des collaborateurs. Mon objectif est d’élaborer des solutions de sécurité sur mesure, agiles et adaptées, tout en intégrant les nouvelles normes comme la certification ISO 42001 pour la sécurité de l’IA.
(SMIA)


🎯 Mes services :

✅ Diagnostic ISO 27001 gratuit avant tout engagement (écarts, priorités, risques, feuille de route)
✅ Engagement de réussite sur vos projets de conformité et d’audit
✅ Pilotage complet des programmes ISO 27001, NIS2, DORA, Data Act, IA Act
✅ Accompagnement RSSI de transition (gouvernance, risques, incidents, PRA, tableaux de bord COMEX)
✅ Sélection, qualification et évaluation de candidats RSSI (interne/externe)
➡️ Analyse de compétences, conformité, posture, expérience réglementaire
➡️ Aide au choix final + short list technique orientée gouvernance et conformité
✅ Feuilles de route conformité & résilience souveraine
✅ Audit sécurité, SOC, PRA/PCA, risques, fournisseurs

🔎 Ma mission :

Sécuriser vos systèmes d’information, renforcer votre résilience, structurer votre gouvernance et garantir votre conformité aux exigences ISO 27001, NIS2, DORA, EUCS et aux réglementations européennes émergentes.
Public Sector
Insurance
Banking and Financial Services
Consulting and Audits
Facility Services and Security

  • English

    Fluent

  • French

    Native or bilingual

Can work on-site
Paris (up to 50km)

Experience

  • HLACONSEIL
    INTERIM CISO
    BANKING AND INSURANCE
    May 2019 - Today (7 years and 1 month)
    Paris, France
    Interim CISO, GRC, NIS2, DORA, ACPR, BCP
    6 clients in finance, banking, digital, and retirement
    2 certifications ISO 27001 2013-2017
    1 certification ISO 27001 2022
    1 RGS accreditation
    1 ACPR/DORA approval

    • Consulting and Audit: Security ISO 27001, AWS Cloud environment, SecNumCloud OutScale
    • Governance, Risk Management, Compliance (GRC)
    • Support and implementation of ISO 27001 2022, NIS2, DORA, RGS, ACPR requirements
    • Infrastructure audit and data encryption
    • Penetration testing of secure networks
    • Audit and security of mobile environments (IOS, Android)
    • Security of remote work environments (VPN, Bastion)
    • Creation of PSSI and PAS
    • Training and awareness for users on global security best practices
    • Defines the objectives and needs related to the company's IS
    • Defines and implements IS security procedures
    • Leads compliance projects (technical or regulatory)
    • Defines and implements IS operational security indicators and dashboards
    • Synchronizes CNIL matters with the DPO or external partners
    • Assesses risks, threats, and consequences
    ISO27005, EBIOS RM
    • Studies prevention methods and plans ensuring security and their proper use
    • Trains operational and business departments on security rules
    • Recommendations
    • Technically validates security tools
    • Audit & Control
    • Implementation of DRP / BCP
    • Initiates crisis management teams in case of IS security incidents
    • Technical and Security Watch
    • CTO
    Cybersecurity Governance ISO Certification NIS2 DORA GRC Consultant
  • CANON FRANCE
    CISO
    TECH
    January 2013 - January 2020 (7 years)
    Paris, France
    ISO 27001 Certification 2013 (DATA Center and 3 production sites)
    • Governance, Risk Management, Compliance (GRC)
    • Risk Analysis (EBIOS RM)
    • Canon SOC Support
    • VMWARE Cloud and AWS Migration ISO 27001 Audit
    • Implementation of Bastions (WALLIX) and SIEM AlienVault
    • Implementation of CANON Group's PSSI and PAS
    • Definition and management of the security policy
    • Leads compliance projects (technical or regulatory)
    • Synchronizes CNIL matters with the DPO or external partners
    • Assesses risks, threats, and consequences
    • Studies prevention methods and plans ensuring security and their proper
    use
    • Awareness
    • Informs and raises awareness
    • Trains operational and business departments on security rules
    • Recommendations
    • Technically validates security tools
    • Controls and ensures that teams apply the company's IS security principles and rules
    ISO 27001 Change Management Project Management Cybersecurity Governance BCP/DRP
  • OCE France
    CIO
    TECH
    January 2003 - December 2012 (10 years)
    Paris, France
    CIO Member of the EXCOM,
    IT Governance Management, Implementation of group recommendations at the compliance level (SOX), application and infrastructure
    Team Management IT Governance Strategic Planning International Coordination

Recommendations

Be the first to recommend Herve

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • MIAGE
    PARIS DAUHPHINE
    1990

Certifications

  • ISO 27001 Transition
    PECB
    2023
  • Lead Auditor ISO 27001
    PECB
    2019

Skill set

Cloud Administration
Cloud Integration
Cybersecurity Incident Management
Data Privacy (GDPR, CCPA)
Penetration Testing
Risk and Vulnerability Assessment
Security Awareness Training
Data Integrity and Governance
IT Architecture
IT Strategy
IT Vendor Management and Procurement
Workshops Facilitation
Coaching de dirigeants
Accompagnement RSSI
Operational Resilience
GRC (Governance, Risk and Compliance)
Threat Intelligence
Least Privilege Principles
DevSecOps
Containerization and Virtualization
Data Migration and Backup
Agile Project Management
Agile Team Coaching
Change and Transformation Management
CRA

Categories