You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Romain PignardRP

Romain Pignard

Expert GRC NIS2 | CISSP, CISM

€650/day
Paris, FR
8-15 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Romain

Are you looking for a partner to manage your governance, risk, and compliance (GRC) challenges with a pragmatic and results-oriented approach?
With over 10 years of experience in demanding environments (international banks, payments, defense), I can assist you with:
✅ Securing your infrastructures: Compliance with PCI-DSS 4.0, NIST CSF, LPM, and GDPR, with rigorous monitoring of action plans and compliance evidence.
✅ Automating your processes: Optimization of vulnerability management (Qualys, ServiceNow) and reporting (PowerBI, Power Automate) to improve responsiveness and visibility.
✅ Strengthening your cybersecurity posture: Deployment of security policies, continuous controls, and support for operational teams in France and internationally.
✅ Simplifying your governance: Management of steering committees, alert escalation, and preparation of maturity reports for informed decision-making.
Why choose me?

Dual technical and business expertise: Former security manager at Worldline (payments) and consultant for BNP Paribas (risk & finance).
Recognized certifications: CISSP, CISM, CCSP, ISO 27001 LI – guaranteeing an approach aligned with best practices.
Bilingual French/English: Experience in international contexts (studies in the US, assignments abroad).
Tailored approach: Adaptation to the specific challenges of banks, fintechs, and defense sector players.
Available for on-site (Paris, Lille) or remote assignments.
  • French

    Native or bilingual

  • English

    Native or bilingual

Can work on-site
Paris (up to 20km), Lille (up to 20km)

Experience

  • Worldline
    Security Manager
    BANKING AND INSURANCE
    May 2022 - Today (4 years and 2 months)
    Lille, France
    Security support for InPersonPayment France (AXIS) teams:
    — PCI-DSS 3.2/4.0 compliance and follow-up of improvement plans
    — Definition of security procedures following the migration to the Worldline internal cloud platform
    — Execution of continuous controls
    Formalization and automation of internal and external vulnerability management for the Merchant Services BU (15 countries)
    Optimization of PowerBI reporting in conjunction with the Merchant Services second line of defense
    Vulnerability Management Power Automate PowerBI RSA Archer Qualys ServiceNow PCI DSS Internal Control Identity and Access Management (IAM) Security Policy
  • SQUAD pour BNP Paribas
    Cybersecurity Consultant
    BANKING AND INSURANCE
    March 2020 - May 2022 (2 years and 2 months)
    Paris, France
    Cybersecurity PMO at ITG-FRESH, IT department for Risk and Finance functions of the BNP Paribas Group
    ❍ Implementation of the NIST Cybersecurity Framework:
    — Deployment of requirements to operational teams in France and internationally
    — Monitoring of action plans and alert escalation through program steering committees
    — Collection of evidence of cybersecurity measures implementation in Service Now
    — Execution of bi-monthly reporting and preparation of maturity reports
    ❍ Management of cybersecurity continuous controls
    NIST CSF ServiceNow Service Now Sailpoint Committee Management Steering Committee Reporting
  • BPCE Infogérance & Technologies
    Cybersecurity Engineer
    BANKING AND INSURANCE
    September 2013 - March 2020 (6 years and 6 months)
    Paris, France
    Activity Manager "Audit Follow-up and Recommendations" (2017-2020)
    ❍ Follow-up of IS security recommendations from internal (General Inspectorate) and external (BCE) audits: management of action plans and evidence collection
    ❍ Management of PCI-DSS certifications for the Group's data centers and payment systems for BPCE-IT
    Activity Manager "IS Security Policy" (2013-2017)
    ❍ Compliance measures with PSSI and LPM 2014-2019 (Art. 22), follow-up of remediation actions
    ❍ Update of the PSSI with the IS Security Managers of the BPCE Group
    RSA Archer PCI DSS PCIDSS LPM Security Policy Audit Physical Security Action Plan BCE Bank Risk Management

Recommendations

Gassen OthmanGO
Abdellah ElgourainAE
Gassen Othman and 1 other person have recommended Romain

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Master 2 Information Systems Security
    University of Rouen
    2013
  • Master of Science - Electrical and Computer Engineering
    Georgia Institute of Technology
    2012

Certifications

Skill set

Categories