Thomas Bayart

• Architecture, design, configuration support for the integration of systems and databases into the SOC,

• Definition, implementation, and monitoring of KPIs, reporting on progress and integration monitoring controls,

• Investigation and resolution for incidents and absence of log transmission,

• Architecture and implementation of the log collection architecture for Microsoft, Oracle, and SQL Server environments based on WEC.

• Topics addressed: Architecture, PKI, SOC, SIEM, IAM, IT Monitoring, Windows, Linux, Cloud.

Redesign of the cyber risk analysis and management methodology for the cybersecurity and IT risk management department,

• Responses to annual Swift and CAC audits

• SWIFT/ESMA/DORA Compliance: inventory and third-party assessment, implementation of governance and action plans (technical, organizational, and BCP),

• Update of the ISMS documentation: policies, procedures, processes, and standards,

• Integration of security into solution adoption projects: risk analysis, architecture review, contractual review, recommendations…,

• Creation of operational security KPIs for the EXCOM security committee,

• Security incident management,

• 360° vulnerability management: definition and implementation of reports, definition of recurring scanner scopes and weekly executions, vulnerability assessment, and implementation of associated fixes,

• Review of internal identities and access and associated processes.

• Topics addressed: Firewall, VPN, PKI, Architecture, Compliance, SOC, SIEM, Vulnerability Management, IAM, Cloud.

Project to create a sovereign data center for a South-East Asian government:

• Study and design of the overall IT security model supported by the data center with cloud interconnection,

• Creation of the Technical Architecture Document (DAT) and High-Level Design (HLD),

• Design of the cybersecurity architecture adapted to client use cases and data types processed,

• Definition and implementation of security policies on environment solutions

• Guarantee of cyber solution compliance with client local regulations,

• Governance and implementation of cybersecurity policies and processes associated with the project: DR, IAM, SOC, Patch Management…

• Drafting of all technical and cyber governance documentation

• Proactive recommendations on cybersecurity solution evolution to ensure long-term relevance,

• Point of contact for technical integrators of cyber components and project domains.

Sovereign project for the French government in the aerospace sector:

• Design and implementation of the cybersecurity architecture to ensure the protection of the HPC environment,

• Drafting of the HLD and validation of the Low-Level Designs (LLD) of deployed solutions,

• Definition and validation of test scenarios for deployed solutions.

Firewall migration project for a publishing sector client:

• Design of the target solution and associated migration plan,

• Technical migration of security functions and L3 support post-migration.

Topics addressed: Firewall, VPN, PKI, Architecture, Compliance, SOC, SIEM, Vulnerability Management, IAM, WAF, IPS, Virtualization, Governance, Cloud.