Freelancer profile translated to English.
Back to original languageAbout Rida
Cybersecurity and digital transformation expert, I leverage over a decade of experience to secure and strengthen the resilience of your information systems. My goal: to make your digital environment a fortress, capable of anticipating and countering cyber threats while supporting your business ambitions.
With in-depth expertise in risk management, I excel in applying ISO 27005 and EBIOS Risk Manager methodologies to identify, prioritize, and address vulnerabilities. My tailor-made strategies, perfectly aligned with regulatory requirements (GDPR, NIS2), protect your critical assets and ensure business continuity.
Specializing in offensive security, I conduct advanced penetration tests on web applications, APIs, mobile environments, and cloud infrastructures. By rigorously exploiting the OWASP Top 10 and CWE/SANS Top 25 frameworks, and by developing custom tools in Python, Bash, and PowerShell, I automate vulnerability analysis to ensure optimal responsiveness to attacks.
As a natural leader, I manage cross-functional projects by integrating best DevSecOps practices into your CI/CD pipelines. My ability to simplify complex technical concepts and train your teams fosters a sustainable and collaborative security culture, essential in an ever-evolving digital landscape.
Always staying updated on emerging threats – including those related to artificial intelligence – I propose innovative solutions to anticipate tomorrow's risks. Together, we will build a robust and agile digital infrastructure, ready to meet the challenges of the cyber-revolution.
Your security is my priority: let's turn your digital challenges into a strategic and lasting success.
French
Native or bilingual
English
Fluent
Spanish
Conversational
Can work on-site
Paris (up to 50km)
Experience
- SecureHorizonPresident / Cybersecurity ExpertCONSULTING AND AUDITSJanuary 2024 - Today (2 years and 5 months)Paris, FranceEvaluation of corporate network security:Mission: Conduct a comprehensive penetration test on a company's network to identify vulnerabilities and weaknesses.Objectives:Map the network infrastructure.Identify potential security flaws, such as open ports, misconfigured services, etc.Exploit vulnerabilities to assess the actual security level.Deliverables:Detailed report of discovered vulnerabilities with recommendations for remediation.Presentation of results to the cyber governance team for corrective actions.Evaluation of compliance with security standards:Mission: Perform a compliance audit against security standards (ISO 27001, PCI DSS, etc.) for a company.Objectives:Review existing security policies, procedures, and practices.Verify if the company meets regulatory requirements and security best practices.Identify compliance gaps and potential risks.Deliverables:Detailed audit report including findings, non-conformities, and recommendations for compliance.Action plan to address identified gaps and improve overall compliance.Evaluation of critical web application security:Mission: Conduct an in-depth security test on a web application used for critical operations.Objectives:Identify security flaws such as SQL injections, XSS vulnerabilities, etc.Assess the robustness of authentication and authorization mechanisms.Test the application's resistance to denial-of-service attacks and other common attacks.Deliverables:Detailed report of discovered vulnerabilities with proof of exploitation.Recommendations to strengthen application security, including code and infrastructure adjustments.Evaluation of hybrid cloud security posture:Mission: Assess the security of a hybrid cloud environment used by a company.Objectives:Review cloud security configurations, including access and privacy policies.Evaluate resilience to attacks such as phishing attempts and brute-force attacks.Verify compliance with cloud-specific security standards.Deliverables:Security posture assessment report, highlighting the strengths and weaknesses of the cloud environment.Recommendations to improve security and compliance, including configuration adjustments and staff training.
- Adviso PartnersCybersecurity Governance ManagerBANKING AND INSURANCEOctober 2022 - November 2023 (1 year and 2 months)Paris, FranceSSI AuditPentestGovernance (ISO 22301, 27001, 27005, EBIOS RM)
- AIGLE INTERNATIONALSystems, Networks & Cloud AdministratorFASHION AND COSMETICSMarch 2020 - August 2022 (2 years and 5 months)Management of the entire network, evolution, maintenance, SI security
Recommendations
Be the first to recommend Rida
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Digital Security ExpertESD ACADEMY2023OFFENSIF: Lead Pentester, Techniques de Hacking avancées, python pour les tests d'intrusion, Wargame. Défensif:Cyberdéfense (hardening /mécanisme défense) SOC (Security Operation Center) Réponse à incident: Investigation numérique, Analyse de Malwares. RGPD/juridique Juridique pour la CyberSecurité (RGPD) Gestions des risques SI (27005) Intégration SMSI (27001) Plan de continuité (22301) DevOps Security Manager Veille SSI
- Systems, Networks & Cloud AdministratorAston Ecole2022
Certifications
- ISO 27001 LEAD IMPLEMENTERPECB2025