Freelancer profile translated to English.

Description

Senior Information Security Officer with 17+ years of experience in cybersecurity and IT governance.

Supporting VSEs, SMEs, and large enterprises on critical and strategic issues: cybersecurity audits, risk management, governance, compliance, and part-time CISO services.

Former qualified PASSI auditor, conducted IT system approvals for OIV (Operators of Vital Importance). Certified ISO 27001 Lead Implementer and CISM.

Intervention with a structured and pragmatic approach: identification of priority risks, operational action plan, and management aligned with business objectives.

My goal: reduce your risk exposure, strengthen resilience to secure your growth.

Industry field of expertise

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Valbonne (up to 50km), Nice (up to 50km), Grasse (up to 50km)

JH-consulting
Independent Consultant
February 2024 - Today (2 years and 4 months)
Valbonne, France
- Systems and Network Engineer
• Microsoft PKI migration and hardening
• Active Directory hardening for 3000 users
• VMware hardening
• Audit, configuration recovery, and hardening of Stormshield Firewalls
• Maintenance in operational condition (MCO) activities on the Active Directory environment
- IT Project Manager
ISO 27001 Cybersecurity Incident Management IT Project Management Active Directory Cyber Crisis Management
Monaco Cybersécurité
Cybersecurity Consultant
August 2022 - February 2024 (1 year and 6 months)
- Part-time Information Security Officer:
• Private Banking:
• Member of the team of 5 CISOs
• Security plan monitoring
• Risk analysis in projects (NIST)
• Evaluation of provider cyber maturity
• KRI monitoring
• Definition of security policies & procedures
• International Groups:
• Definition, implementation, and monitoring of cyber strategies based on client requirements (NIST Framework, ISO, ANSSI, etc.)
• Internal Information Security Management System (ISMS) oversight
• Definition of security policies and gap analysis
• Preparation and management of cybersecurity committees (Strategic, Operational)
• Compliance with standards/regulations: ISO 27001 / Health Data Hosting / TISAX
• Risk analysis: ISO 27005 standard, EbiosRM methodology, NIST RMF
• Provider due diligence
• Response to RFIs (Request For Information)
- Information System Approvals:
• Support for state organizations and OIV in the approval of their IS (ANSSI 9-step process)
- Crisis Management:
• Definition and implementation of cyber crisis management plans
• Definition and implementation of reflex sheets
• Definition and implementation of crisis exercises
• Client support during crises
- Other missions:
• Qualified PASSI auditor, organizational and physical audit scope
• Definition and implementation of IS Security Policy (PSSI) & gap analysis
• Definition of Business Continuity Plan (BCP) / Disaster Recovery Plan (DRP)
Robertet
Director of Digital Transformation/CISO
September 2020 - July 2022 (1 year and 10 months)
- Definition and application of a group information system security strategy:
• Definition, implementation, and monitoring of the group's cyber strategy
• Awareness of cyber risks for Management, internal developers, and users
• Implementation of international & operational cybersecurity committees
• Implementation of ISO 27001 standard / ANSSI hygiene guide
• Audit of information system maturity in subsidiaries
• Implementation of phishing campaigns
• Implementation of log management and supervision
• Organization and monitoring of technical teams responsible for infrastructure security
- Swift Compliance:
• Study of the Customer Security Controls Framework 2021
• Definitions of the Compliance Improvement Plan
• Definition and monitoring of measures
- IT Project Management:
• Merging of US and France Active Directory and MS365 Tenant environments
• Migration from Lotus Notes to Office 365
• Migration of Bitdefender antivirus to SentinelOne for the entire fleet
• Active Directory hardening, audit, and remediation plan
• Replacement of Cisco wifi with Aruba
• Implementation of Clearpass
• Management of VEEAM backup deployment
• Migration of ESXi and IBM i server infrastructure
• Implementation of vulnerability scanning via Nessus + implementation of patch management
• Deployment of Easyredmine for group project management
• Deployment of a Graylog Syslog server
- Systems and Network Engineering:
• Fortigate management (IPS/IDS, application control, SSL and IPSEC VPN, rule management, ...)
• Fortimanager, Fortianalyzer management
• SentinelOne EDR management
• Active Directory management
• VMware vSphere management and hardening

Check out Jérôme's experience

Be the first to recommend Jérôme

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

Management Information Systems BTS, Option: Enterprise Local Network Administrator
Polytech
2006
BTS informatique de gestion, option Administrateur de Réseaux Locaux d'Entreprise

Cybersecurity Expert

Jérôme H.

RSSI Senior | Audit & Governance Cyber | vRSSI

About Jérôme

Experience

Recommendations

These freelancer profiles also match your criteria

Education

Skill set

Categories