Freelancer profile translated to English.

Description

Security architect with 16 years of experience in large accounts, I intervene on complex environment transformation and security projects — from strategic scoping to technical implementation.

My added value: I translate business challenges and regulatory requirements into concrete and operational security architectures, ensuring consistency between architectural decisions, standards (NIST, OWASP, AWS Security Pillar), and field teams.

Areas of intervention(Pillars and transversal expertise):

Security Audit & Architecture

– Analysis of existing systems and risk identification

– Scoping of security transformation roadmaps

– Security design/reviews, writing of security documents or guides

– Technical and coordination leadership

Network & Zero Trust Security

– Zero Trust architecture studies and definition

– Micro-segmentation strategies and contextual access controls

Cloud Security (focus AWS)

– Review and security of IaaS/PaaS architectures

– IAM, encryption, compliance recommendations

– Definition of cloud security best practices

IAM & Identity Governance

– IAM governance scoping

– Integration of IAM into Zero Trust models

– AD security,

Application Security & Lifecycle

– Application and API architecture reviews

– Integration of security requirements into the SDLC

– Support for project and development teams

**Certifications**: AWS Certified (Solutions Architect and Security);

**Experience**: Large account experience (ENGIE, SNCF, Caisse des Dépôts, BNPP, Ministry of the Interior, etc.).

Industry field of expertise

Languages

French
Native or bilingual

Workplace preferences

Can work on-site

Paris (up to 50km)

OnePoint
Cybersecurity Consultant
ENERGY AND UTILITIES
September 2022 - February 2025 (2 years and 5 months)
Paris, France
Engie SA | IAM Project Lead - 2022-2024
Context
Global transformation of the identity strategy at Group level.
The challenge: move away from the "legacy" model to adopt a Zero Trust posture and support the Cloud-First transition.
Mission:
Strategic scoping and operational orchestration of the IAM roadmap. Guarantor of alignment between identity solutions and Group security policies.
Achievements
Design: Scoping and definition of the IAM & Zero Trust roadmap. Contribution to the Target Architecture Design for identity centralization and Leadership of the Active Directory rationalization project (Hardening/decommissioning).
Program Management: Multi-project coordination (AD Hardening, Zero Trust initiatives, Cloud Identity, etc.). Support for budget management and prioritization at Group level.
Governance: Facilitation of decision-making bodies (Steering Committees, Technical Weekly meetings) and alignment of subsidiaries on common security standards.
Strategic Reporting(C-Level): Design and monitoring of dashboards (KPIs) measuring actual security effectiveness: e.g., MFA adoption rate, level of decommissioning of obsolete protocols, and Security of legacy ADs.

Fondation De France | Security Consultant /2022 (Diagnostic Mission)
Context:
Support for the Management in the development of the cybersecurity component of the IT Master Plan (SDSI). The objective: integrate Zero Trust architecture principles in a context of IT system modernization (cloud migration).
Mission:
Conduct of a rapid maturity audit and definition of a target roadmap aligned with international standards.
Achievement:
Evaluation of the security posture using the NIST SP 800-207 framework. Mapping of technological components, etc. Identification and prioritization of evolution initiatives. Writing of strategic recommendations.
AD Security Move to Cloud Zero Trust IAM Cybersecurity
Atos Digital Security
Senior Security Consultant
January 2020 - February 2022 (2 years and 1 month)
Caisse des Dépots | Security Expert - 2020-2022
Context:
Securing the Group's digital services. The challenge was to protect critical assets and support application projects (Web & API) throughout their lifecycle.
Mission:
Lead perimeter and application security controls. Ensure the integrity of environments and the compliance of flows from development to production.
Achievement:
Application Lifecycle Security(Dev/Preprod/Prod): Design and implementation of segmentation patterns to isolate development, testing, and production environments. Validation of access compliance at each project milestone.
Publishing Architecture(Edge Security): Configuration of protection policies against application threats and optimization of the API publishing chain (reverse proxies, WAF, load balancing, firewalling).
Compliance Control: Technical audit of flow opening requests against the security policy (PSSI). Risk analysis on interconnections and recommendations for hardening security platforms.
Trust Management(PKI): Leadership of the SSL/TLS certificate lifecycle for communication security. L3 expert support for complex connectivity and security incidents.
Architecture Network Security
ATOS Digital Security
Senior Security Consultant
September 2019 - September 2020 (1 year)
Paris, France
SNCF RÉSEAU | Security Consultant – SecOps
Context
Strengthening the security posture within the Group's IT Security Department. The challenge was to manage the urbanization of flows and bring critical infrastructures into compliance with ISO 27001 and GDPR standards.
Mission
Ensure the compliance of existing systems and support new projects in applying internal security standards. Ensure the remediation of network and application vulnerabilities.
Achievement:
Audit & Compliance(SecOps): Conducted technical security reviews on network and application perimeters (WAF, certificates, segmentation). Defined recommendations and led corrective actions to align configurations with the PSSI.
Incident Management & Remediation: Investigated security incidents in collaboration with business teams. Analyzed technical causes, assessed the legitimacy of flows, and prepared remediation plans (RFC).
Coordination & Governance: Interface between the IT Security department, application managers, and technical teams. Guarantor of change traceability and active contributor to global technical audits.
Legacy Hardening: Identification and reduction of the attack surface through the cleanup of permissive flows and mapping of unreferenced assets (Shadow IT).

Check out Kevin's experience

Be the first to recommend Kevin

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

Master of Science
Université Pierre et Marie Curie (Paris VI)
2014
Master 2 sciences et technologies mention Informatique, spécialité réseaux

AWS Certified Security - Specialty
Amazon Web Services Training and Certification
2025
https://www.credly.com/badges/ea0b11f9-301a-4dc4-a908-865391f46284/public_url
Security Architecture Cloud Security Amazon Web Services IAM Security Control Security Management AWS
AWS Certified Solutions Architect – Associate
Amazon Web Services Training and Certification
2025
https://www.credly.com/badges/70bc60f7-ee67-441f-877a-1211a209f16a/public_url
Amazon Web Services Cloud Services Cloud Architecture AWS Cloud AWS Cloud Infrastructure

Kevin's certifications are only visible to Malt Community members

Cybersecurity Expert

Kevin J.

Security Consultant | Security Architect

About Kevin

Experience

Engie SA | IAM Project Lead - 2022-2024

Fondation De France | Security Consultant /2022 (Diagnostic Mission)

Caisse des Dépots | Security Expert - 2020-2022

SNCF RÉSEAU | Security Consultant – SecOps

Recommendations

These freelancer profiles also match your criteria

Education

Certifications

Skill set

Categories