Freelancer profile translated to English.
Back to original languageAbout Yann
Passionate about offensive and defensive cybersecurity, I assist companies in securing their infrastructures and applications. With in-depth expertise in pentesting, risk analysis (EBIOS), GDPR compliance, and ISO 27001 standards, I have worked on critical projects ranging from protecting state voting systems to implementing cyber defense strategies for large corporations. As an ethical hacker, trainer, and consultant, I make it a point to anticipate threats and propose pragmatic and robust solutions.
My goal: to secure your environments while testing the robustness of your processes for proactive and effective cybersecurity.
French
Native or bilingual
English
Conversational
Can work on-site
Nantes (up to 50km)
Experience
- VoxalyInformation Security ManagerJanuary 2022 - Today (4 years and 5 months)Nantes, France-Integration of security in projects-Responses to tender questionnaires and security audits-Monitoring of IS security actions and support for technical teams-Monitoring of GDPR actions and compliance with CNIL requirements-Participation in EBIOS RM analyses and risk management-Participation in DPIAs and data protection impact assessments-Awareness of IT risks (internal training, phishing, secure development OWASP top 10)-Implementation and monitoring of penetration tests (internal/external pentests)-Responses to IT security incidents and vulnerability management-Securing state voting systems and associated compliance audits-Improvement of security processes (authorization review, destruction certificates, system hardening)-Validation and implementation of protection measures (WAF, access hardening, monitoring)-Analysis and monitoring of threats (cyber watch, critical vulnerability management)-Collaboration with SOC and CERT teams for incident management
- Groupe Oui CareInformation Security DirectorDecember 2020 - September 2021 (9 months)Le Mans, France- Writing of the IS Policy- Writing of the IT Charter- Implementation of security processes in projects- Security testing of the group's websites- Implementation of an EBIOS risk analysis- Organization of workshops on secure development: Depending on the development technology and data, research of known vulnerabilities, best practices, and regulatory recommendations- Awareness of IT risks (Serious Game, Email…)
- FORMINDSenior Information Security ConsultantJanuary 2018 - March 2020 (2 years and 2 months)Rennes, FranceMission: CISO - Information System Security Manager - BCP - Business Continuity Plan Manager. Organization and management of BCP, IS Risk Analysis, Awareness, GDPR, BCE, leading IS Steering Committees, BCP Project Committees, security awareness workshops, Risk within projects... Sector: Insurance - Banking. Date: 12/02/2018 - 20/11/2018 Mission: Security Support in Projects. Security analysis, PIA, data processing declaration... Sector: Railway Date: 21/11/2018 - 15/05/2019 Mission: Support for security strategy. Writing of thematic policies (backup, development, obsolescence...), Access rights review. Sector: Banking 30/05/2019 - 30/11/2019
Recommendations
Be the first to recommend Yann
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Engineering degree in systems and networks with a double specialization in programmer analyst.Exia-CESI2013Diplôme d'Ingénieur systèmes et réseaux avec doubles compétences analyste programmeur.