You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Larbi AdrarLA

Larbi Adrar

GRC Cybersecurity Consultant

€650/day
Paris, FR
8-15 years
Cybersecurity
Governance
GRC
Cybersecurity Governance
Risk Management

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Larbi

💻 Cybersecurity specialist with 15 years of experience, I support companies in securing information systems and managing IT risks. From strategic governance to technical implementation, I work on complex projects, leveraging in-depth technical expertise and 18 cybersecurity certifications.

🌟 Key Skills:

🔒 Governance & Compliance
  • Development of security strategies and KPI monitoring.
  • Risk management (EBIOS RM, ISO 27005, ISO 27001).
  • Planning and supervision of internal and external audits.

🛠️ Operational Security
  • Proactive vulnerability monitoring (CVSS score, critical activities).
  • Cyber crisis management: BCP/DRP and incident response.
  • Coordination with CISOs and continuous process optimization.

⚙️ Technical Expertise
  • Management of complex environments: including Firewalls, Cloud (AWS, Azure...), networks (Cisco, Fortinet, F5...) and various systems (Linux, Windows).
  • Development of tools and automation to improve operational efficiency.

🤝 Leadership & Team Management
  • Supervision of multidisciplinary teams: technicians, experts, project managers.
  • Collaboration with stakeholders to align security and business objectives.

💡 Certifications: 20+ recognized cybersecurity and IT credentials.
📍 Availability: ASAP
📬 Contact me to discuss projects where expertise and pragmatism make a difference.
Banking and Financial Services
Insurance
Consulting and Audits
Energy and Electricity
Digital and IT Services

  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Paris (up to 50km)

Experience

  • ORANGE
    CISO - Chief Information Security Officer
    DIGITAL AND IT
    January 2025 - Today (1 year and 5 months)
    Paris, France
    - Context:
    • As part of an ISS (Information Security) team of 8 CISOs organized by scope and Business Unit, I manage cybersecurity for two BUs in the Infrastructure scope (Cloud and Data Center) and provide backup for Network and Firewall domains.

    - Achievements:
    • Definition and management of the cybersecurity strategy and the multi-year security plan (3-year roadmap).
    • Definition of security objectives and needs aligned with the SI and business strategy.
    • Implementation and animation of security governance (security committee, BU steering committee, reporting, risk monitoring and action plans).
    • Risk analysis (EBIOS Risk Manager, ISO 27005), including integration of security in projects (ISP).
    • Development, updating, and dissemination of the ISS documentation framework (ISSP, policies, procedures, standards).
    • Integration of security in projects (Security by Design).
    • Management of exceptions and risk arbitration (e.g., traffic openings).
    • Verification of the application of security policies and standards by IT teams.
    • Management of periodic reviews of access and authorizations (rights control, separation of duties, audit compliance).
    • Management of non-conformities from technical audits (pentests, external audits).
    • Development and management of security dashboards (incidents, project security integration).
    • Monitoring and analysis of security incidents, root cause identification, and implementation of corrective measures.
    • Definition of security requirements and validation of technical solutions.
    • Monitoring of contractual security requirements with suppliers.
    • Deployment of a cybersecurity awareness strategy (approx. 1400 employees made aware).
    • Promotion of a security culture (knowledge and communication).
    • Benchmark, selection, and deployment of an awareness tool.
    • Facilitation of training sessions and internal campaigns.
    • Technological and regulatory watch.
    CISO ISSP Risk Analysis Cybersecurity EBIOS RM
  • ORANGE
    Security Governance Manager
    DIGITAL AND IT
    January 2022 - December 2024 (2 years and 11 months)
    Paris, France
    Context:
    • Responsible for security governance for key accounts (energy sector, notably EDF, RTE, ENEDIS, and GRDF).
    • Mission to oversee the security of a park of over 40,000 devices including Firewalls, Routers, SSL VPNs, and SD-WANs.

    Achievements:
    • Key contact for the client CISO for Security Governance, Risk, and Compliance aspects.
    • Development and validation of the Security Assurance Plan (SAP) in collaboration with the client CISO's teams.
    • Definition of security indicators and supervision of their monitoring in Security Committees, Steering Committees, and Executive Committees.
    • Creation of monthly Security Dashboards for each client, including specific KPI indicators.
    • Operational management of client-dedicated teams, including: 2 remediation and compliance plan project managers, 4 technicians, 3 technical experts, and 2 architects.
    • Establishment and execution of the crisis management plan, including steering cyber crisis management.
    • Proactive monitoring of vulnerabilities on the client park, based on CVSS score and activity criticality.
    • Monitoring of Information System Security (ISS) risks, with analysis of results.
    • Management and quarterly review of access and privileges.
    • Analysis and processing of exceptions and remediation plan campaigns.
    • Contribution to the improvement of the internal Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP).
    • Promotion and implementation of information security best practices with client teams.
    • Planning and supervision of internal audits in accordance with ISO 27001 standard.
    • Monitoring the implementation of recommendations from audits.
    • Coordination of cross-functional activities, regulatory and normative compliance in information security.
    ISO 27001 ISO 27005 EBIOS RM GDPR Fortinet
  • ORANGE CYBERDEFESE
    Experienced Cybersecurity Engineer and Cyber Development Manager
    CONSULTING AND AUDITS
    September 2016 - December 2021 (5 years and 3 months)
    Paris, France
    Context:
    • As part of its strategy to become a leader in cybersecurity in Europe, Orange created Orange Cyberdefense (end of 2015), bringing together all of the group's cyber activities and acquiring new companies (Obiane, Atheos, Lexis, SecureLink, SecureData…).
    • As a cybersecurity and cyber development manager, role of developing tools and processes to support RUN cyber engineers.

    Achievements:
    • Management of various cyber projects (estimation of workloads and progress status across multiple domains: security, networks, systems, databases, storage; planning, requirements, risk, and change management).
    • Development of applications, scripts, and system tools aimed at facilitating the work of RUN cyber engineers.
    • Verification of implemented technical security measures and risk analysis.
    • Determination of an operational method for consolidating configurations from various source technologies.
    • Support for project teams in security integration.
    • Coordination and management of vulnerabilities and security incidents.
    • Ensuring the implementation of security requirements and measures before client production deployment.
    • Participation in internal audits and those conducted by clients.
    • Management and realization of the implementation and deployment of Ticketing solutions (ServiceNow), SharePoint Online, Wiki, and Knowledge Base.
    • Design and delivery of security awareness programs, as well as targeted user training.
    • Client support for LPM (Military Programming Law) approval.
    ISO 27001 ISO 27002 ISO 27005 LPM ITIL V3 ServiceNow Office 365 VMWARE GDPR Compliance Citrix Fortinet Checkpoint F5 Palo Alto Bluecoat Ivanti Juniper Sales Force Aruba Cisco ASA Centreon AWS Cloud Kali Linux PowerBI
Check out Larbi's experience

Recommendations

Be the first to recommend Larbi

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Professional Bachelor's Degree in Networks and Telecommunications
    IUT de Cachan
    2014
    Licence professionnel Réseau et Télécommunication
  • Master's Degree in Information Security
    ESGI
    2016

Certifications

  • ISO 27005 Lead Risk Manager
    PECB
    ISO 27005 Risk Management Risk Management
  • ISO 27001 Lead Auditor
    CERTI TRUST
    Risk Analysis Internal Audit Security Audit ISO 27701
Larbi's certifications are only visible to Malt Community members

Skill set

Vulnerability Management
ISO 27001
Infrastructure Project Manager
Cisco Technologies
ISO 27005
Risk and Vulnerability Assessment
Penetration Testing
Threat Intelligence
Data Privacy (GDPR, CCPA)
Cybersecurity Incident Management
IT Project Management
IT Service Management
CISO
SIEM
certificate
EBIOS RM
ISO27002
Security Audit
Data Protection
Security Policy
ISSP
Compliance
IT Risk Management
GDPR Compliance
ISO 27002
GDPR
Elasticsearch
Fortinet
Cisco Networking
ServiceNow
Ivanti
Palo Alto
SD-WAN
DRP/BCP
KPI
LPM
ITIL V3
Office 365
VMWARE
GDPR Compliance
Citrix
Checkpoint
F5
Bluecoat
Juniper
Sales Force
Aruba
Cisco ASA
Centreon
AWS Cloud
Kali Linux
PowerBI
McAfee
Symantec
Efficient IP
Wallix
Firewall
Windows Server
Microsoft Azure
Windows PowerShell
VMware ESXi
VMware vSphere
Cisco
HP
DHCP
Active Directory
BlackBerry
customer service
Microsoft Exchange
Incident Management
Help Desk Support
ADSL

Categories