You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Sébastien DupontSD

Sébastien Dupont

Information Security Officer

€1,000/day
Paris, FR
15+ years
Governance, Risk, and Compliance
Information Security Officer Role
Support for Security Policy Implementation
Security By Design

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Sébastien

I support digital projects and organizations through adapted approaches, Key Accounts & Mid-sized Companies: Security By Design, Approval, CISO role, ISO compliance, NIS2, DORA,...

I have supported nearly 400 projects in Security Integration in Projects (ISP), including 2 major state projects with a €1 billion IT budget.

My preferred environments are:
. Organizational (Governance, Risk, Compliance),
. Technical (Cloud, eCommerce, Active Directory, ...),
. Operational (EDR/SIEM/SOC/VOC/Bastion/IAM/WAF/MCS/ BUILD-RUN, ...),
. Contractual (cyber clauses, Cybersecurity Assurance Plan, ...) and Legal (GDPR).

I carry out missions as a consultant and/or interim CISO in various environments. My skills are ISO27001 certified (ISMS, PDCA, Management Cyber Committee, Roles of each, BUILD/RUN).

Meeting a client's expectations is a source of satisfaction. The uniqueness of my approach lies in providing the requested service (e.g., a deliverable) in the short term while offering tools and approaches aimed at organizing and maturing the organization in the medium term. I advocate for the use of effective cybersecurity measures (audits, indicators, ...) as they efficiently provide visibility and define roadmaps.

My experience allows for significant time savings in cybersecurity implementation. The cybersecurity maturity of an organization is a collective project. If needed, I can call upon a network of operational cyber experts for specific technologies.

I use recognized frameworks developed by collectives working to structure the cybersecurity profession (CLUSIF, ANSSI, CESIN, NIST2, ...).

I like this saying borrowed from the companions: 'Every word received that you have not passed on is a stolen word'.

Discovering a new environment, a new business sector is a pleasure.

  • French

    Native or bilingual

Can work on-site
Paris (up to 50km)

Experience

  • Cyber4U
    Shared CISO at Cyber4U Center
    DIGITAL AND IT
    September 2020 - Today (5 years and 9 months)
    ▪ Creation of the Cyber Department of a JV between BPCE and BNPP for the launch of a new payment offer (Estreem)
    ▪ Creation, development, management, and execution of the CISO service offering
    ▪ Part-time CISO for several entities
    ▪ Co-creation and development of the managed service offering for Operational Security & SOC
    ▪ Management of the Cyber Action Plan, including an SIEM/SOC L1/L2 with India.
    ▪ Cyber crisis management (Darkside ransomware crisis)
    ▪ Management of crisis exercises and Cyber Crisis Management Policy
    ▪ Creation of operational Cyber dashboards for management
    ▪ Drafting of security frameworks (policy, directive, charter, ...)
    ▪ Conducted 12 audits of ISMS technical processes
    ▪ Renewal of ISO27001 certification
    ▪ Management of the annual Management Review for the ISO27001 certified ISMS
    ▪ Management of IS security budgets (forecasting)
    ▪ Employee awareness through committees, micro-learning & Phishing.
    ▪ Preparation and facilitation of dozens of Management Security Committees
    ▪ Management of Security By Design for nearly 100 projects and applications (Cloud)
    ▪ Creation of the Security By Design & Third Party Training Kit
    ▪ Design of a backup robustness audit
    ▪ Creation of a methodological tool for risk-based management of the "Move to Cloud"
    ▪ Change management for the implementation of new Cyber processes, ...
    ▪ Creation of a Cyber service offering for subsidiaries of a CAC40 insurance group
    Cloud Security CISO Security by design
  • EUROP ASSISTANCE
    CISO/eCommerce CISO
    September 2018 - September 2020 (2 years)
    Île-de-France, France
    ● Security Dashboard & Quarterly Board (CEO, COO, CIO)
    ● Security By Design (50 project reviews) / Cloud
    ● Creation of the operational security service (SOC, SIEM/ELK, WAF, Patching, Bastion, AD Hardening, ...)
    ● Security process ISO27K & NIST and awareness (On-Boarding and all)
    ● Actions plan: GENERALI Group audit, Pentest, GDPR, Security incident management and crisis
  • CARREFOUR
    eCommerce CISO France, then Generix Group
    July 2016 - June 2018 (1 year and 11 months)
    Île-de-France, France
    ▪ Responsible for integrating security into projects (60 eCommerce projects and websites)
    ▪ Technical and organizational assessments of the Innovation department and e-Commerce sites
    ▪ Creator of the "Security Passport" approach for Privacy & Security By Design (GDPR). Then at a "Supply Chain" subcontractor:
    ▪ 360° evaluation audit, eLearning, management strategy, GDPR compliance, ISMS ISO 27001
Check out Sébastien's experience

Recommendations

Be the first to recommend Sébastien

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • DESS, Information System Security
    Master of Science
    1997
    DESS, Sûreté, Système d'Information

Certifications

  • ISO27001
    LSTI

Skill set

Cloud Security
CISO

Categories