You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Megane Zekeng BaniMZ

Megane Zekeng Bani

Cybersecurity Consultant | Cloud | GRC | ISP

€670/day
Paris, FR
3-7 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Megane

With 5 years of experience in cybersecurity consulting, I assist companies in securing their infrastructures and ensuring their IT environments comply with regulations. My background has allowed me to work on strategic and operational projects in various sectors such as luxury, insurance, energy, and transport, providing robust solutions tailored to business challenges.

Areas of expertise:

- ISP and Risk Management: Cybersecurity project management, risk analysis, strategy definition, cyber resilience steering, vulnerability management, third-party management, support for delivery teams, action plan coordination and executive reporting, secure integration of artificial intelligence tools and AI Agents.
- Audit & Compliance: Security audits, risk analysis, recommendations for regulatory alignment, Ebios RM, NIST SP 800-30, ISO 27001, ISO 27005, NIST SP 800-145.

- Cloud Architecture & Security: Design and deployment of secure architectures (Azure, AWS), DevSecOps, Akamai, APIM, Front Door, CDN, VPC, CaaS (Container as a Service), Defender for Cloud, Sentinel, Landing Zone, Generative AI, Entra ID, Purview, Intune, Key Vault, AKS, AWS IAM, GuardDuty, Macie, CloudTrail, Shield, AKMS.
- Zero Trust & IAM: Implementation of Zero Trust strategies, identity and access management, PingID solutions, SSO, MFA, FIDO2.
- Network Security & Firewalling: Expertise in Palo Alto, infrastructure hardening, network segmentation, WAF, DDoS, Anti-Bot Robot, Akamai, Prisma Cloud, Palo Alto Firewall, Fortinet, EDR, XDR, SIEM, SOAR.

Added value:
- Ability to handle large-scale projects as well as targeted missions.
- Results-oriented approach, combining technical expertise with an understanding of business challenges.
- Versatility and adaptability in complex and multi-sector environments.
  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Paris (up to 50km)

Experience

  • CHANEL SAS - GDS Chanel.com
    CYBERSECURITY CONSULTANT (ISP | GRC | CLOUD SECURITY | RESILIENCE)
    LUXURY GOODS
    September 2024 - Today (1 year and 11 months)
    Neuilly-sur-Seine, France
    Context: Responsible for the security of the Chanel.com platform, the mission involves supporting delivery teams (USA, Korea, UK, Japan, China, etc.) in integrating security from the design phase (Security by Design) for global e-commerce platform projects. The main objective is to deploy the security roadmap and industrialize cybersecurity practices around three strategic pillars: Risk Management - IT Resilience - Vulnerability Management.

    Responsibilities:
    - Security Roadmap Steering
    - ISP (Integration of Security in Projects) - Risk Management
    - Vulnerability Management
    - IT Resilience Management
    - Third-Party Management
    Audit & Compliance: ITGC, SOX, HIPAA, PCI-DSS, GDPR, NIST 800-53, IRS, Basel III Azure Cloud Cybersecurity Strategy Cybersecurity Governance Project Management
  • SAFRAN SAE
    CLOUD SECURITY CONSULTANT | SECURE ARCHITECTURE | DATA GOVERNANCE
    AVIATION AND AEROSPACE
    April 2024 - August 2024 (4 months)
    Paris, France
    Context: Design of a secure cloud architecture for granular access management to a data platform in a highly regulated environment (sensitive data and sovereignty constraints). The objective was to control data access based on user nationality, geographical location, and security profile, while respecting compliance and export control constraints.

    The mission involved proposing a technical component for fine-grained data authorization, with federated authentication already in place but without a contextual authorization mechanism.
    Responsibilities:
    •Gathering and analyzing project-related documents
    •Identifying and scoping the mission's perimeter
    •Collaborating with IAM, Data Platform, and Cloud teams to align federated authentication mechanisms with authorization mechanisms
    •Analyzing the existing authentication architecture based on identity federation
    •Exploring contextual authorization models combining identity attributes (nationality, profile), data metadata (tags), and geographical location constraints to meet sovereignty and export control requirements.
    •Identifying the limitations of traditional S3 policies for complex contextual rules.
    •Studying native AWS capabilities (IAM, S3 policies, Lake Formation, Datazone) for granular data access management.
    •Designing a target architecture based on AWS Lake Formation for centralized application of access policies on S3, Redshift, and EMR, with permission propagation to analytical services (SageMaker notebooks, Spark jobs, SQL engines).
    •Proposing hybrid solutions integrating on-premise data governance tools for tagging and classification of sensitive data, in line with the overall data governance strategy.
    AWS IAM Information System Architecture Cloud Architect Principle of Least Privilege Database Administration
  • GRDF
    CYBERSECURITY CONSULTANT - ISP | GRC | VULNERABILITY MANAGEMENT | CLOUD SECURITY
    ENERGY AND UTILITIES
    July 2023 - March 2024 (8 months)
    Paris, France
    Context: Engagement within GRDF's Application Security team to embed security into projects from the design phase (Security By Design). Facing the digitalization of the group's activities, several solutions/applications are deployed within GRDF's IT department. Cybersecurity is involved from the project's inception to ensure that deployed products/solutions comply with GRDF's security policy and cybersecurity best practices.

    Responsibilities:
    •Integration of Security in Projects (ISP)
    For any new project/solution/infrastructure to be deployed on the IS:
    - Analysis of needs and cybersecurity-related challenges
    - Audit and identification of vulnerabilities related to the project context
    - Risk analysis and assessment based on an internal methodology
    - Analysis and identification of security flaws in the application architecture (Design Review)
    - Definition of an action plan / Master plan for implementing security for each phase of the application development lifecycle.
    - Drafting the final opinion of the Cybersecurity team, including requirements to be implemented before production.
    •Analysis of Security Assurance Plans (PAS)
    •Management of network access requests / Flux validation committee
    •Management of requests for derogation from Cybersecurity best practices
    •Vulnerability Management
    •Technical referent for Cloud topics
    Risk Analysis Risk Mapping Risk Management Cybersecurity Web Application

Recommendations

Be the first to recommend Megane

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Cybersecurity Engineer
    University of Technology of Troyes

Certifications

  • SC-100: Microsoft Cybersecurity Architect
    Microsoft
    2023
  • AZ-500: Microsoft Certified Azure Security Engineer Associate
    Microsoft
    2022

Skill set

Categories