Freelancer profile translated to English.

Description

Passionate about cybersecurity, I am dedicated to protecting companies against ever-evolving digital threats. Thanks to my sharp skills and experience in various sectors, I support you in securing your infrastructures and protecting your sensitive data.

My approach is based on a personalized and tailor-made strategy, adapted to the size and specific needs of each company. My goal is to anticipate, prevent, and effectively respond to cyber threats that could harm your business.

Why Work Together?

My collaborative approach ensures that you will receive cybersecurity solutions perfectly aligned with your business objectives. Whether you are a small business looking to strengthen its security measures or a large organization needing a comprehensive cybersecurity strategy, I am ready to take on the challenge. I am committed to ensuring proactive protection of your systems, anticipating threats before they occur and reacting effectively when they arise.

Industry field of expertise

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Paris (up to 50km)

Hitachi Rail
Cybersecurity Consultant
TRANSPORTATION
August 2023 - Today (2 years and 10 months)
Paris, France
Coordination of Offensive and Defensive Security Activities
Coordination of penetration tests: Preparation of the system inventory, test planning, and monitoring of the application of remediation measures to reduce identified risks.
Monitoring of vulnerabilities and remediation action plan: Implementation of processes to identify, prioritize, and correct critical vulnerabilities. Support for teams to ensure the implementation of corrective solutions.

Conducting cybersecurity activities: Management of workstation hardening actions (Windows 10) and proactive monitoring of emerging vulnerabilities, with the implementation of appropriate measures.

Writing and Technical Documentation
Writing security documentation: Creation and updating of documents such as VDD (Version Delivery Description), security reports, cybersecurity policy, and operating system hardening guides, ensuring compliance with standards.
Management of Subcontractors and Collaboration
Subcontractor management: Development of SOWs (Scope of Work), selection of service providers, and supervision of their services, ensuring compliance with security requirements, while respecting deadlines and objectives.

Analysis of Security Requirements
Analysis of cybersecurity requirements: Clarification of security requirements for products and projects, in compliance with IEC 62443 standards and other norms.

Maintenance of security equipment: Management and updating of Fortigate firewalls to secure the network infrastructure.

Tools, Methodologies, and Standards
Tools: Word & Excel, Jira
Methodologies: EBIOS 2010, IEC 62443, and CIS benchmarks.
Windows PowerShell Project Management Agile Method Writing Deputy CISO Risk Analysis GDPR Compliance
KPMG SA
Cyber Threat Analyst
CONSULTING AND AUDITS
September 2022 - July 2023 (11 months)
Paris, France
Head of Vulnerability Management

Coordination of weekly meetings: Organization and facilitation of weekly updates on vulnerability status, ensuring follow-up of ongoing actions.
Support for teams in implementing corrective measures: Advice and support for the effective application of remediation solutions to reduce risks.
Development of the remediation plan: Definition of priorities, steps, and resources needed to address identified vulnerabilities.
Reporting and monitoring of Key Performance Indicators (KPIs): Establishment of regular reports, performance monitoring, and trend analysis to optimize vulnerability management.

Integration of Cybersecurity in Projects

Support for projects in compliance with cybersecurity standards: Assistance throughout the V-model development cycle, ensuring that security requirements are met at each phase.
Project risk analysis: Assessment of cybersecurity-related risks for each project, identification of potential vulnerabilities, and proposal of appropriate preventive measures.

Tools and Technologies

Microsoft Defender: Proactive vulnerability management on workstations, ensuring user protection and system security.
Qualys: Use of the platform for vulnerability analysis and patch management across the entire infrastructure.
Excel: Creation of dashboards and KPI tracking for vulnerability management, facilitating decision-making.
Alstom
Cybersecurity Engineer
CONSULTING AND AUDITS
December 2021 - July 2022 (7 months)
Paris, France
Cybersecurity Project Management

Steering of compromise detection projects: Leading projects aimed at identifying potential intrusions and security incidents in information systems.

Support for PCyM in the railway sector: Integration of cybersecurity into railway projects, in collaboration with technical and operational teams to ensure compliance with security requirements.
Monitoring of remediation measure implementation: Supervision of the implementation of corrective solutions, ensuring follow-up of actions until their complete resolution.

Risk Management and Compliance

Risk mapping: Establishment and updating of risk mapping to provide a clear view of potential threats to projects and products.
Product and project risk analysis: Conducting in-depth risk assessments, both at the product and project levels, to identify vulnerabilities and propose appropriate corrective actions.
Clause-by-Clause Verification: Detailed review of security requirement compliance for rolling stock equipment and materials, ensuring their alignment with cybersecurity standards.

Security Assurance and Reporting

Security assurance plan: Development and implementation of security assurance plans, aimed at securing projects throughout their lifecycle.
Reporting and KPI monitoring: Production of regular reports on the status of risks, vulnerabilities, and the effectiveness of corrective measures, with a focus on continuous improvement of security processes.
Tools and Methodologies

Excel and Word
EBIOS 2010 Methodology
IEC 62443 Framework