You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Safa ElmernissiSE

Safa Elmernissi

Governance, Risk, and Cyber Compliance Specialist

€800/day
Paris, FR
8-15 years
Financial Risk Quantification
NIS2
ISO 27001 Lead Auditor
ISO 27001 Lead Implementer
ISO 27005

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Safa

Cybersecurity specialist with 8 years of experience, I assist companies in managing their risks and ensuring compliance with regulatory and operational challenges.

My expertise covers NIS2 compliance, risk management, the implementation and improvement of ISO 27001 ISMS, and the monitoring of security performance indicators.

I work with a pragmatic approach: transforming complex requirements into concrete actions, adapted to the maturity level of each organization. My goal is not just to "check the boxes," but to create security that is useful, sustainable, and aligned with business needs.

Rigorous, results-oriented, and attentive, I can work effectively with both technical teams and management to advance projects.

🔹 NIS2 Compliance
🔹 Risk Analysis & Management
🔹 ISO 27001 / ISO 27004
🔹 IS Security Governance
🔹 Audits & Action Plans
🔹 Team Awareness & Support

Looking for a reliable, structured profile that can add value quickly? Let's discuss your needs.
Consulting and Audits

  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Paris (up to 50km)

Experience

  • Colas Digital Solutions
    Cybersecurity Governance Officer
    CIVIL ENGINEERING
    June 2025 - Today (1 year)
    - Drafting of the technical vulnerability management process
    - Cybersecurity risk analysis (ISO 27005 & EBIOS RM)
    - Financial quantification of critical business processes
    - Monitoring changes in legal constraints to which the group is subject and their impact on cybersecurity policies and directives
    - Tracking the integration of governance and cybersecurity directives, particularly NIS-2, within companies acquired by the Colas group.
    ISO 27001 NIS2 ISO 27005 Risk Quantification Risk Management
  • C2S Bouygues
    Cybersecurity Governance, Risks, and Compliance Engineer
    May 2023 - July 2025 (2 years and 2 months)
    92130 Issy-les-Moulineaux, France
    • Production of IAM & PAM guidelines
    • Management and monitoring of IAM & PAM compliance
    • Implementation of the risk management methodology
    • Mapping of technical risks and business process risks for Colas.
  • Capgemini
    Cybersecurity Governance and Strategy Consultant
    November 2020 - April 2023 (2 years and 5 months)
    92130 Issy-les-Moulineaux, France
    • Cybersecurity watch (on new vulnerabilities) for a Capgemini client
    • Remediation monitoring
    • Risk analysis (ISO 27005)
    • Participation in the PSA industrial network security project
    • Management of short control projects at DMZ level
    • Change management responsibility
    • Incident management participation
    • Metrology (using Infovista tool): Implementation and monitoring of security indicators.
Check out Safa's experience

Recommendations

Be the first to recommend Safa

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Lead Auditor ISO 27001 Egerie Risk Manager V3
    PECB
    Lead Implementer &Auditor ISO/CEI 27001 Egerie Risk Manager V3
  • Master 2 (M2)
    Université Pierre et Marie Curie
    2017
    Master 2 (M2)
Check out Safa's education

Categories