Freelancer profile translated to English.

Description

18 years of experience in the field of perimeter security as an architect, consultant, implementer, and L3 support for load balancing, proxy, firewall, and administration bastion products with numerous companies (Pôle Emploi, Total, St Gobain, Air France...) and integrators. I have also acquired skills in project management and IT procedure management during my career.

I am trained in the ISO 27001 standard (ISMS) and the EBIOS RM method (compliant with ISO 27005) and have good knowledge of the ISO 270xx standards.

I am certified ITIL v3 foundation, PRINCE 2 foundation, and have numerous certifications on perimeter security products (F5, Websense, Symantec Bluecoat, CheckPoint, Juniper, Cisco, Infoblox, ...).

Industry field of expertise

Languages

English
Conversational
French
Native or bilingual

Workplace preferences

Can work on-site

Gif-sur-Yvette (up to 50km)

Crédit Agricole-GIP
Security Network Design/Build Consultant
BANKING AND INSURANCE
January 2023 - Today (3 years and 5 months)
Guyancourt, France
• Support of the Product Owner for network security design/build activities
• Study and definition of processes for improving firewall rule review
• Study of internal risk analysis methodology and proposals for improvement.
• Definition of security risks for the annual risk map within the infrastructure scope
• Participation in security project proposals for the annual project plan
• Participation in proxy POC
• Study of the need and benefits of integrating NDR (Network Detection and Response)
• Project for addressing WAF obsolescence, migrations to new WAF engines (4,800 URLs)
• Hardening guide (proposal of definition models, creation of guides),
Risk Analysis Information Security Cybersecurity Cybersecurity Strategy WAF SD-WAN NDR PCI DSS Proxy IT Architecture Risk Mapping
Le Galec Groupement d'achats E.Leclerc
Deputy CISO Consultant
AGRICULTURE
November 2022 - January 2023 (2 months)
Ivry-sur-Seine, France
• Assistance to the CISO of the E.LECLERC Movement
• Formalization of requirements and steering of security/GDPR action plans for central entities, regional entities, and stores.
• Preparation of materials and facilitation for the movement's security correspondents.
• Definition of technical and organizational security requirements.
• Studies and proposals for technical solutions adapted to the movement's context (password vault, passwordless, DR/BCP construction).
• Formalization of security principles in contracts with third-party providers.
• Steering of existing action plans on cybersecurity/GDPR topics.
• Contribution to the construction of a 2023 security action plan for the movement's entities to reduce cyber risks.
CISO Support Information Security Cybersecurity Security Policy
SOCOTEC
Security Project Manager Consultant
REAL ESTATE
January 2021 - November 2022 (1 year and 10 months)
Guyancourt, France
Implementation of an IT security plan

• Technological watch and foresight
• Identification and assessment of security needs
• Awareness and advice in considering cybersecurity among stakeholders (project managers, functional analysts, etc.)
• Recommendation of technical means
• Identification and risk treatment
• Weekly vulnerability audit and management
• Development and writing of security standards and definition of security requirements for CCTPs (Cybersecurity Policy / hardening guides / security questionnaires /...)
• Writing procedures for L1/L2/L3:
o security incident handling (procedures, playbooks, workflows)

• Implementation of controls and reinforcement of security policies (CIS Linux, CIS Windows, CIS CSAT Self assessment)
• Implementation of processes with monitoring and control (patching)

• Configuration audit on various equipment and proposals for corrections and improvements: (Architecture / Secure Email Gateway / firewall / ...)

• Implementation:
o of EDR SentinelOne (6,000 endpoints)
o of Proofpoint TRAP
o of a Proofpoint PSAT POC (Phishing campaign and Training)
o of an open-source phishing campaign simulator (GoPhish)
o of an SMTPS relay with server hardening
o of Linux server hardening rules
o of Windows server hardening rules
o of a Wallix administration bastion POC
o of a Cisco ISE POC
o of a new PKI with application of server certificates, software signing
o of Postman for API usage
o of PHPIPAM (IPAM)
o of firewall configuration templates and profiles (IPS, Application Control, DDOS, DNS, web filter, SSL interception)
o of reverse proxy
o of a log sink (ELK)
o of securing communications (LDAPS, HTTPS, SFTP)
• Writing:
o Technical data sheets on Proofpoint IMD, TRAP, TAP, PhishAlarm
o L3 architecture diagram
o Monthly IT Dashboard presentations (KPI / Interpretations / Analysis / Recommendations)

• Security Audit
o Configuration / Analysis / Exploitation / Reporting of vulnerability scanners like Tenable.sc
o Execution of scanners (Nmap, Netsparker) and interpretation of results
o Review of external audits with partners and functional analysts for interpretation, action definition, and prioritization of corrections.

• Assistance with security incident analysis
o Phishing
o DDOS
o Malware
o review of security alerts
Security Audit ISMS IT Architecture Awareness Information Security Security Policy