Freelancer profile translated to English.

Description

Senior Consultant in **Cybersecurity, specializing in GRC, Cloud Security (Azure / Entra ID / M365) and IAM**, with over 15 years of experience in critical environments: banking, insurance, public sector, essential operators.

I support organizations in regulatory compliance (DORA, NIS2, GDPR, PCI-DSS, PSD2), risk governance, cloud security, access governance, and preparation for internal/external audits.

**My role**: structure, secure, and accelerate your cybersecurity programs, while providing a clear, pragmatic, and results-oriented vision.

My key expertise

Governance, Risk & Compliance (GRC)
Regulatory Compliance: DORA, NIS2, GDPR, PCI-DSS, PSD2
IAM / IGA / PAM: Entra ID, AD, MFA, SSO, access governance
Cloud Security: Azure, M365, Zero Trust, hardening, security posture
Risk analysis (EBIOS RM), remediation plans
Security by Design, business/IT project support
Preparation for internal/external audits (ISO 27001, regulatory audits)
Simplification, change management, executive communication

What I bring

Quick and efficient structuring of GRC initiatives
Senior, clear, and decision-oriented vision

• Cloud + IAM + GRC Expertise (rare and sought-after combination)

Ability to lead strategic programs
Smooth communication with business, IT, and management
Pragmatic approach, focused on value and results

For what needs?

DORA / NIS2 Compliance
Strengthening Cloud Posture (Azure / Entra ID / M365)
IAM Governance & Access Review
GRC Structuring & Cybersecurity Leadership
Audit Preparation & Project Support
Reinforcement for CISO / GRC Manager / Cloud Security Expert

Available for high-value-added missions, in demanding contexts or cybersecurity transformation.

Industry field of expertise

Languages

French
Native or bilingual
English
Native or bilingual
German
Fluent

Workplace preferences

Can work on-site

Paris (up to 50km)

AGIRC ARRCO
Senior Consultant / IT Security Governance Expert
BANKING AND INSURANCE
December 2023 - January 2026 (2 years and 1 month)
Paris, France
GRC Management – Compliance – IT Risks – Cross-functional Projects

• Leadership of regulatory compliance projects (DORA, NIS2, ISO 27001).
• Facilitation of the GRC process: risk identification, assessment, action plans, reporting.
• Drafting security requirements and aligning practices with group standards.
• Preparation and support for internal/external audits.
• Security support for business and IT projects (Security by Design).
• Operational monitoring of remediation plans and contribution to risk committees.
• Collaboration with business units, IT, telecom operators, and service providers.
Governance, Risk & Compliance (GRC) grc security-awareness-training it-strategy Security Audit
LOOMIS France,
Senior Consultant / CISO France & Belgium
BANKING AND INSURANCE
January 2023 - December 2023 (11 months)
93300 Aubervilliers, France
Information Security Governance – Compliance – Risk Management

• Leadership of DSP2, PCI-DSS, and ISO 27001 compliance.
• Implementation of risk & compliance indicators.
• Supporting teams in adopting security requirements.
• Coordination with business units and IT service providers.
• Strengthening cloud security posture (Azure AD, M365).
Security Audit security-awareness-training it-strategy Identity and Access Management (IAM) RSSI de transition
Ministère de la Transition Écologique
Information Security Consultant / Project Manager
PUBLIC SECTOR
January 2020 - December 2022 (2 years and 11 months)
Puteaux, France
Risk Management – Approval – Compliance

• Leadership of RGS/RGAA approvals.
• EBIOS RM risk analysis and action plan definition.
• Audit preparation and project team support.
• Raising team awareness of security challenges.
• Contribution to information security governance and project requirements.
RGAA Compliance it-project-management Security Audit Governance, Risk & Compliance (GRC)