About Lorenzo
Experienced cybersecurity project manager having conducted :
- Workstation hardening - 10k workstations (analysis, deployment, communication, reporting, alerting, underlying process, etc.)
- DRP program - 30 critical apps (adoption, tests, process, reporting)
- Cybersecurity awareness program - 10k users
- Entra Administration model - 1000 administrators (analysis, deployment, communication
- SIEM/SOAR Use cases review and deployment
Experienced IAM security architect on:
- Conducting and performing risk analysis (EBIOS RM, ISO27005)
- Defining, building and controlling IAM process
- Defining security policies, guidelines, position notes and relevant controls
- Conducting PAM projects (Wallix)
French
Native or bilingual
English
Fluent
Can work on-site
Paris (up to 50km)
Experience
- CONFIDENTIELDigital Workplace Cybersecurity officerCIVIL ENGINEERINGOctober 2022 - May 2024 (1 year and 8 months)IAM Program security (+180 000 people):| Governance and process:
- Deployment of departure process (security objectives definition, technical and functional
- Risk assessment, SOC related process creation)
- Deployment of onboarding process (security objectives, technical and functional risk assessment)
- Deployment of Entra ID related process (for administrators, for applications, reset MFA, enablement, etc)
- Assessment of the IDP strategy (from multiple IDP to a unique cloud IDP)
- Definition of IAM security roadmap
| Cloud identities (Entra ID):- Project management of Entra administration Model over 3000 administrators (Profiles creation,Just-in-Time activation, access review, communication)
- Risky-user project management (Strategy definition, xSOAR Palo alto need and process definition)
- SIEM/SOAR use cases review, process update and communication
- Review of conditional access for 8 personas (security objectives definition, design, exception management)
- M365 Service account governance definition (security objectives review, design, provisioning, and certification process)
- Application governance definition (hardening guides, credentials management, process)
- Design, development, and release of Entra ID control plan – 50 controls deployed over 6 categories.
- Risk analysis on identities related project (Cleanup process, Service Principal, and cloud accounts self-service)
| On-premises Identities:- Security of a passwordless project (FIDO2) for industrial web applications (Risk analysis Security Insurance plan assessment, service provider assessment, controls)
- Security of IAM solutions with ServiceNow (security objectives definition, technical and functional assessment)
- Partner identity governance definition (security policies, conditional access, certification, and compliance)
Messaging services security (+500 domain names):- SMTP mitigation planning of an Open SMTP relay, 6000 +applications, 30M of mails per month (Risk analysis, stakeholders’ adoption and sponsorship, planning)
- Proofpoint SaaS risk analysis and deployment follow-up
- SendGrid risk analysis, deployment follow-up, security controls
- SPF / DKIM / DMARC Risk analysis of current strategy, mitigation strategy definition, planning
- SIEM/SOAR Use cases definition, process creation and communication
- CONFIDENTIELCybersecurity Project managerCIVIL ENGINEERINGFebruary 2021 - October 2022 (1 year and 8 months)Paris, France
- Windows 10 hardening guide project management – 7000 Workstations (Steering
- Committee animation, communication, exception process creation)
- PAM Solution deployment (Wallix) project management (Steering committee animation, communication, breaking glass process creation)
- Intune deployment security follow-up (MAM policies strategy, RBAC Intune definition, etc,)
- Awareness program manager (Phishing strategy, end-user awareness strategy, global awareness campaign project management)
- Business continuity program manager (PRA/PCA objectives and strategy definition,
- stakeholders’ awareness, adoption and sponsorship, audit of 30 critical applications)
Recommendations
Be the first to recommend Lorenzo
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master en Sécurité des Réseaux et Systèmes, Computer and Information Systems Security/Information AssuranceInstitut Polytechnique de Paris (IPP - TelecomSud Paris)Master en Sécurité des Réseaux et Systèmes, Computer and Information Systems Security/Information Assurance
- Digital Technologies Architect student42Digital Technologies Architect student
Certifications
- ISO 27001 Lead ImplementorIT Governance2023
- ISO 22301 Lead implementorIT Governance2022