Freelancer profile translated to English.
Back to original languageAbout Nadège
Independent Information Security Officer (RSSI) expert, certified ISO 27001, ISO 27005, and HDS, with over 18 years of experience in cybersecurity, including 10 years as an RSSI in the healthcare sector.
I currently support mainly IT companies' RSSIs and CIOs (software vendors, hosting providers, etc.) and those in the healthcare sector (healthcare facilities, laboratories, etc.) on organizational, regulatory, and human aspects of cybersecurity.
My services:
- Support for ISO 27001 and HDS compliance and certification;
- ISO 27001 and HDS internal audits;
- Structuring and drafting SSI / ISMS documentation;
- RSSI support (NIS 2, governance, risk management, compliance, documentation, awareness, ...)
- Training (RSSI role, RSSI soft skills, ISO 27001, cybersecurity fundamentals, ...)
My approach is pragmatic, concise, and human-centered.
Do you have an ISO 27001, HDS, NIS 2, or internal audit project? Let's discuss it 😊
French
Native or bilingual
Can work on-site
Nantes (up to 50km)
Experience
- SARL NA2CYBRSSI Expert - CEO NA2CYBCONSULTING AND AUDITSNovember 2023 - Today (2 years and 7 months)Nantes, FranceLatest missions/services performed:• Performed an ISO 27001 internal audit for a software editor/integrator/hosting provider• Supported a CIO/RSSI towards their first ISO 27001 certification (achieved!)• Drafted an ISSP for a web hosting provider• Performed a risk analysis for a software editor• Drafted an ISSP, a DRP, and a Data Protection Policy for a sensitive software editor
- Assurance Maladie de Loire-Atlantique (CPAM)Information Security System Manager (RSSI)March 2013 - April 2023 (10 years and 1 month)Nantes, FranceAs Head of Information Security Systems (SSI), I was responsible for the local implementation of the Assurance Maladie's ISSP. My main missions were:- Managing the Assurance Maladie's local ISSP, including monitoring indicators and ensuring compliance;- Coordinating local stakeholders involved in implementing security measures (IT/Logistics/HR Manager, DPO, RPCA, technical experts, ...);- Advising and alerting management on SSI issues- Implementing security measures incumbent on the RSSI, particularly:
- Drafting SSI documentation,
- Raising employee awareness of SSI,
- Performing SSI risk analysis on projects in collaboration with the DPO (integrating security into projects, HDS requirements),
- Reviewing authorizations in accordance with national requirements (reviewing administrator access, access to sensitive applications, ...)
- Conducting internal audits
- Maintaining and monitoring SSI incident/personal data breach dashboards
- DGA - Direction générale de l'armementCryptographic Architecture EngineerSeptember 2007 - March 2013 (5 years and 6 months)Rennes, FranceWorking directly with government agencies and armament industry manufacturers, I worked on:
- Specifications for cryptographic equipment (drafting tender documents);
- Analysis of cryptographic equipment architectures (documentary reviews, participation in project meetings);
- Expertise in cryptographic key management within projects (advice/capitalization/monitoring);
- Monitoring the development of cryptographic equipment (monitoring industrial work: documentary analysis, project reviews).
Recommendations
Be the first to recommend Nadège
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master of Science in Information Systems SecurityUniversity of Rennes 12007Master Sécurité des Systèmes d'Informations
- Master of Science in Cryptology and Computer SecurityUniversity of Bordeaux 12006Master Cryptologie et Sécurité informatique
Certifications
- ISO 27001 LEAD ImplementerSkills4All - BestCertifs2024
- ISO 27001 Lead AuditorSkills4All - BestCertifs2024