You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Mathieu C.MC

Mathieu C.

Cybersecurity Program Director DORA Cyberark

€1,450/day
Paris, FR
15+ years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Mathieu

Cybersecurity Program Director and Interim CISO — 20 years of experience, 100% full remote. Certified CISSP, PMP, and ISO 27001 Lead Auditor.
I lead critical cyber transformations for regulated organizations: DORA and NIS2 compliance, TLPT remediation, IAM/PAM (CyberArk — 450+ privileged accounts secured), Active Directory Tiering, Zero Trust. Managed budget: up to €20M, in international and multicultural environments.
My clients engage me for three types of mandates:
· Cybersecurity Program Director — governance, steering committees, executive reporting, budget management
· Interim CISO — CISO Office structuring, regulatory compliance, crisis management
· DORA/TLPT Remediation — leading task forces post-penetration testing for financial institutions
Track record: 2.5 years of continuous full remote delivery at AXA Partners (group cyber transformation), international portfolio of 12 projects / 8 countries at GEFCO, IT Infrastructure & Security Director (60 people) at FIDAL.
  • English

    Native or bilingual

  • French

    Native or bilingual

Remote only
Primarily works remotely

Experience

  • Institution financière majeure (confidentiel)
    Cybersecurity Program Director — TLPT Remediation Task Force
    TECH
    October 2025 - Today (10 months)
    Paris, France
    Leading a critical vulnerability remediation program following a threat-led penetration test (TLPT) as part of DORA regulatory requirements. Direct responsibility to the CISO and Board-level governance.
    · Structured remediation governance: prioritization, dashboards, reporting cadence aligned with supervisory expectations
    · Coordination of multidisciplinary teams (infrastructure, application security, IAM, network) within regulatory deadlines
    · Design of sustainable processes for long-term compliance beyond the TLPT cycle
    Tags: Cybersecurity, DORA, Program Management, Risk Management
  • AXA
    Cybersecurity and Networks Program Director
    March 2023 - October 2025 (2 years and 7 months)
    Leading a group cybersecurity program with significant regulatory stakes (DORA / NIS2).

    Responsibilities & achievements:
    • Directed a global cybersecurity program focused on Identity & Access Management (IAM / IGA) and network infrastructure security
    • Led a group network transformation program (Next Gen firewalls, SD-WAN, network cores)
    • Implemented ISMS governance and structured the CISO Office
    • Responsible for budgets, risks, and prioritization with executive reporting
    • Direct interface with CISO, CIO, business unit directors, and governance bodies
    • Direct contribution to NIS2 / DORA compliance programs
    • Led internal and external teams in a multi-country context
    • Designed and deployed the Active Directory Tiering Model (Tier 0 / Tier 1 / Tier 2) for privileged account security
    • Segregated administration perimeters and implemented PAWs (Privileged Access Workstations)
    • Hardened Active Directory post-audit (reduced attack surface, privilege escalation, segmentation)
    • Integrated these measures into a Zero Trust approach aligned with the group's cybersecurity strategy
    • Results: significant reduction in Active Directory risk (privileged accounts and lateral movement), achievement of target security posture defined with the CISO, and positive validation of security and regulatory audits.

    Results: significant reduction of the attack surface, measurable improvement of Active Directory posture, and positive validation of security and regulatory audits.
    Program Management Cybersecurity System Engineering IT Project Management
  • GEFCO
    Cybersecurity Program Director
    March 2020 - March 2023 (3 years)
    • Led cybersecurity programs, CISO governance, and regulatory compliance (NIS2, DORA).
    Directed a portfolio of cybersecurity and infrastructure projects for several international entities
    • Implemented project governance (Steering Committees, Project Committees, Technical Committees) and budget management mechanisms
    • Conducted cyber audits and identified security posture improvement needs
    • Managed tenders and selected vendors and integrators
    • Secured group interconnections (firewalls, MFA, onboarding new subsidiaries)
    • Contributed to aligning security / performance / business continuity

    🔹 Proposed missions:
    – NIS2 / DORA compliance assessment (short-term mission)
    – Cybersecurity governance framework definition
    – Cyber posture quick audit

Recommendations

Be the first to recommend Mathieu

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • ISO 27001
    ISO 27001
  • NIS2
    NIS2

Certifications

Skill set

Categories

  • Other