You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Ronny M.RM

Ronny M.

Supermalter

ISO 27001, NIS2, DORA, AI ACT Cybersecurity Audit

€720/day
4 projects
Paris, FR
3-7 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Ronny

With 5 years of experience in audit and cybersecurity, I have supported major international groups such as BNP Paribas, Société Générale, Renault Group (Mobilize Financial Services), PwC, and Mazars.

Certified CISA, ISO 27001 Lead Implementer, Security+, and ITIL, I specialize in IT and cybersecurity audits, governance, risk management, and regulatory compliance in demanding environments.

My services include:

  • IT Audit & Cybersecurity Maturity Assessment:NIST CSF, ISO 27001, COBIT, ITGC, AI ACT, NIS2
  • Regulatory Compliance:DORA, GDPR, NIS2
  • ISO 27001 Certification:ISMS implementation (Certified ISO 27001 Lead Implementer)
  • Risk Management & Internal Control:Risk assessments, remediation management
  • IT Project Management & Resilience:Management, coordination, reporting
  • Governance:Policy/procedure implementation, ISMS management, CISO/PMO assistance

What I bring to you:

  • A clear and actionable diagnosis of your security posture.
  • Pragmatic support to reduce your risks and achieve compliance.
  • The ability to work with both your technical teams and your C-level stakeholders.
Looking to strengthen your cybersecurity, prepare for an audit, or achieve ISO 27001 certification?

📥Contact me today for an initial discussion to define your needs.
  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Paris (up to 50km), Bry-sur-Marne (up to 50km)

Experience

  • Bpifrance
    Security Audit Manager
    BANKING AND INSURANCE
    October 2025 - Today (10 months)
    Maisons-Alfort, France
    Client Context: On assignment at Bpifrance

    Mission: Managed security audits in collaboration with agile teams and oversaw remediation plans for Bpifrance.

    Team Size: 7

    Tasks Performed:

    • Managed over 50 security audits(penetration tests and configuration audits on web applications, AI, Cloud infrastructures, CI/CD tools): scoping, coordination of pentester providers, remediation tracking, and reporting to the CISO.
    • Optimized the audit process:reducedoperational workload by 50%through industrialization and workflow automation (build).
    • Vulnerability Management via Hackuity and JIRA:prioritization according to OWASP and CVSS, action plan tracking,KPI-driven management(coverage rate, remediation times, vulnerability distribution by criticality).
    • Key liaison between project teams and pentesters:facilitated security committee meetings and presented results in governance bodies.
    Cybersecurity Project Management Security Audit PenTest Remediation Vulnerability Management
  • Société Générale
    Cybersecurity Expert - NIST Permanent Control
    BANKING AND INSURANCE
    November 2024 - Today (1 year and 9 months)
    Fontenay-sous-Bois, France
    Client Context: On assignment at Société Générale through Squad Conseil et Expertises - mission to enhance cybersecurity maturity for various group entities, notably Ayvens, Assu, and SGEF.

    Mission: Assessed cybersecurity maturity against the NIST framework for the Société Générale Group.

    Team Size: 13-15

    Tasks Performed:

    • Conducted cybersecurity assessments based on NIST controls to measure the compliance and resilience level of entities with C-level stakeholders.
    • Led periodic workshops with over 10 international entities to support them in implementing controls and reviewing associated evidence.
    • Defined a testing process to validate security procedures and execute technical scripts (via PowerShell).
    • Provided consulting and technical support to entities for remediating identified weaknesses.
    • Contributed to enriching the IAM (Identity & Access Management) knowledge base and trained the NIST team on identity management processes.
    • Collaborated closely with technical experts to improve the SG NIST framework.
    • Supported internal audit (IGAD) requirements.

    Results Achieved: Improved cybersecurity posture of assessed entities, enhanced internal team skills, strengthened IAM processes, proactive response to internal audit requirements, and better control over cybersecurity-related risks.
    IAM Cybersecurity NIST CSF Information Security
  • Mobilize Financial Services
    IT and Cybersecurity Auditor
    BANKING AND INSURANCE
    September 2023 - October 2024 (1 year and 1 month)
    Paris, France
    Client Context: Mobilize Financial Services is the financial arm for Renault, Dacia, Alpine, Renault Samsung Motors, and Mobilize brands within Renault Group.

    Mission: Audits for Mobilize Financial Services and its subsidiaries (Slovenia, Germany, Spain, South Korea).

    Team Size: 3-6

    Tasks Performed:

    • Reviewed IT governance processes (strategy, management, internal control...), IT operations (monitoring, asset management...), project management, and cybersecurity (business continuity, incident management...).
    • Assessed the Cyber Risk Governance of the Renault Group during a specific assignment.
    • Diagnosed the compliance of Mobilize Financial Services Group with DORA regulations.
    • Presented audit findings to auditees and COMEX members.
    • Trained new joiners on general IT controls.
    • Implemented an automated reminder tool for actions initiated after audits.

    Results Achieved: Improved IT risk management, reduced exposure to cyber threats, contributed to group compliance (ECB, GDPR, DORA…), productivity gains.
    DORA ISO 27001 Cybersecurity Compliance Resilience

Recommendations

ER
TP
Elisa Raveloson and 1 other person have recommended Ronny

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Master's degree in Management, Audit, and Information Systems Consulting
    Institut Mines-Télécom Business School
    2021
    • Participation à divers cours pratiques autour de la gestion des risques, la sécurité des systèmes d'information et l'audit des systèmes d'information • Conduction d'un projet de conseil de 6 mois avec Accenture visant à améliorer la planification et le respect des délais dans le secteur de la construction
  • Higher National Diploma (BTS) in Commercial Unit Management
    Lycée André Maurois
    Brevet de technicien supérieur (BTS), Management des unités commerciales

Certifications

  • ITIL Foundation
    PeopleCert
    2023
    Incident Management IT Service Management ITSM Change Management SLA Asset Management Vendor Management
  • CISA
    ISACA
    2025
    IT Operations IT Governance Regulatory Compliance IT Audit Information Security Permanent Control IT Risk Management Operations Information Security

Skill set

Categories