Freelancer profile translated to English.

Description

Hello!

My name is Elhadji.

A cybersecurity consultant for over 7 years, I support my clients in managing the risks related to their information systems and their regulatory compliance.

My background is based on dual expertise: I first worked for six years as a lawyer in international and European law (UN, International Union of Lawyers, etc.) before extending my training to Risk Management at Kedge Business School.

This dual skill allows me today to offer a 360° service to my clients according to their needs, from risk analysis to contractual remediation of PSS.

🔎 Expertise

I mainly intervene in the following areas:

- Risk analysis (ISO 27005 and EBIOS RM),

- Integration of security in projects,

- Information security management system (ISMS, ISO27001 lead implementer),

- Governance

,- Drafting of security policies, security assurance plan, etc.

- Cybersecurity awareness training for teams,

- Regulatory compliance,

- Remediation of contractual security clauses,

- Monitoring and evaluation of PSS

✅ Experience

Banking sector (BNP, Société Générale) & industrial (Saint Gobain, Equans)

State services (Ministry of Ecological Transition, etc.),

Energy (EDF, Institute for Radioprotection and Nuclear Safety, etc.)

Do not hesitate to contact me, I will be happy to answer all your questions 😊

Languages

French
Native or bilingual
English
Fluent
Spanish
Conversational
German
Basic

Workplace preferences

Can work on-site

Paris (up to 50km)

Schneider Electric
Data Risk Manager
ENERGY AND UTILITIES
April 2024 - December 2024 (8 months)
Rueil-Malmaison, France
Responsible for risks within the Artificial Intelligence Hub, my mission involves establishing the entire data security governance for projects integrating AI components or focused on AI within the dedicated hub. In addition to governance, I am entrusted with analyzing data risks for all use cases, considering the evolution of European regulations on the subject.
Interlocutors: Product Owners/ Business Data Officers
References: NIST / AI Act / Local Regulations
Drafting policies (Data Requirements, Data Retention Policy...)
Evaluation of third-party data risks
Retroactive review of use cases
Risk analysis on outsourcing projects
Monitoring of Data Sharing Agreements
Risk Analysis IS Governance Risk Management ISO 27001 Artificial Intelligence (AI)
Equans
Cybersecurity Consultant
ENERGY AND UTILITIES
November 2022 - August 2023 (10 months)
92400 Courbevoie, France
Assigned to the cybersecurity and compliance department under the CIO, my mission involved establishing the group's entire information security governance. This also included replacing the local UK CISO and remediating PSS for all non-compliant PSS according to group requirements after risk analysis.

Interlocutors: Local CISOs / PSS / Business Units

References: NIST / ISO 27001 / ISO 27005 / EBIOS

● Drafting policies (PSSI, IT Ethics Charter, PAM policy.....)
● Monitoring Cyber compliance of external service providers
● Review of Security Assurance Plans
● Cyber risk analysis on outsourcing projects
● Monitoring the Cloud migration of a purchasing tool (SAP RISE)
● Cyber representative for the selection of a new purchasing tool (risk analysis, challenges during presentations)
ISO 27005 ISO 27001 IT Charter PSSI Cloud AWS
BNP PARIBAS
IT Risk Cyber Engineer
BANKING AND INSURANCE
August 2021 - October 2022 (1 year and 2 months)
Bd Périphérique, Paris, France
Within the BCEF IT Support team, the need for this mission was primarily to monitor IT projects from their launch and provide support in managing exceptions to assist business units in a mature environment.

Interlocutors: Project Managers / CISO / PSS / Business Units

References: ISO 27001 / DSP2 / ISO 27005

Tools: internal tools / Jira / ServiceNow / Iwav

● Security Integration in Projects
IT Security Management for Projects
● Risk Analysis for New Commercial Activities
● Monitoring the validation process for external service providers
● Monitoring security clauses and security annexes in contracts
● Validation of requests for opening network traffic
● Validation of requests for extracting production data
● Validation of requests for access to unauthorized sites
DSP2 ISO 27001 Security Integration in Projects ISO 27005 TPRM

Check out Elhadji Mbissane's experience

Wandrille

Chef de projet - Haute Autorité de Santé - IT

Several weeks project

Reviewed on 11/27/2025

Be the first to recommend Elhadji Mbissane

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

Master of Advanced Study
KEDGE Business School
2018
advanced master's degree, Risk Management / IMR
Master, European Law
Université Paris - Val-de-Marne (Paris XII)
2011
Master, droit européen

Check out Elhadji Mbissane's education

ISO 27001 Lead Implementer
PECB
2023
EBIOS RM
PECB
2020

Elhadji Mbissane's certifications are only visible to Malt Community members

Cybersecurity Expert

Elhadji Mbissane Ngom

GRC Cybersecurity Consultant

About Elhadji Mbissane

Experience

Reviews

5.0

Quality

5.0

Deadline

5.0

Communication

5.0

Wandrille

Recommendations

These freelancer profiles also match your criteria

Education

Certifications

Skill set

Categories