Freelancer profile translated to English.

Description

Looking to strengthen your cybersecurity governance, obtain ISO 27001 certification, or structure your risk management? I help organizations, executives, CIOs, and CISOs transform security into a lever of trust and performance to support strategic and business objectives.

What I bring you concretely:

Part-time CISO: governance and management of your IT security adapted to your budget and objectives.
ISO 27001: from maturity audit to certification: GAP analysis, ISMS implementation, audit preparation, Lead Implementer support.
GRC — Governance, Risk & Compliance :structuring or redesigning your GRC framework. Cyber mapping, policies, KPI & reporting management, regulatory compliance (NIS2, EU AI act) and alignment of security strategy / business strategy.
IT Security, Cyber & AI Maturity Audit: independent assessment of your compliance and risk level with a prioritized roadmap.
Training & Awareness: CISSP certification preparation, fundamental cyber awareness, AI agent security and AI governance. A program tailored to your security objectives.
Risk Analysis & Security Policies :design and management of risks adapted to your business context.

Understand why policies are fundamental, which ones, and how to adapt them to your organization.

My added value:

With over 20 years of experience in Information Systems, specializing in Information System Security and Cybersecurity for 12 years.

Certified ISO 27001 Lead Implementer, CISSP, official ISC2 CISSP and AI agent security trainer.

My transversal vision of business, operational, and technical challenges allows me to support you from governance to the operational deployment of security solutions adapted to internal and external contexts.

Industry field of expertise

Languages

French
Native or bilingual
English
Fluent
Spanish
Native or bilingual

Workplace preferences

Can work on-site

Perpignan (up to 50km), Toulouse (up to 10km), Marseille (up to 10km), Paris (up to 10km), Barcelone (up to 30km)

Freelance
GRC & Cybersecurity Consultant
April 2024 - Today (2 years and 2 months)
During my GRC, IS Security & Cybersecurity missions, I support companies in their strategic and business requirements by:
Supporting ISO 27001 certification: Implementation and maintenance of the ISMS and Annex A security measures (policies & procedures, threat management, asset management, access management, supplier management, application of least privilege principles, need to know, etc.)
Part-time CISO support
Risk analysis according to EBIOS RM
Compliance gap analysis with ISO 27001, NIS 2
Incident management: BCP / BIA / DRP / Test simulation
IS Security & Cybersecurity support: Maturity audit, Security by design, Zero trust, IAM with Microsoft Entra, EDR/XDR, Data Loss Prevention (DLP), Threat modeling, SDLC.
AI: Governance (ISO 42001), policies, usage, and security of AI agents.
Zero Trust ISO 27001 Cybersecurity EBIOS RM AI Security
ICS
CISO
TELECOMMUNICATIONS
December 2021 - December 2023 (2 years)
Perpignan, France
As CISO, my missions were of 2 types:
1-) Governance in security => ISMS implementation, risk analysis, writing of the IS Policy and policies required for ISO 27001 certification, awareness of ISMS and cybersecurity risks.
2-) Operational => Study, management, and participation in projects: Network security, identity management, endpoint security (EDR, MDM).
COOPERATIVE
CIO
AGRICULTURE
September 2019 - November 2021 (2 years and 2 months)
Perpignan, France
IT Department and CISO Management.
Governance, risk, and compliance.
Carried out a complete IT system overhaul project => Study, design, and management of the implementation of a new infrastructure (Network, Servers, Storage, Backup, Virtualization, ERP...) by applying ISO 27001 / 27002 security measures.
Wrote IS Security policies.