You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Nasr-Eddine A.NA

Nasr-Eddine A.

IT Audit & Risk Management Consultant | Ex-EY/PwC

€720/day
Paris, FR
8-15 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Nasr-Eddine

With over 9 years of experience in audit, risk management, and internal control, I support Audit, Risk, Compliance, and IT departments in strengthening IT and cyber risk management within complex and highly regulated organizations.

Coming from international firms (EY, PwC) and with cross-sector experience, I work on issues related to information systems audit, governance, risk management, and regulatory compliance.

My approach consists of transforming audit findings and risk analyses into concrete actions, enabling sustainable improvement of internal control, security, and governance systems.

I also support organizations in securing their digital transformation projects, by integrating risk and compliance issues from the early stages.

Areas of Intervention

  • IT & Cybersecurity Audit
Information systems audit, IT governance, security, IT operations, and technology projects.

  • IT Risk Assessment & Mapping
Identification and analysis of risks related to applications, infrastructures, IT processes, and transformation projects.

  • IT Internal Control & Control Frameworks (ITGC)
Design, evaluation, and improvement of IT internal control frameworks (1st and 2nd line of defense).

  • Access Management & Segregation of Duties (SoD)
Review and optimization of IAM processes, authorization management, and compliance with security best practices.

  • Transformation Programs & Project Risk Management
Support for digital transformation initiatives to secure processes and anticipate risks.

  • Audit Recommendation Follow-up & Remediation Plans
Management and implementation of action plans to strengthen risk control.

Frameworks: COBIT, NIST, ISO 27001, ITIL
  • French

    Native or bilingual

  • English

    Native or bilingual

Can work on-site
Paris (up to 50km), Marseille (up to 50km), Lille (up to 50km), Bordeaux (up to 50km)

Experience

  • ENGIE
    Internal Control Manager
    ENERGY AND UTILITIES
    April 2026 - Today (4 months)
    Paris, France
    _Acted as second line of defense for IT internal controls, ensuring design, implementation, and effectiveness of ITGCs and application controls in compliance with Group policies and regulatory requirements.
    _Served as primary contact for external auditors (statutory auditors / CACs), coordinating IT audits, evidence collection, walkthroughs, and remediation tracking.
    _Led annual IT internal control self-assessment campaigns across multiple entities, ensuring timely completion and follow-up on control deficiencies and action plans.
    _Managed Segregation of Duties (SoD) framework, including conflict analysis, risk identification, and remediation with IT and business stakeholders.
    _Supported IT risk management activities, including risk assessment, control mapping, and definition of mitigating controls.
    _Produced internal control reporting for senior management, including KPIs, audit results, and remediation progress.
    _Contributed to Continuous Control Monitoring (CCM) initiatives using data analytics to improve control effectiveness and automation.
    Risk Management ITGC ERP Implementation Internal Control Risk Mapping
  • EY
    Manager Internal Audit
    CONSULTING AND AUDITS
    August 2021 - March 2025 (3 years and 7 months)
    Genève, Switzerland
    - Oversee the execution of the internal audit plan, ensuring timely delivery and alignment with global and regional best practices.
    - Develop and implement risk frameworks and policies adaptable to the country regulatory environment.
    - Implement and monitor internal controls, ensuring alignment with company objectives and regional requirements.
    - Collaborate with first and second lines of defense to assess and mitigate risks across operations.
    - Foster a positive risk culture, emphasizing integrity, professionalism, and collaboration.
    - Assisting organizations in the identification and management of information security risks by assessing the current state, prioritizing improvements and conducting projects to reduce risk and improve regulatory compliance.
    - Identifying and managing privacy and data protection risks and compliance requirements, working across our clients' organizations to help meet stakeholder expectations and requirements.
    Internal Audit Risk Management Corporate Strategy IT Strategy Controlling and Performance Management System
  • PwC
    IT Senior Auditor
    CONSULTING AND AUDITS
    September 2018 - July 2021 (2 years and 10 months)
    Paris, France
    - Engaging clients and providing authoritative advice and professionalism throughout transactions.
    - Contribute to the different phases of interventions: from the realization of diagnostic to the elaboration of organizational, functional and technical recommendations.
    - Synthesize information & prepare the audit report.
    - Implement IS transformation project reviews and map IT risks.
    IT Project Management Agile Project Management Change and Transformation Management Internal Audit ERP Implementation

Recommendations

Be the first to recommend Nasr-Eddine

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • MS
    SKEMA Business School
    2018
    MS
  • MA
    Lille Catholic University
    2017
    MA

Skill set

Categories