About Yassine
Passionate about cybersecurity, notably, I have successfully applied my expertise in ISP (Integration of Security into Projects), audit, and risk management as well as third party risk management (TPRM. This includes valuable experience gained through collaboration with a critical infrastructure (OIV) client. My areas of expertise encompass:
• IT governance
• Project management
• Risk management of information systems
• Implementation and audit of an ISO 27001 security management system
• Business continuity resilience
• Compliance with standards, laws, and regulations
My proven track record in previous companies reflects not only my professional competence but also my deep commitment and enthusiasm for the field of cybersecurity.
French
Native or bilingual
English
Fluent
Can work on-site
Paris (up to 50km)
Experience
- CaceisThird Party Risk Manager & Compliance consultantBANKING AND INSURANCEMay 2024 - Today (2 years and 1 month)- Assess critical ICT/DORA third-party cybersecurity risks using automated riskintelligence tools (Security Rating).- Develop a TPRM dashboard to centralize assessments, KPIs, and risk scoring.- Monitor & report risk metrics, enforce SLAs, and escalate security gaps.- Collect & validate evidence for DORA controls, ensuring audit readiness.
- AccentureOffer Lead: Audit, Security Control & TestingDIGITAL AND ITSeptember 2022 - Today (3 years and 9 months)Île-de-France, France- Formulating the audit strategy proposal aligned with the overarching strategy of the domain.- Crafting commercial templates that encapsulate the value proposition.- Designing a comprehensive training program for consultants.- Curating delivery accelerators to enhance service efficiency.- Formulating a communication plan and presenting the offer to the sales team.- Generating responses to client Request for Proposal (RFP) inquiries.
- AccentureISP, Audit & Risk Management ExpertDIGITAL AND ITSeptember 2021 - Today (4 years and 9 months)Across various clients (Paris Saint Germain, Ville de Paris, AXA Assurance, CNP Assurance, Leroy Merlin etc.), I engage in the following activities:-Secure Project Integration: Qualified ISP (Integration of Security into Projects)for various applications:*Identify Business Security Needs→ CIA Triad.*Threat Modeling → Identify security risks early.*High Level Secure Architecture Review → Validate network segmentation, IAM,and encryption.*Explain security controls to be implemented following the assessment and helpthe business endorse security within their project.-Cybersecurity maturity assessment : Evaluated risks for over five clients andprospects, as well as delivering maturity reports to an Italian insurance company.-Risk Analysis: Conducted EBIOS-based risk analyses using the EGERIE tool forcritical applications and networks.-Organizational Audits: Performed maturity assessments and delivered detailedaudit reports.
Recommendations
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Mastère Specialisé, Innovation Technologique et Management de ProjetESIEE PARIS2018Mastère Specialisé, Innovation Technologique et Management de Projet
- Ingénieur, Industrie et EnvironnementPolytech Nancy - ex ESSTIN2012Ingénieur, Industrie et Environnement
Certifications
- CISM: Certified Information Security ManagerISACA2023
- PECB Certified TrainerPECB2024