Description

Cybersecurity Consultant with hands-on experience supporting large organizations in critical infrastructure, banking, utilities, and managed security services. I have worked in complex, highly regulated environments including nuclear power (EDF), banking (BNP Paribas Securities Services), water and waste management (Veolia), and MSSP/SOC operations.

My work focuses on cybersecurity governance and operational risk management, covering security policy design and adaptation, risk analysis, IAM, vulnerability and obsolescence management, incident coordination, and compliance activities across multiple entities and stakeholders. I regularly act as a bridge between security teams, IT, business, and management, ensuring alignment between cybersecurity requirements and operational constraints.

In parallel, I bring strong operational credibility through experience in SOC leadership, incident response, detection engineering, and security tooling (SIEM, SOAR, EDR), allowing me to ground governance decisions in real-world threat and incident realities. This dual governance and operational background enables me to deliver pragmatic, actionable cybersecurity programs rather than purely theoretical frameworks.

Industry field of expertise

Languages

French
Native or bilingual
English
Native or bilingual
Vietnamese
Basic

Workplace preferences

Can work on-site

Paris (up to 50km)

I-Tracing France
Lead Security Analyst
July 2023 - Today (2 years and 11 months)
Led a team of security analysts in identifying and mitigating security threats Developed and implemented security policies and procedures to enhance overall security posture Collaborated with cross-functional teams to address security vulnerabilities and incidents Managed security incidents and responded promptly to minimize impact on the organization Coordinate the day to day activity with the customer Create and report KPI of the service performance Design new detection rules to cover new threat and complex TTP Design and improve the remediation capabilities with scripts and playbooks
Team management Incident response Reporting Incident analysis
Veolia Île-De-France,
Cybersecurity Consultant
December 2022 - June 2023 (6 months)
France
Run
Vulnerability scan and analysis, preparation and management of remediation plan CTI : Qualification of incident and coordination with local CISO to deploy remediation across the whole Veolia Group entities Analysis and remediation of phishings emails Developpement, follow-up and coordination of IT compliance activities with all the Veolia entities
Project
Update of several security policies such as hardening OS GNU-Linux Design of a cybersecurity study path for Veolia employees
Offensive security
Organisation and realization of pentest on several entities of Veolia
Incident Response
Identification and qualification of incidents Analysis of attack via EDR and creation of a remediation plan Oversight and operator of several incidents, coordination with the different parties until the resolution of the incident
Technique Environment : Cloud GCP, AWS; Google Workspace, EDR, CTI tools
GRC Incident response Cybersecurity governance Project Management vulnerability assessment
BNP Paribas Securities Services
Cybersecurity Consultant
October 2020 - November 2023 (3 years and 1 month)
Paris, France
IAM
• • Role data Mining and setup of Work profiles access (4 applications)
• • Coordination with many Application Manager to setup their Work profile for 120 applications Obsolescence Management
• • Coordination of the obsolescence of the development language and framework LPM
• • Study and update of the network referential
• •Coordination on the vulnerability management Coordination and project management
• • Coordination and support on the fix of vulnerabilities
• • Coordination on the MFA migration and setup
• • Documentation writing (IAM, Patching)
• • Risk analysis
• • User support for all the cybersecurity projects
Project Management IAM Vulnerability Management Cybersecurity governance