Entreprises, SSII, DSI
Trouvez rapidement les meilleurs intervenants pour tous vos projets informatiques
Photo de Pascal, Consultant Cybersécurité

Pascal Consultant Cybersécurité

CV n°200117B001
  • Profil

    Consultant cybersécurité (52 ans)

  • Mobilité Télétravail si le client est à plus de 2h de son domicile
  • Statut En profession libérale
  • Domaines d'expertise

    Sécurité informatique

Compétences techniques
PKI
Études et formations

Education

June ’93 Post Master Degree in Computer science (Network, Systems, Database), Paris-Saint-Quentin (UVSQ) University

Qualifications & Certifications
October ‘04 Urbanization and Technical Architectures
March ‘08 CISSP (Certified Information System Security Professional) – (ISC)2
July ’08 ISO 27001 Lead Auditor - Auditware
April ’11 ISO 27005 Risk Manager
June ‘12 ISO 27035 Information Security Incident Mgr
2017-2019 RSA Archer Suite Admin I & II – RSA Archer Associate & Professional Certifications

Principal References
AP-HP PMO and Consultant - Security in projects
BNP Paribas Role of Consultant for the implementation (design and configuration) of RSA Archer Suite Solution for Business Continuity Management and Risk Management - Since October 2018
EDF Role of Consultant and Project Manager Officer for the implementation design and configuration) of RSA Archer Suite Solution
for Security Operations Management, Policy Management and Audit Mgt - 2 years
Natixis Role of Consultant and Project Manager Officer for the implementation (design and configuration) of RSA eGRC Archer Solution
for Risk Management, Compliance and Business Continuity
Euroclear Within the assessment of the Security Incident Management process, organization and tools to face APTs and DDoS attacks,
participation in workshops, writing of the report and presentation to the stakeholders
Canopy Within the project of assistance for the definition and the implementation of a Cloud Infrastructure, role of PMO on the RSA
scope (SIEM / Archer / SecurID) and delivery of the "Security Assessment" workshop
MGEN Role of Consultant and Project Manager Officer for HN regulation certification project
Saint-Gobain Role of Security Officer (for 1yr 1/2) for sensitive outsourced applications (Capgemini Outsourcing Services contract)
HISM Role of Consultant and Project Manager Officer for HDS regulation certification project
A.I.F.E Study of the CHORUS project compliancy to PRIS 2.1 level ** (french administration reference frame)
PKI urbanization : study of different strategies
La Poste Study « Strategy and Operation of the Malware Counter Measures» for the Group’s Chief Information Security Officer (CISO)
MAIF Compliancy Audit relating to information security of the « Pôle Produits Financiers» Information System to the CNIL and to the
banking legislation (LSF, CRBF)
DGI Study of the recovery of the information system integrity after the deterioration of a data repository.
Architecture study and dimensioning of «Portail du Particulier (2005)» portal (annual tax declaration)
RTE ISO 27002 audit of a sensitive application
ANPE Urbanization of the Service Oriented Architecture Securty Services
Fininfo Audit and design of the security architecture

Skills
Information
Security
Management
• Role of CISO deputy
• Industrialization of GRC (Governance, Risk Management and Compliance) processes with RSA Archer
• Breach Readiness Assessment to face Advanced Persistent Threats (APTs)
• Security Incident Management (27035)
• ISO 27001 implementation and audit
• Risk Management (ISO 27005, eBIOS, MEHARI)
• Definition of Security Policy
• Business Impact Analysis
• BCP/DRP definition (ISO 22321)
• Assessment
• C-Level and User Awareness
Security
• Cloud Security: compliance with security good practices
• XML Security: XAdeS, XML Signature, XML Encryption, SAML, WS-Security, XKMS, XACML, XrML, SPML
• Digital Security: Symmetric & asymmetric cryptography, PKI, S/MIME, SSL/TLS, SSH, IPSec
• Access Security: Identity, Authentication and Authorization Mgt, Accounts and entitlements provisioning
• Data backup / restore / archiving
• ACL, Filtering Router, Stateful filtering, AAA, Strong Authentication, SSO, IDS/VDS/IPS
Operations Assistance to CISO, Security Officer, Project Management, Business Development, pre-sales, response to RFP
and proposal writing, subcontractors coordination

Languages
French Native
English TOEFL Level (Business)
Spanish School level (basic)

Expériences professionnelles

Professional (summary)

Since July ‘18 Freelance RSA Archer Consultant (Maturity Assessment, Scoping, Design, Build, Run)
July’16 – July’18
Archer Pre-Sales & Consultant at Sopra Steria - B.U CyberSécurité
In charge of RSA Archer (eGRC Solution) integration offering and delivery
May’14-May ‘16
Security Manager at aDvens
Pre-Sales and PMO for SOC RFPs and Compliance alignment services
July’11 - March’14
Senior Solutions Principal at EMC Consulting - EMC2
Pre-Sales for EMC’s « TRUST » portfolio and PMO for Natixis, Canopy & Euroclear
April ’09 - July’11
Practice Leader «Risk Management» (12 people) at Capgemini
Delivery of consulting services for Saint-Gobain, MACIF and CIRTI de Nantes (ACOSS)
July ‘07 - March
‘09
Senior Consultant at Silicomp-AQL (Orange Business Services subsidiary)
Delivery of consulting services for AIFE, La Poste, MAIF and RTE
Feb. ’02 -June ‘07
Principal Security Architect at Cap Gemini Ernst & Young
Delivery of services for Ministries, Governmental Agencies and CAC 40 companies
Sep. ’99 - Jan. ‘02
Manager of Security Department at GPS Consulting and Technical Director at TrustVision
(merger from GPS Consulting and NET2S Group’s Security Team)
Mar. ‘97 -Sep. ‘99
Network Engineer, responsible for Security Business at RCS, Gold Partner Cisco Network
Integrator
July ‘96 - Feb. ‘97 Backup Consultant at OpenVision (Veritas Software / Symantec)
Oct. ’94 -June ‘96 Network Engineer at Influx Technologie, Network Integrator