Freelancer profile translated to English.

Description

With several years of experience, I specialize in cybersecurity and defining security policies for all components of the Information System (IS).

My expertise includes designing security solutions (IAM, SecApp, SecEndpoint/EDR, Data Security, Cloud, Vuln. Management SecInfra.) project management, as well as risk analysis and security aspects of projects.

I assist companies in auditing, reviewing, and drafting their Information System Security Policies (PSSI) and requirements/processes. I am also skilled in integrating security into ISP projects, particularly through the implementation of specific processes.

My areas of specialization include the Zero Trust and SASE approach, as well as mastery of security standards and norms such as ISO 27001/5, NIST SP 800-53, CIS, NIST, NIS2, OWASP, IEC 62443, CSA, and MITRE ATT&CK.

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Paris (up to 50km)

H&W
Cyber Security Architect
January 2018 - Today (8 years and 4 months)
Paris, France
GRC Strategy, Roadmap, process implementation (ISP) risk classification analysis, ExCom/Board Indicators.

• Definition of security architecture across various environments (AZURE/AWS Cloud, DC, industrial sites) and multiple domains (Dev/DevOps/S-Sdlc, EndPoint/EDR/NDR, IAM, SIEM/SOC evaluation, PAM privileged access management, Security by Design/ISP, etc.)

• Definition and development of application security architectures solution and strategy.

Conformities, standardizations, security benchmarks, selection of technical security components.

• Audit and consulting on security recommendations defined by the group (flow matrix, Authentications, ANSSI recommendations, etc.)

• Validation of target security policies (flow matrices, segmentation, etc.)

• Management of architecture upgrades. Facilitation at SOR, ARCH Committee, Steering Committee.

• Environment: EDR (Trend Micro, CrowdStrike, SentinelOne) PAM (Wallix, CyberARK)
Vulnerability Management (Rapid7, Tenable), approaches: SAST/DAST/RASP/IAST.
• Several clients in the energy, industry, and operator sectors.
THALES,
Cyber Security Architect
January 2017 - December 2017 (11 months)
Vélizy-Villacoublay, France
Within the RTS Thales service, SecAD.
• Design of security solutions, definition of strategies. GRC/ISP.
• Audit and control of compliance with the security policy.
• Definition of flow matrices per project. Reverse engineering.
• Management and definition of deployment/migration plans.
• Management of vendors, audits, and integrators during the project lifecycle, Steering Committee.
• Participation in SOR decision committees.
• Deliverables, HLD and LLD documents, concise presentations.
• Environment: Cisco, Juniper JunOS, Palo Alto, CheckPoint, Tuffin (secureTrack), InfoBlox, Fortinet.
EraGroup
Cyber Security Architect
January 2016 - November 2016 (10 months)
Paris, France
• Design/Management of security solutions architectures, study and solution department, Eramet group.
• Web Protection: Benchmark, RFI, RFP, solution selection, Hybrid/Cloud proxy for the group, nearly 10,000 users. Security policy and flow categorization.
• Management, Cisco ASA upgrade, design towards a NextGen Security Gateway solution (Firepower).
• Environment: BlueCoat, Zscaler, Check Point, Forcepoint.