About Kobra
Persian
Native or bilingual
English
Fluent
Experience
- La banque postale (LBP) ToulouseProject Manager MOE – IAM & Security Projects ManagementBANKING AND INSURANCEDecember 2025 - March 2026 (3 months)Toulouse, France• Managed cross-functional IAM, PAM, and Active Directory projects, integrating security, regulatory compliance, and Privacy by Design requirements from the scoping and design phases.• Supported MOA, IT, and Security teams in needs analysis, risk assessment, and Third-Party Risk Management (TPRM) with GDPR, DORA, and security governance policies.• Integrated governance, risk management, and internal control requirements into project processes and IAM systems.• Contributed to the industrialization of compliance processes and entitlement management in critical environments.• Participated in identifying regulatory impacts and defining remediation action plans in coordination with business, security, and compliance stakeholders.• Managed project risks, tracked indicators, and reported to governance and management teams.• Facilitated communication between Product, Infrastructure, Security, and Governance teams to ensure project alignment with regulatory and cyber requirements.Tools: MS 365, Jira, Confluence, Collibra, Power BI, EGERIE, OP3N, Harmonie, CYNAPS
- Créditimmobilier de France (CIF)Cybersecurity Project Manager (GRC)/ Risk AnalysisBANKING AND INSURANCEAugust 2022 - December 2025 (3 years and 4 months)Toulouse, FranceContext: Managed the DORA and GDPR compliance for Crédit Immobilier de France (CIF). Coordinated IT, Compliance, and Business teams to ensure robust risk governance, sensitive data protection, and operational resilience (DORA Pillar 1).MISSIONS:1. DORA / GDPR / EU AI Act Risk & Compliance Governance• Managed DORA and GDPR compliance: facilitated EBIOS-RM workshops, coordinated IT, Compliance, and Business teams, monitored KPIs and Power BI reporting.• DORA compliance assessment and audit: identified gaps, analyzed risks, and developed remediation plans.• Managed third-party requests: qualified, tracked, and coordinated with procurement, security, legal, and business teams.• Third-Party Risk Management (TPRM): mapped, assessed, audited, and monitored DORA/GDPR compliance.• Managed action plans and structured a sustainable compliance framework.2. Data Management & Security• Oversaw data governance: quality, architecture, and sensitive data protection.• Classified data for anonymization and data loss prevention (DLP) projects.• Deployed a DLP tool with reporting to management.• Defined roles and access controls (IAM) to enhance security.3. Strategic Project Management• Developed the roadmap for decommissioning obsolete applications.• Managed the MFA project with Thalès and Boston teams.• Monitored periodic and triennial controls of risk analyses performed by external firms.Tools: MS 365, Jira, Confluence, Colibra, Power BI, EBIOS RM, ANSSI Guide, NIS2, ERP and business applications.Deliverables: Compliance assessments (LoD1/LoD2, DORA Pillar 1), action plans, remediation roadmaps, Power BI reporting, and risk governance.
- TopTex / KaribanCybersecurity Project Manager, DATA, DLP, GDPR at TOPTEX FranceE-COMMERCEJanuary 2022 - August 2022 (7 months)Toulouse, France1. Team Support:• Ensured continuity of GDPR compliance projects by supporting new IT teams;• Acted as the primary contact for operational teams and provided support in applying compliance rules to new projects or existing services.2. Contract Compliance Management:• Validated and negotiated data protection clauses in supplier contracts and ensured compliance of relationships with subcontractors.• Collaborated with legal teams to ensure all IT contracts met GDPR standards.3. Data Protection Impact Assessment (DPIA) Supervision:• Conducted DPIAs in coordination with business and IT teams to identify risks related to personal data and propose practical solutions.• Documented results and presented them to data protection governance committees.4. Data Classification for ISO 27001 Certification• Prioritized and classified sensitive, personal, and financial data• Studied the possibility of anonymizing sensitive data• Studied Data Loss Prevention (DLP)• Studied and calculated application maturity using the OWASP method5. Training and Awareness:• Contributed to training new IT teams on data protection best practices and raising employee awareness of GDPR requirements.• Organized workshops and training sessions on GDPR in line with IT developments.6. Compliance Monitoring and POWER BI Reporting:• Coordinated and consolidated project progress reports with Power BI, ensuring compliance and governance continuity;• Prepared and led privacy steering and governance committees.
Recommendations
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- D.E.S.S Informatique,Université Toulouse 1 Capitole2000D.E.S.S Informatique,
- Chemical Engineer, Petrochemical Specialization,Université SANATI SHARIF1985Ingénieur Chimiste, Spécialité Pétrochimie,
Certifications
- Power BI/ PL 300Microsoft2025