Pascal - Consultant Cybersécurité
Ref : 200117B001-
92210 SAINT-CLOUD
-
Consultant cybersécurité (56 ans)
-
Télétravail si le client est à plus de 2h de son domicile
-
En profession libérale
Professional (summary)
Depuis Juil. 2018
Consultant Cybersécurité Indépendant
GRC Tools • Saint-Cloud (92)
Intégration technico-fonctionnelle Archer, 2 mois / EDF / Sopra Steria
• Paramétrage des Uses Case du périmètre Audit Management et du Use Case Issue
Management
Intégration technico-fonctionnelle Archer, 12 mois / BNP Paribas / Atos Consulting
• Paramétrage des Uses Cases des périmètres BCM & Risk Management
Since July ‘18 Freelance RSA Archer Consultant (Maturity Assessment, Scoping, Design, Build, Run)
July’16 – July’18
Archer Pre-Sales & Consultant at Sopra Steria - B.U CyberSécurité
In charge of RSA Archer (eGRC Solution) integration offering and delivery
May’14-May ‘16
Security Manager at aDvens
Pre-Sales and PMO for SOC RFPs and Compliance alignment services
July’11 - March’14
Senior Solutions Principal at EMC Consulting - EMC2
Pre-Sales for EMC’s « TRUST » portfolio and PMO for Natixis, Canopy & Euroclear
April ’09 - July’11
Practice Leader «Risk Management» (12 people) at Capgemini
Delivery of consulting services for Saint-Gobain, MACIF and CIRTI de Nantes (ACOSS)
July ‘07 - March
‘09
Senior Consultant at Silicomp-AQL (Orange Business Services subsidiary)
Delivery of consulting services for AIFE, La Poste, MAIF and RTE
Feb. ’02 -June ‘07
Principal Security Architect at Cap Gemini Ernst & Young
Delivery of services for Ministries, Governmental Agencies and CAC 40 companies
Sep. ’99 - Jan. ‘02
Manager of Security Department at GPS Consulting and Technical Director at TrustVision
(merger from GPS Consulting and NET2S Group’s Security Team)
Mar. ‘97 -Sep. ‘99
Network Engineer, responsible for Security Business at RCS, Gold Partner Cisco Network
Integrator
July ‘96 - Feb. ‘97 Backup Consultant at OpenVision (Veritas Software / Symantec)
Oct. ’94 -June ‘96 Network Engineer at Influx Technologie, Network Integrator
Education
June ’93 Post Master Degree in Computer science (Network, Systems, Database), Paris-Saint-Quentin (UVSQ) University
Qualifications & Certifications
October ‘04 Urbanization and Technical Architectures
March ‘08 CISSP (Certified Information System Security Professional) – (ISC)2
July ’08 ISO 27001 Lead Auditor - Auditware
April ’11 ISO 27005 Risk Manager
June ‘12 ISO 27035 Information Security Incident Mgr
2017-2019 RSA Archer Suite Admin I & II – RSA Archer Associate & Professional Certifications
Principal References
AP-HP PMO and Consultant - Security in projects
BNP Paribas Role of Consultant for the implementation (design and configuration) of RSA Archer Suite Solution for Business Continuity Management and Risk Management - Since October 2018
EDF Role of Consultant and Project Manager Officer for the implementation design and configuration) of RSA Archer Suite Solution
for Security Operations Management, Policy Management and Audit Mgt - 2 years
Natixis Role of Consultant and Project Manager Officer for the implementation (design and configuration) of RSA eGRC Archer Solution
for Risk Management, Compliance and Business Continuity
Euroclear Within the assessment of the Security Incident Management process, organization and tools to face APTs and DDoS attacks,
participation in workshops, writing of the report and presentation to the stakeholders
Canopy Within the project of assistance for the definition and the implementation of a Cloud Infrastructure, role of PMO on the RSA
scope (SIEM / Archer / SecurID) and delivery of the "Security Assessment" workshop
MGEN Role of Consultant and Project Manager Officer for HN regulation certification project
Saint-Gobain Role of Security Officer (for 1yr 1/2) for sensitive outsourced applications (Capgemini Outsourcing Services contract)
HISM Role of Consultant and Project Manager Officer for HDS regulation certification project
A.I.F.E Study of the CHORUS project compliancy to PRIS 2.1 level ** (french administration reference frame)
PKI urbanization : study of different strategies
La Poste Study « Strategy and Operation of the Malware Counter Measures» for the Group’s Chief Information Security Officer (CISO)
MAIF Compliancy Audit relating to information security of the « Pôle Produits Financiers» Information System to the CNIL and to the
banking legislation (LSF, CRBF)
DGI Study of the recovery of the information system integrity after the deterioration of a data repository.
Architecture study and dimensioning of «Portail du Particulier (2005)» portal (annual tax declaration)
RTE ISO 27002 audit of a sensitive application
ANPE Urbanization of the Service Oriented Architecture Securty Services
Fininfo Audit and design of the security architecture
Skills
Information
Security
Management
• Role of CISO deputy
• Industrialization of GRC (Governance, Risk Management and Compliance) processes with RSA Archer
• Breach Readiness Assessment to face Advanced Persistent Threats (APTs)
• Security Incident Management (27035)
• ISO 27001 implementation and audit
• Risk Management (ISO 27005, eBIOS, MEHARI)
• Definition of Security Policy
• Business Impact Analysis
• BCP/DRP definition (ISO 22321)
• Assessment
• C-Level and User Awareness
Security
• Cloud Security: compliance with security good practices
• XML Security: XAdeS, XML Signature, XML Encryption, SAML, WS-Security, XKMS, XACML, XrML, SPML
• Digital Security: Symmetric & asymmetric cryptography, PKI, S/MIME, SSL/TLS, SSH, IPSec
• Access Security: Identity, Authentication and Authorization Mgt, Accounts and entitlements provisioning
• Data backup / restore / archiving
• ACL, Filtering Router, Stateful filtering, AAA, Strong Authentication, SSO, IDS/VDS/IPS
Operations Assistance to CISO, Security Officer, Project Management, Business Development, pre-sales, response to RFP
and proposal writing, subcontractors coordination
Languages
French Native
English TOEFL Level (Business)
Spanish School level (basic)