You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Thomas RiviereTR

Thomas Riviere

Senior GRC / CISO Consultant

€1,000/day
Paris, FR
8-15 years
EBIOS RM
ISO 27001 Audit
Governance
Security Policies
ISO 27005

Average response time: A few days

Freelancer profile translated to English.
Back to original language

About Thomas

  • French

    Native or bilingual

  • English

    Conversational

Can work on-site
Paris (up to 50km)

Experience

  • METSYS
    Senior GRC Consultant
    CONSULTING AND AUDITS
    September 2025 - Today (9 months)
    Paris, France
    CISO missions for multiple entities within the DOCAPOSTE group:

    o Coordination and maintenance of the Information Security Management System (ISMS) for archiving and electronic invoicing:
    - Steering of the Information Security Policy (ISP) and supervision of associated controls
    - Compliance (ISO 27001, GDPR, NIS 2).
    - EBIOS RM risk analysis (EGERIE)
    - Cyber contact point for external exchanges (questionnaires, presentations, client audits, etc…)
    - Obsolescence management plan
    - Security assurance plan management
    - Audits & Controls
    - GDPR referent role
    - Participation in cross-functional Docaposte group projects
  • France Cert.
    Information Security / GRC Consultant
    January 2021 - August 2025 (4 years and 7 months)
    o Support for ISO 27001 certification for 10 clients
    o Implementation and coordination of ISMS
    o Risk analysis and treatment plan monitoring
    o Compliance audits for multiple frameworks (27001, HDS, 9001, 45001, 14001...)

    Mission details:

    1. Governance and Strategy
    - Implementation and optimization of governance frameworks (policies, steering committees...)
    - Support for management on governance issues

    2. Risk Management
    - Risk mapping
    - Definition and implementation of treatment plans
    - Vendor risk management

    3. Audit, Internal Control, and Crisis Management
    - Compliance audit execution
    - Business continuity plan development and testing
    - Control plan implementation

    4. Awareness and Training
    - Information security awareness training
    - Design of awareness materials
  • Extia
    QHSE Officer
    July 2017 - August 2020 (3 years and 1 month)
    Change management for ISO 9001 maintenance and ISO 27001 implementation.

    1. ISO 27001 Missions
    - Support for multi-site ISO 27001 implementation
    - Drafting and implementation of IT policies
    - Risk identification and assessment.
    - Organization and monitoring of internal audits
    - Employee awareness and training on cybersecurity best practices..

    2. ISO 9001 Missions
    - Drafting and updating of quality procedures, processes, and documents.
    - Preparation for certification audits.
    - Definition and monitoring of quality KPIs
    - Non-conformity management

Recommendations

Be the first to recommend Thomas

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • EBIOS RISK MANAGER
    Bureau Veritas
    2024
    EBIOS RISK MANAGER
  • ISO/CEI ISO 27005
    Bureau Veritas
    2024
    ISO/CEI ISO 27005
Check out Thomas's education

Categories