Freelancer profile translated to English.

Description

Enterprise Architect (TOGAF certified), cybersecurity expert (CISM and ISO 27001 certified) particularly on Public Cloud and Generative AI topics, with over 15 years of experience in various international environments.

Capable of taking on architect roles as well as management and project steering functions requiring solid technical skills. I also served a transitional CISO/RSSI mandate.

Specialist in the design and implementation of complex solutions, combining technological innovation, security, and strategic alignment.

My background covers areas such as cybersecurity (risk analysis, drafting guidelines and standards, etc.), cloud migrations, securing generative AI environments, and steering critical projects, with solid expertise in transforming complex needs into compliant and effective operational solutions.

Industry field of expertise

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Paris (up to 50km), Lille (up to 50km), Chartres (up to 50km)

Enginov
Expertise Implementation Trusted/Secured Generative AI
DIGITAL AND IT
May 2024 - Today (2 years and 1 month)
Paris, France
Packages for several small/medium-sized IT consulting firms:

Scope:
Analysis of key business processes, Development of Generative AI roadmap with design patterns, cybersecurity policies, compliance guidelines
(use cases: Sales Automation, AI Assisted HR sourcing, Account Lettering Automation),
GDPR Azure OpenAI
Société Générale
Leader Community BigData/AI Security - Cybersecurity and GRC Architect
BANKING AND INSURANCE
April 2022 - April 2024 (2 years and 1 month)
• Leading a cybersecurity community on Big Data, AI, and innovation topics (expertise, writing reports, ...)
• Analysis and simplification of AI frameworks OWASP Top10 LLM, European AI Act
• Writing a group standard for AI/LLM Generative AI cybersecurity
• Securing a hybrid and multi-use case Generative AI platform (H2M, M2M, ...)
• Writing a new version of the internal Big Data Security standard
• Cybersecurity risk analyses inherent to Public Cloud Service Providers (AWS, Azure) according to NIST, EBIOS methodology
• Design contribution & review of new Public Cloud, Big Data, and AI/LLM Use Cases
• Design contribution & review of new Trusted Patterns (MQTT, JDBC, etc.)
• Development and monitoring of remediation plans
• Code review of applications before CI/CD Whitelisting in the Public Cloud and SAST analyses
• API compliance review before publication in the Cloud
Azure Cloud NIST CSF CISM CISA Risk Analysis European AI ACT API Security LLMs Generative AI Security by design Azure OpenAI GDPR Compliance DORA
Soft Bank Robotics
CISO / Transitional CISO - Cybersecurity Architect
April 2021 - April 2022 (1 year)
Paris, France
• Development of a new Product Cybersecurity strategy by defining a new Compliance framework (NIST CSF, NIST8288, NIST80053, IoTCSF), and a new activity organization with a ZERO-Trust and cybersecurity everywhere vision
• Conducting Gap Analysis between Product Backlog and NIST8228
• Creation of a Cyber Security capabilities Product Backlog
• Development of cybersecurity self-assessment kits on various target frameworks
• Training of cybersecurity facilitators and onboarding on the new strategy
• Writing RFIs and RFPs for certain Cybersecurity activities
• Review of the compliance of all product designs by R&D
. Contribution to the design of secure boot solutions and HSM management for service robots
. Conducting several risk analyses (product and IS) and compliance assessments (NIST 800,53, GDPR, ISO27001)
Amazon Web Services Risk Analysis GDPR Compliance ISO 27001 NIST CSF CISM