Reda Gamouh

Over a dozen cybersecurity consulting missions for public and private entities (telecom, insurance, banking, transport/railway). Interventions covering governance, IS security strategy, SOC, SecOps, and business continuity, with a results-oriented and maturity-building approach.

• Interim CISO – Public Sector: definition of the roadmap and IS Security Master Plan, budget management, governance animation. Vulnerability/patching management. Compliance reviews, risk analyses, and formalization of IS security policies.

• SOC Sourcing & Master Plan – Telecom & Public Sector: scope definition, architecture, and target operating model. Definition of SLAs/KPIs and governance. Drafting specifications, contribution to the tender, bid analysis, and implementation management.

• Program Manager – Insurance: management of a multi-project cyber program, structuring of strategic initiatives, proactive identification of risks and mitigation plans. SPOC for governance committees and group stakeholders.

• SecOps Consultant – Transport/Railway: alert management and incident response coordination. EDR migration lead. Vulnerability management. Automation of Power BI dashboards via API integrations.

• Business Continuity & IT Crisis Management – Public Sector: BIA, RTO/RPO definition, resilience assessment, recommendations. Formalization of DRP (data center loss, ransomware) and crisis management plan. Organization and simulation of failover/restoration tests.

• CISO Support & EBIOS – Public Sector: maturity assessment, multi-year roadmap, operational security policies, committee animation, security integration methodology for projects. EBIOS analyses for RGS certification (5 IS).

• Banking: maturity assessment based on NIST CSF/CMMI and 2-year roadmap.

- Development and management of the Business Continuity Plan and the IT Disaster Recovery Plan

- Preparation and facilitation of cyber crisis management exercises.

- IT risk mapping execution

- Support to the Data Protection Officer (DPO) in managing GDPR compliance.