Freelancer profile translated to English.

Description

My responsibility as a cybersecurity consultant focuses on governance, risk management, and compliance (GRC). I ensure the security and approval of information systems for BMNs (Business Managed Network) projects, playing a key role in developing defense strategies and ensuring compliance with security standards.

My role also extends to cybersecurity training, where I develop and enhance participants' skills to face cyber threats. Close collaboration with IT teams and the CIO is essential for deploying secure platforms and ensuring the operational resilience of systems. Together, we work towards better preparedness and effective response to security incidents.

Languages

French
Native or bilingual

Workplace preferences

Can work on-site

Paris (up to 50km)

SASU
Independent Consultant
September 2024 - Today (1 year and 9 months)
🔒 𝗠𝗶𝘀𝘀𝗶𝗼𝗻 : 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗧𝗿𝗮𝗶𝗻𝗲𝗿
🚀 𝗢𝗯𝗷𝗲𝗰𝘁𝗶𝘃𝗲𝘀 : 𝗧𝗿𝗮𝗶𝗻 𝗮𝗻𝗱 𝗿𝗮𝗶𝘀𝗲 𝗮𝘄𝗮𝗿𝗲𝗻𝗲𝘀𝘀 𝗼𝗻 𝗰𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗶𝘀𝘀𝘂𝗲𝘀 𝗮𝗻𝗱 𝘁𝗲𝗰𝗵𝗻𝗼𝗹𝗼𝗴𝗶𝗰𝗮𝗹 𝘁𝗼𝗼𝗹𝘀 𝘁𝗼 𝗲𝗻𝗵𝗮𝗻𝗰𝗲 𝗽𝗮𝗿𝘁𝗶𝗰𝗶𝗽𝗮𝗻𝘁𝘀' 𝘀𝗸𝗶𝗹𝗹𝘀.

🌟 𝗞𝗲𝘆 𝗣𝗼𝗶𝗻𝘁𝘀 :
🌐 Understanding cyber threats and vulnerabilities.
🎯 Attack strategies and incident response.
🛡 Cybersecurity standards, frameworks, and legal frameworks.
📊 Risk management and security best practices.
Thalès
Project Security Officer (RSP) – BMNs (Business Managed Network) Approval
July 2024 - December 2024 (5 months)
Paris, France
🎯 𝗠𝗶𝘀𝘀𝗶𝗼𝗻 (𝗧𝗵𝗮𝗹𝗲𝘀) : 𝗚𝗥𝗖 𝗚𝗼𝘃𝗲𝗿𝗻𝗮𝗻𝗰𝗲 𝗖𝗼𝗻𝘀𝘂𝗹𝘁𝗮𝗻𝘁 – 𝗔𝗽𝗽𝗿𝗼𝘃𝗮𝗹 𝗣𝗿𝗲𝗽𝗮𝗿𝗮𝘁𝗶𝗼𝗻

I ensure the consideration of information system security (SSI) on BMN projects (Cloud, Secure Gateway, software development and testing platform...). I guarantee compliance with security requirements, interfacing with the CIO for project deployment while managing business evolutions. I also carry out risk analysis management and the approval process.

🔒 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝗼𝗳 𝘁𝗵𝗲 𝗮𝗽𝗽𝗿𝗼𝘃𝗮𝗹 𝗽𝗿𝗼𝗰𝗲𝘀𝘀 : Development of the Approval Strategy (SH), preparation of the Approval Dossier (DICT, mappings, scoping note, compliance matrix, PES procedures, PACS) and management of residual risks.
📊 𝗠𝗮𝗽𝗽𝗶𝗻𝗴𝘀 : Management of system mapping achievements (logical mapping, business use cases, flow matrix) to precisely define the scope to be approved.
⚠️ 𝗥𝗶𝘀𝗸 𝗔𝗻𝗮𝗹𝘆𝘀𝗲𝘀 : performance of risk analyses using the EBIOS RM method, and the residual risk sheet.
🔍 𝗖𝗼𝗻𝘁𝗶𝗻𝘂𝗼𝘂𝘀 𝗜𝗺𝗽𝗿𝗼𝘃𝗲𝗺𝗲𝗻𝘁 : Integration of recommendations into the PACS for continuous remediation.
🗂️ 𝗣𝗿𝗲𝗽𝗮𝗿𝗮𝘁𝗶𝗼𝗻 𝗼𝗳 𝘁𝗵𝗲 𝗔𝗽𝗽𝗿𝗼𝘃𝗮𝗹 𝗖𝗼𝗺𝗺𝗶𝘁𝘁𝗲𝗲 (𝗖𝗼𝗛) : Preparation of necessary documentation and validation of compliance with regulatory requirements (PSSI).
✅ 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 𝗺𝗮𝘁𝗿𝗶𝘅 : Monitoring compliance with regulatory requirements through a dedicated matrix.
Kalis Consulting
Cybersecurity Project Manager - E-Commerce Platform Security and Certification
September 2023 - June 2024 (9 months)
Paris, France
🎯 𝗠𝗶𝘀𝘀𝗶𝗼𝗻 (𝗞𝗮𝗹𝗶𝘀 𝗖𝗼𝗻𝘀𝘂𝗹𝘁𝗶𝗻𝗴) : 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗣𝗿𝗼𝗷𝗲𝗰𝘁 𝗠𝗮𝗻𝗮𝗴𝗲𝗿 – 𝗜𝗦𝗢 𝟮𝟳𝟬𝟬𝟭 𝗖𝗲𝗿𝘁𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗣𝗿𝗲𝗽𝗮𝗿𝗮𝘁𝗶𝗼𝗻

As a Cybersecurity Project Manager, I coordinated several multidisciplinary teams to prepare for ISO 27001 certification, ensuring smooth collaboration between stakeholders (IT teams, CIO, and security experts).

🔒 𝗖𝗼𝗼𝗿𝗱𝗶𝗻𝗮𝘁𝗶𝗼𝗻 𝗮𝗻𝗱 𝗟𝗲𝗮𝗱𝗲𝗿𝘀𝗵𝗶𝗽
🤝 Management of multidisciplinary teams: IT, CIO, and security experts.
💡 Workshop organization: Assessment of security specification maturity.

⚠️ 𝗚𝗮𝗽 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝗮𝗻𝗱 𝗥𝗲𝗺𝗲𝗱𝗶𝗮𝘁𝗶𝗼𝗻
📋 Gap analysis: Identification of ISO 27001 non-conformities.
✅ Action plans: Steering remediation within deadlines and certification standards.

🛡️ 𝗥𝗶𝘀𝗸 𝗔𝗻𝗮𝗹𝘆𝘀𝗲𝘀
🔍 Vulnerability identification: Use of certified methodologies ISO 27005:2022 and EBIOS RM 1.5.
📄 Risk Treatment Plan (RTP): Definition and implementation of measures.

📊 𝗠𝗼𝗻𝗶𝘁𝗼𝗿𝗶𝗻𝗴 𝗮𝗻𝗱 𝗥𝗲𝗽𝗼𝗿𝘁𝗶𝗻𝗴
📈 KPI monitoring: Structured reporting of progress and adjustment of priorities based on audit results.
📝 Documentation: Production of detailed reports for stakeholders.

📚 𝗔𝘄𝗮𝗿𝗲𝗻𝗲𝘀𝘀 𝗮𝗻𝗱 𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴
🎓 Session facilitation: Strengthening security culture and preparing teams for certification requirements.