Freelancer profile translated to English.
Back to original languageAbout Nanette
Welcome to my Malt profile!
Independent consultant in Governance, Risk & Compliance (GRC)
I assist VSEs, SMEs and liberal professions in structuring their cybersecurity approach and managing their compliance operations: ISO 27001, NIS2, GDPR.
Certifications: ISO 27001 Lead Implementer | ISO 27001 Lead Auditor | PMP® | PECB Certified Trainer
My ISMS & ISO 27001 missions
Internal audit and pre-certification ISO 27001:2022 (clauses 4–10, Annex A)
Writing of PSSI, security policy, and complete ISMS documentation
Risk analysis, threat mapping, and treatment plan
Cybersecurity roadmap management and corrective action tracking
Regulatory compliance
NIS2 support: gap analysis, compliance plan, documentation
GDPR compliance: processing register, impact assessment (PIA)
Preparation for certification audits and client/contractual audits
Project management & governance
End-to-end compliance project management (PMP® methodology)
Structuring of internal processes and security procedures
Executive reporting and decision-maker support
Training & knowledge transfer
Certified PECB trainer (ISO 27001 Lead Implementer / Lead Auditor)
Speaker (project management, cybersecurity)
Design of training materials and cybersecurity awareness sessions
My added value: 10 years of experience in internal audit, document coordination, and project management — including field experience in a certified aeronautical context — to support your compliance efforts.
PSSI, ISO 27001 internal audit, NIS2 support, team training? Contact me to define your needs.
French
Native or bilingual
English
Conversational
Remote only
Primarily works remotely
Experience
- Client ConfidentielISO 27001:2022 Auditor | GRC & Compliance ConsultantSOFTWARE PUBLISHINGJune 2025 - Today (1 year)
- ISO 27001:2022 Pre-certification audit: Validation and finalization of a complete internal audit in preparation for official certification.
- Regulatory compliance: Alignment of audited controls with clauses 4 to 10.2 and all Annex A controls.
- Audit reporting: Structuring and formalization of the audit report according to the chief auditor's requirements (scope, criteria, skills, identities of audited parties).
- Strategic support: Advice and recommendations to optimize preparation for the certification audit.
- ATELIER D’ARCHITECTURE M.R DA COSTACybersecurity Awareness OfficerARCHITECTURE AND URBAN PLANNINGNovember 2023 - May 2024 (6 months)Ivry-sur-Seine, France
- Monitoring of documentary compliance with occasional support for cybersecurity initiatives.
- Contribution to the update of internal procedures by integrating security concepts.
- Support for information management while respecting confidentiality requirements.
- Participation in the dissemination of best practices among teams.
- Congo HandlingOperational Support & ISMS Compliance ConsultantAVIATION AND AEROSPACEMarch 2020 - June 2022 (2 years and 3 months)Brazzaville, Congo - Brazzaville
- Management of support functions by integrating information security principles.
- Standardization of internal materials through a graphic charter compliant with the ISMS.
- Deployment of internal communication aligned with confidentiality requirements.
- Team supervision with continuous awareness of compliance and risks.
Reviews
Ana
Cyber-Flow
Reviewed on 9/1/2025
Nanette delivered quality work on time. I recommend her.
Recommendations
Be the first to recommend Nanette
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Bachelor's Degree in Banking & FinanceIHEM2014
- Associate's Degree in Banking & FinanceIHEM2012
Certifications
- ISO/IEC 27001 Lead ImplementerPECB2025
- ISO/IEC 27001 Lead AuditorMastermind Assurance2025