You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Mongi MahmoudiMM

Mongi Mahmoudi

Cyber Security Consultant, ISMS, GRC, Audit

€600/day
Paris, FR
15+ years
Cybersécurité
Analyse de risques
GRC
DORA
SMSI

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Mongi

Cybersecurity Consultant Engineer, GRC, Information Security Management Systems Auditor, ISO 27001 Lead Auditor, EBIOS Risk Manager, ISO 27005 Risk Manager, ISO 22301 Lead Implementer, DORA Lead Manager...

  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Paris (up to 50km)

Experience

  • Décisiel
    Cybersecurity Consultant
    January 2024 - December 2024 (1 year)
    Paris, France
    Support for the implementation of an ISMS ISO 27001:2022
    • Project management and monitoring with agile iterations;
    • Identification of deliverables and quality review of deliverables, milestones, and project phases;
    • Project risk management: Resources/Budget/Deadlines;
    • Gap analysis and SWOT analysis (Internal and External Issues);
    • Process mapping and data flow diagram (DCP, Sensitive data...);
    • Identification of legal and regulatory requirements (GDPR, NIS 1&2, PI, Digital Vault, ...);
    • Review and integration of security in contracts;
    • Identification of stakeholders and their information security requirements;
    • Inventory of assets and Microsoft Azure cloud infrastructure;
    • Development of the information security policy;
    • Identification of security objectives and associated indicators (KPIs);
    • Design of a risk analysis methodology based on ISO 27005:2022;
    • Risk analysis to integrate vulnerabilities and mitigations into the security architecture;
    • Risk treatment plan and DDA;
    • Support for integrating security principles into ISP projects;
    • Development of internal and external communication plans;
    • Performance monitoring plan: Design of performance indicators (KPIs)
    • Development of security procedures and policies and specific policies
    • Definition of security perimeters and design of security controls and measures;
    • GDPR compliance;
    • Information security awareness;
    • Security in development projects (MFA Authentication, cryptography, key Vault, CI/CD integration security, SCA, SAST, DAST, ...)
    • Internal audit program, management review, and corrective actions;
    • Facilitating meetings with management and the project team;
  • WA IT ADVISORY
    Senior Cybersecurity Consultant
    CONSULTING AND AUDITS
    January 2020 - January 2024 (4 years)
    Tunis, Tunisia
    ISMS implementation according to ISO 27001:2013 & 2022, Internal Audit ISO 27001:2013 & 2022, ISO27005 risk analysis and development of client-specific risk analysis methodologies, BCP 22301, BCP Testing, COBIT/ITIL Governance, SDLC, Development and improvement of audit checklists according to ISO 27001, ISO 27007, and ISO 27008 requirements, Audit report and findings according to ISO 19011 and ISO 27006 standards, GAP Analysis for compliance with laws and DATA PRIVACY requirements (NIST, Local laws, GDPR...)...

Recommendations

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Diplôme d'ingénieur, Informatique
    Faculté des Sciences Mathématiques, Physiques et Naturelles de Tunis
    2002
    Diplôme d'ingénieur, Informatique

Certifications

Mongi's certifications are only visible to Malt Community members

Skill set

ISO 27001
Audit de sécurité
RSSI
Plan de continuité d'activité
Audit SMSI
Conformité RGPD
Gouvernance Cybersécurité
Audit
PCA/PRA
EBIOS RM
ISO27005

Categories