You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Thomas M.TM

Thomas M.

ISO 27001:2022 Consultant | ISMS Implementation

€555/day
Paris, FR
3-7 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Thomas

I support SMEs, SaaS editors, and regulated companies in implementing or improving their ISMS according to ISO 27001:2022.

I handle everything from gap analysis to certification audit preparation: ISO 27005/EBIOS RM risk analysis, policies and procedures, statement of applicability, indicators, internal audits, remediation plans, and team awareness.
  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Paris (up to 20km)

Experience

  • BNP Paribas
    IT Security Professional
    BANKING AND INSURANCE
    September 2025 - Today (10 months)
    Paris, France
    - Administration of Joiner-Mover-Leaver (JML) processes via SailPoint and internal tools
    - Creation and management of access rights, assets, and teams in the IAM repository
    - Processing of authorization requests and access rights review
    - Maintaining the consistency of the identity repository and access profiles
    - Daily use of SailPoint IIQ (IdentityIQ) for identity governance
    - Configuration and setup of assets, roles, and authorization profiles
    - Participation in access certification campaigns (access reviews)
    Cybersecurity Microsoft Excel Identity and Access Management (IAM) Microsoft SharePoint SailPoint
  • FeelAgile
    Cybersecurity Project Manager (Key Accounts)
    CONSULTING AND AUDITS
    September 2024 - September 2025 (1 year)
    Bernay, France
    - Management of 3 ISO 27001:2022 projects in IT outsourcing, industry, and pharmaceuticals.
    - Complete implementation of ISMS and preparation for certification audits.
    - Support for a pharmaceutical company towards ISO 27001 and HDS v2.
    - Risk analysis and follow-up of treatment plans.
    - Creation of 40+ security policies and procedures.
    - Implementation of KPI/KRI and training for management teams.
    ISO 27001 ISO 27005 HDS Definition and monitoring of indicators (KPI) Internal audit
  • Deepki
    Deputy CISO
    SOFTWARE PUBLISHING
    September 2023 - September 2024 (1 year)
    Paris, France
    - ISO 27001 recertification obtained in 6 months with 98% compliance.
    - Implementation of 20+ corrective actions and management of the post-audit plan.
    - Creation and monitoring of 25+ security indicators.
    - Management of the documentation register and preparation of audit evidence.
    - 25% reduction in security incidents over twelve months.
    - Awareness training, simulated phishing, and coordination with technical teams.
    SentinelOne Google Workspace Internal audit ISO 27005 Security audit

Recommendations

Be the first to recommend Thomas

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Cybersecurity Expert
    OTERIA CYBER SCHOOL
    2026
    Oteria est une école dédiée à la cybersécurité, en alternance, centrée autour de l'excellence pédagogique et de la qualité de l'expérience étudiante. Informatique, Développement, Réseaux, mais également Gouvernance, OSINT, Ingéniérie sociale et Soft skills composent le programme sur 3 années. Le but de la formation ? - Comprendre les enjeux économiques, politiques et humains dans lesquels s’inscrit la cybersécurité - Comprendre le fonctionnement d’un système d’information à tous ses niveaux - Maitriser les techniques fondamentales du Hacking éthique, de défense d'un système et de résilience - Développer une expertise opérationnelle spécifique en cybersécurité
  • TOEIC 4-Skills: 940/990
    TOIEC
    2026
    Listening: 475 / 495 Reading: 465 / 495 Speaking: 140 / 200 Writing: 170 / 200

Certifications

Categories