Freelancer profile translated to English.
Back to original languageAbout Jean-Pierre
GRC cybersecurity consultant and ISO 27001 certified, I am involved in high-value-added missions combining strategy, governance, risk analysis, and data protection.
Driven by a constant desire for learning, I master the main normative and regulatory frameworks and support organizations in complex and large account environments (banking, industry, public sector) in solving cyber issues, decision-making, and security project management.
My strength: transforming compliance, continuity, and security challenges into pragmatic, clear, and actionable solutions, aligned with business and IT realities.
French
Native or bilingual
English
Native or bilingual
Can work on-site
Paris (up to 50km)
Experience
- SPENDESKCYBERSECURITY & RISK OFFICERBANKING AND INSURANCEJanuary 2025 - September 2025 (7 months)Paris, FranceSpendesk – Cybersecurity Risk Framework & Regulatory Compliance
- Design of a comprehensive Cyber Risk Framework: risk identification, construction of risk scales and matrices
- Implementation of a risk map aligned with regulatory compliance objectives (DORA, ISO 27001, PSD2)
- Identification of feared events for Spendesk and associated impacts
- EBIOS RM risk analysis and proposal of action/remediation plans
- Identification and monitoring of fraud scenarios
- Mapping of IT processes and services supporting critical and significant feared events
Improved regulatory compliance with a 60% reduction in non-conformities.Key skills: risk management, EBIOS RM methodology, DORA/ISO compliance, GRC management, communication with business units. - BPCECybersecurity Consultant – Third-Party Risk & GovernanceBANKING AND INSURANCEJanuary 2023 - January 2024 (11 months)Charenton-le-Pont, FranceIntervention in LOD2 within a banking group, dedicated to assessing the cybersecurity maturity of third parties (service providers, suppliers, critical partners).
- Design of a unified security questionnaire, aligned withISO 27001, NIST, SecNumCloud, PCI DSSstandards.
- Conducting third-party cyber maturity assessments (questionnaires, documentary reviews, scoring)
- Mapping Group IS Policy, internal controls, and international standards.
- Analysis of service provider security and governance arrangements (policies, controls, incident management, **DRP/BCP**)
- Challenge and supervision LOD1, review of control quality and assessment results
- Identification of gaps and creation of new level 2 controls to strengthen security coverage.
- TOTAL ENERGIECybersecurity Consultant – Risk Management & ComplianceENERGY AND UTILITIESJanuary 2022 - January 2023 (1 year and 1 month)Colombes, FranceSupport for TOTAL Energies, OSE, in bringing its information systems into compliance with the NIS directive.
- Audit and risk analysis: detailed assessment of risks associated with the essential service operator's information systems.
- Mapping analysis: Mapping of IS (IT assets, applications, networks and interconnections, etc.)
- Gap analysis: identification of gaps between current security practices and the NIS directive's compliance standards.
- Identification and implementation of remediation plans
- Coordination of stakeholders (business, IT, security) and progress reporting
- Increase in NIS compliance rate from 50% to 97%.
Recommendations
Be the first to recommend Jean-Pierre
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- M2 MANAGEMENT AND IT CONSULTINGESGIM2 MANAGEMENT ET CONSEIL EN SI
- DEGREE IN MATHEMATICS AND COMPUTER SCIENCEUNIVERSITY PARIS 10 NANTERRELICENCE MATHEMATIQUE ET INFORMATIQUE
Certifications
- ISO 27001PECB2024