You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Jean-Baptiste C.JC

Jean-Baptiste C.

GRC/ISO27001/DORA/NIS2 Expert Consultant

€900/day
Saint-Germain-en-Laye, FR
8-15 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Jean-Baptiste

Since 2011, I have been assisting organizations of all sectors with the following topics:
- Implementation of the ISMS for ISO 27001 certification:
.ISO 27001: 2013 and ISO 27001:2022
- Compliance with current legislation:
.DORA regulation on digital operational resilience in the financial sector
.NIS1/NIS2 directives
.PCI-DSS standard for payment methods
.PSD2 directive
- Support for HDS certification for the healthcare sector
- Compliance with GDPR and personal data processing

- Risk management and analysis, using the EBIOS RM method and ISO 27005 standard

- Design of documentary corpus: PGSI, PSSI, PCA, PRA, Incident management policies, Access management policies....
Aerospace
Education Companies
Insurance
Banking and Financial Services
Consulting and Audits

  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Saint-Germain-en-Laye (up to 15km), Paris (up to 10km), Courbevoie (up to 10km)

Experience

  • Africa Global Logistics
    GRC Consultant ISO 27001
    TRANSPORTATION
    March 2024 - Today (2 years and 3 months)
    Puteaux, France
    CONSTRUCTION AND IMPLEMENTATION OF THE ISMS FOR ISO27001 CERTIFICATION

    .Implementation of cyber governance practice, roadmap definition: ISMS, Run, transversal projects
    .Facilitation of business, management, and operational committees, minutes
    .Definition and update of risk management strategy: remediation, transfer, acceptance, avoidance
    .Supplier risk management: Definition of strategy for service provider risks, definition of ICT service usage policy for critical or important functions, implementation and maintenance of an information register for all contracts with service providers, due diligence at the start of the relationship, drafting of supplier contracts
    including security clauses, implementation of continuous relationship monitoring
    .Implementation of activity monitoring indicators
    .Implementation of the security process in Change Management
    .Mentoring of alternating students
    .Support for Swift Audits
    .Support for the control environment: defined and updated policies, procedures, and processes
    .Design and maintenance of the ISMS for ISO 27001 certification support
    .Verification of the implementation of planned responses to risks and security requirements
    .Recommendation of modifications/improvements to the information system security policy based on the evolving threat landscape
    .Construction and maintenance of a knowledge base to facilitate audits, knowledge transfer, and sharing.
    .Management of internal and external auditor expectations and requests, including the implementation of an audit program and compliance verification with standards and the assurance framework in collaboration with the internal audit team.
  • Groupe LCL
    CYBERSECURITY PROJECT MANAGER COMPLIANCE NIS2 AND DORA
    BANKING AND INSURANCE
    July 2022 - February 2024 (1 year and 7 months)
    Paris, France
    SUPPORT FOR THE IMPLEMENTATION OF THE DORA REGULATION/NIS2 DIRECTIVE - IMPLEMENTATION OF THE ISMS FOR ISO 27001 CERTIFICATION

    - Implementation of the ISMS for ISO 27001 certification
    - Support for the implementation and compliance with the European DORA regulation: regulation and first regulatory technical standards
    - Support for the pre-implementation of the NIS2 directive, before its transposition into French law
    - Implementation of security incident reporting processes
    - Third-party risk management, particularly suppliers: Definition of strategy for service provider risks, definition of ICT service usage policy for critical or important functions, implementation and maintenance of an information register for all contracts with service providers, due diligence at the start of the relationship, drafting of contracts including security clauses, implementation of continuous relationship monitoring, drafting and updating of security assurance plans
    - Deepening of the cybersecurity watch policy
    and information sharing with the financial community and
    regulatory authorities
  • EXAIL GROUP
    CYBERSECURITY CONSULTANT COMPLIANCE ISO 27001
    AVIATION AND AEROSPACE
    February 2023 - February 2023 (1 month)
    Toulouse, France
    PRODUCTION OF VERSION 2 OF THE INFORMATION SYSTEM SECURITY POLICY

     Update of the Information System Security Policy (ISO 27001: 2022)
     Implementation of recommendations in accordance with ISO 27002: 2022


Check out Jean-Baptiste's experience

Recommendations

FU
PD
FU
+1
Former user and 3 other people have recommended Jean-Baptiste

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Master 2 in Strategy and Financial Expertise with a specialization in Financial Analysis
    Conservatoire National des Arts et Métiers
    2016

Certifications

Jean-Baptiste's certifications are only visible to Malt Community members

Skill set (18)

ISO 27001
ISO 27005
EBIOS RM
GDPR
PIA
DORA
AMF
Business Valuation
Financial Analysis
Business Strategy
Data Protection
ISO 27002
NIS
HDS
PCI DSS
BCP
DRP
NIS2

Categories

  • Other