Amine - Consultant cybersécurité CISA

WORK EXPERIENCE & EDUCATION

Jan-Dec 2019 ATLAS AUTOMATIC, Casablanca, Morocco
Information / Cyber Security & Business Development and Strategy Consultant. Main responsibilities:
 Company general audit (Finance, Operations & IT)
 IT Risk & Vulnerability assessment and Controls definition & implementation
 Pen-testing demonstration & Information security awareness program
 Information security procedures creation
 Local market analysis & strategic positioning definition
 Planning & prioritization of actions with KPI’s implementation
 Business development: B2B partnership, new products/deals, customers/suppliers’ relationship Mgmt.

2017 - 2018 EXECUTIVE MASTER, STRATEGIC BUSINESS UNIT MANAGEMENT, HEC Paris, France
Apr 16-Feb 18 NISSAN AUTOMOTIVE EUROPE, Paris, France
Regional IS Process Transformation Project Lead. Main responsibilities:
 Requirements gathering, Scoping, Planning & Prioritization, Roles & Responsibilities definition
 End-to-end RFP process Management
 Liaising with Procurement, Legal & Corporate Nissan Realise 2020 Transformation program teams
 Change management & communication (Stakeholders meetings/workshops, reporting to Exec board)
 IT processes Design & Implementation Strategy and Roadmap definition
 Actions follow-up & Risks monitoring
 Internal and external staff management (incl. Matrix Organizational structure)
 Budget monitoring & controlling
 IS Target Operating Model: OCIO, Info. Security, BRM, EA, SW Factory, Service Delivery & ITS
 Design & Implementation of IT processes across the region
 Active support to Corporate Nissan Realise 2020 Transformation program

Apr 13-Mar 16 NISSAN EMEA (Europe, Middle-East & Africa), Paris, France
EMEA IS QAC (Quality Audit and Compliance) Manager. Main responsibilities:
 Second Line of Defense team creation & development : Recruitments, Onboarding, Training/Coaching
 Team Management (staff based in 5 locations: FR, NL, UK, SA & IN / 3 continents: EUR, ASIA, AFR)
 Governance of IS EMEA Audits : ITGC/ITAC, Sarbanes-Oxley (SOX), Statutory & Questionnaires
 Scope Increase Management : Impact & Risk Analysis. Remediation strategy definition & execution
 Regional SME in Information Security Audit and Compliance (Infrastructure, Application & Systems)
 Risk Assessment & Control Matrix definition for in scope Apps., Infra., Processes & Projects
 Interfacing with internal & external auditors (big four) for regional and local audits (SP, SA, UK, FR…)
 Deployment of best practices (Policies, Standards, Procedures) in new locations (Africa & Middle-East)
 Planning & Coordination of IS audits (results, findings, remediations, follow-up & reporting Sr Mgmt.)
 Regional IS Scorecard production and KPI’s monitoring and reporting to executive board
 ServiceNow Deployment Project : Procedures & Processes implementation & Compliance validation
 Core & Non-Core team activities analysis
 Offshore Outsourcing of mature Non-Core compliance activities to India
 Budget monitoring & controlling

Oct 10- Mar13 NISSAN EMEA (Europe, Middle-East & Africa), Paris, France
EMEA IS Audit & Compliance Team Leader. Main responsibilities:
 Review & maintenance of ITGC RCM (Risk & Control Matrix)
 Planning & coordination of controls testing on Security, IT OPS, IS and Projects streams
 SPOC for Internal / External Auditors (pre-audit, audit & post-audit activities) within EMEA region
 Self-assessment activities optimization & Internal and External auditors reliance development
 Follow-up of remediation action plans
 Consolidation of reports for the executive team
 Compliance training for IT stakeholders & Business control and application owners
 Regional SME in Information Security Audit and Compliance (Infrastructure, Application & Systems)

Mar 09-Sep 10 NISSAN EMEA (Europe, Middle-East & Africa), Paris, France
EMEA Information / Cyber Security Engineer. Main responsibilities:
 Investigation of Information Security incidents
 Expansion of Information Security best practices thru the region
 Supervision of suppliers’ adherence to Nissan Information Security policies, standards & procedures
 Implementation of Information Security processes (e.g. Patching, IAM) across the region
 Production of Information Security monthly dashboard for Senior Management team
 Creation or update of Information Security documents (Policies, Standards and Procedures)
 Management of IT risk database
 CERT member
 ITGC/SOX Security Project : Controls definition, implementation and execution (Infra., App. & Sys.)
 ITGC/SOX Security : Internal & External audits support
 Pen testing results review

May 06-Feb 09 DHL EXPRESS, Paris, France
Information / Cyber Security Consulting Project Manager. Main responsibilities:
 Security Dashboard production and communication to the Management team
 Security consultant role for both IS and Business stakeholders
 ISO27001 audit planning, support & remediation follow-up
 Global/local security policies, standards and procedures implementation
 Notification to CNIL (French DPA : Data Protection Authority)
 CERT activities coordination
 Vulnerability Management (QualysGuard, MBSA)
 Budget monitoring & controlling
 Projects : - Deployment of WIFI infrastructure (Incl. RFP process : CISCO/AVAYA & their partners)
- Set up of Websense platform to optimize web resources
- Deployment of a CBT Information Security Awareness Program
- DRP formalization & testing
2005-2006 Post-MSc in IS Audit & Security, Lyon University, Lyon, France
Feb-July 2005 Internship at the Network Centre of Jiangxi Province, Nanchang, China
2002-2005 MSc in Networks & Telecommunications Engineering, ENSEA, Paris, France.
Aug 2004 Internship at AXA, Paris, France.
Apr-Jun 2002 Internship at VALEO, Le Mans, France.