Freelancer profile translated to English.

Description

Cybersecurity Project Manager - 10 years of experience.

WAF, DLP WEB/ENDPOINT/NETWORK specialist, IAM.

4 years of experience in IT audit (PwC and BNPP General Inspection)

6 years of experience in CyberSec consulting: IT Continuity, Risk Management, ISP, WAF, DLP, IAM, project management, compliance, LoD2, GDPR, Securing accounting applications.

Recommendation visible on my LinkedIn:

Industry field of expertise

Languages

English
Fluent
French
Native or bilingual

Workplace preferences

Can work on-site

Paris 9e Arrondissement (up to 30km)

Société Générale
IT Security Project Manager
BANKING AND INSURANCE
November 2021 - January 2025 (3 years and 2 months)
Rueil-Malmaison, France
1. Project to obtain a Banking License:

Diagnosis and planning: Identification of gaps with ECB requirements, scoping and retroplanning.
Project management: 2-year management with regular reporting to sponsors (Global CISO, CIO, COO).
Key workshops: Outsourcing of logs (business/infra) to a SIEM, Immutable backup, implementation of an ISP process, deployment of a WAF, management of unique IDs for Ayvens employees, encryption of data at rest/in transit.

2. WAF Management

Explanation and support for internet-facing application managers for registration, certificate installation and DNS modification. Facilitation of monthly committees with local CISOs to monitor assets (protected apps, expired certificates). Implementation of on-prem FW rules restricting access to the WAF IP range. Creation of a public/private IP mapping to identify uncovered apps. Migration to a new generation WAF.

3. Compliance of Accounting Applications:

Monitoring and reporting: Management of the compliance of 35 Ayvens WW accounting applications. Reporting to Senior Management (SocGen and Ayvens) and validation of Risk Acceptance Forms by the CFO in case of discrepancies.
Support: Organization of workshops with application owners/managers to present security measures and support them in their implementation.

4. Data Loss Prevention (DLP):

DLP Management: Management of tools (mail, web, endpoints). Level 2 alert processing after escalation to the Global CISO for headquarters.
Projects: Version upgrade, web DLP implementation with infra teams, facilitation of monthly committees with CISOs to present the backlog and track actions.
Global impact: Align Ayvens WW security and compliance with regulatory and strategic standards.
Project Management Technical Project Management DLP WAF Identity and Access Management (IAM) SIEM
SYNETIS
Cyber Security Manager (Permanent)
CONSULTING AND AUDITS
September 2020 - October 2021 (1 year and 1 month)
Paris, France
Audit Security Integration in Projects, IT continuity and BIA Audit, risk analysis (EBIOS RM), Cyber risk awareness, security policy writing, team management,
IT Security Risk Analysis ISO 27001 Project Management Audit Team Management Cybersecurity
BNP Paribas Corporate and Investment Banking
IT Continuity Officer (Permanent)
BANKING AND INSURANCE
June 2018 - September 2020 (2 years and 3 months)
Paris, France
▪ Responsible for compliance with BNPP Group rules on IT continuity
▪ ICO of the BNPP treasury entity and entities in charge of cross-functional functions
▪ PMO for the implementation of recommendations following audits by the EBE (European Banking Authority) and the General Inspection
of the Group
▪ PMO for a "recovery from scratch" project deployed on the most critical IT assets of an entity
▪ During the projects of the entities for which I was responsible, I was responsible for implementing a continuity architecture allowing to
meet the needs expressed by the business
▪ Organization and coordination of datacenter failover tests in Madrid and Paris
▪ IT Continuity team interface with audits (CaC, IG and permanent internal control)
▪ Monitoring and consolidation of the requirements of the main global regulators (ECB, MAS, HKMA, FDIC) on IT continuity
Cybersecurity IT Security Consulting Project Management