You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Soufiane BouasriaSB

Soufiane Bouasria

GRC Cybersecurity | IT Audit, ISO 27001, PCI DSS, NIS2

€550/day
Paris, FR
3-7 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Soufiane

GRC & compliance cybersecurity consultant — I support SMEs and mid-sized companies on theirPCI DSS, ISO 27001, NIS2, and DORAprojects, from audit to compliance.

4 successful PCI DSS auditsconducted in demanding environments, with full operational management and immediately usable deliverables.

What you get concretely:
• IT Security Audit & documented gap analysis
• Prioritized Remediation Plan with action tracking
• Policies, procedures, and evidence for QSA audits
• Dashboards, security KPIs, and management reporting
• Outsourced CISO / vCISO support

My areas of expertise:
• PCI DSS v4.0
• ISO 27001 & IT security governance
• EBIOS RM risk analysis
• NIS2 & DORA
• Vulnerability Management (Qualys)
• Wazuh SIEM & AWS security

Why work with me:
• Autonomous intervention, remote or on-site
• Immediately usable deliverables
• Pragmatic, results-oriented approach
• No intermediaries or extra costs

Available for audit, compliance, IT security governance, and outsourced CISO support missions.

Full remote missions anywhere in France, with possible on-site travel as needed.
  • French

    Native or bilingual

  • Arabic

    Native or bilingual

  • English

    Fluent

Can work on-site
Paris (up to 50km)

Experience

  • Val Software
    Systems and Networks Engineer & Compliance Officer
    April 2026 - June 2026 (2 months)
    31700 Blagnac, France
    Performed level 2 continuous controls (LOD2) on IT and Cyber risk policies within the framework of ISO27001 requirements. Designed and implemented compliance monitoring dashboards for real-time IT security management for the technical department (systems, networks, security tools). Provided expertise to IT security governance: detailed analysis of IT risks and definition of responses adapted to compliance requirements (ISO27001). Produced IT security dashboards: compliance indicators and security KPIs — regular reporting to management. Supervision: Grafana, Centreon, Zabbix. Operational processing of requests, alerts, and exceptions related to the CISO. Conducted internal audits and formalized control reports. Implemented and monitored security policies, procedures, and standards (ISO27001). Managed incident response plans and BCPS. Integrated cybersecurity tools: Wazuh (SIEM), Firewall, Sonarqube — control automation. Deployed an OVH secure architecture compliant with ISO27001 and participated in setting up an SOC. Maintained operational condition of the infrastructure, on-premise and Cloud: OVH, Azure, OS: Linux, Windows.
    ISO 27001 SIEM IS Policy Cybersecurity Audit
  • PRELUDD PAYMENT SERVICES
    Compliance Officer | Systems, Networks, Cybersecurity Engineer
    May 2022 - November 2025 (3 years and 6 months)
    31700 Blagnac, France
    Performed level 2 continuous controls (LOD2) on IT and Cyber risk policies within the framework of PCI DSS and GIE CB requirements. Designed and implemented compliance monitoring dashboards for real-time IT security management for the technical department. Provided expertise (systems, networks, security tools) to IT security governance: detailed analysis of IT risks and definition of responses adapted to compliance requirements (PCI DSS, EBIOS RM). Produced IT security dashboards: vulnerability monitoring (Qualys), compliance indicators, and security KPIs — regular reporting to management. Managed and operationally executed the Cyber awareness plan: created materials (slides, posters) and led training/workshops for teams. Operational processing of requests, alerts, and exceptions related to the CISO. Conducted internal audits and formalized control reports. Implemented and monitored security policies, procedures, and standards (PCI DSS, GIE CB). Managed incident response plans and BCPS. Integrated cybersecurity tools: Qualys (vulnerability management), Wazuh (SIEM), Firewall, Sonarqube — control automation. Deployed an AWS secure architecture compliant with PCI DSS and participated in setting up an SOC. Maintained operational condition of the cloud infrastructure: AWS, OS: Linux.
  • MEDIAMEETING
    Linux, Windows, MacOS Administrator
    March 2022 - May 2022 (2 months)
    Portet-sur-Garonne, France
    • IT asset management
    • Operational maintenance
    • Vulnerability management
    • User support

Recommendations

Be the first to recommend Soufiane

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Higher Technician in Systems and Networks (Bac +3)
    LDNR
    2021
    Technicien Supérieur Systèmes et Réseaux (Bac +3)
  • Systems and Networks Administrator (Bac+4)
    VAE
    2022

Skill set

Categories