Pascal - Consultant Cybersécurité

Education

June ’93 Post Master Degree in Computer science (Network, Systems, Database), Paris-Saint-Quentin (UVSQ) University

Qualifications & Certifications
October ‘04 Urbanization and Technical Architectures
March ‘08 CISSP (Certified Information System Security Professional) – (ISC)2
July ’08 ISO 27001 Lead Auditor - Auditware
April ’11 ISO 27005 Risk Manager
June ‘12 ISO 27035 Information Security Incident Mgr
2017-2019 RSA Archer Suite Admin I & II – RSA Archer Associate & Professional Certifications

Principal References
AP-HP PMO and Consultant - Security in projects
BNP Paribas Role of Consultant for the implementation (design and configuration) of RSA Archer Suite Solution for Business Continuity Management and Risk Management - Since October 2018
EDF Role of Consultant and Project Manager Officer for the implementation design and configuration) of RSA Archer Suite Solution
for Security Operations Management, Policy Management and Audit Mgt - 2 years
Natixis Role of Consultant and Project Manager Officer for the implementation (design and configuration) of RSA eGRC Archer Solution
for Risk Management, Compliance and Business Continuity
Euroclear Within the assessment of the Security Incident Management process, organization and tools to face APTs and DDoS attacks,
participation in workshops, writing of the report and presentation to the stakeholders
Canopy Within the project of assistance for the definition and the implementation of a Cloud Infrastructure, role of PMO on the RSA
scope (SIEM / Archer / SecurID) and delivery of the "Security Assessment" workshop
MGEN Role of Consultant and Project Manager Officer for HN regulation certification project
Saint-Gobain Role of Security Officer (for 1yr 1/2) for sensitive outsourced applications (Capgemini Outsourcing Services contract)
HISM Role of Consultant and Project Manager Officer for HDS regulation certification project
A.I.F.E Study of the CHORUS project compliancy to PRIS 2.1 level ** (french administration reference frame)
PKI urbanization : study of different strategies
La Poste Study « Strategy and Operation of the Malware Counter Measures» for the Group’s Chief Information Security Officer (CISO)
MAIF Compliancy Audit relating to information security of the « Pôle Produits Financiers» Information System to the CNIL and to the
banking legislation (LSF, CRBF)
DGI Study of the recovery of the information system integrity after the deterioration of a data repository.
Architecture study and dimensioning of «Portail du Particulier (2005)» portal (annual tax declaration)
RTE ISO 27002 audit of a sensitive application
ANPE Urbanization of the Service Oriented Architecture Securty Services
Fininfo Audit and design of the security architecture

Skills
Information
Security
Management
• Role of CISO deputy
• Industrialization of GRC (Governance, Risk Management and Compliance) processes with RSA Archer
• Breach Readiness Assessment to face Advanced Persistent Threats (APTs)
• Security Incident Management (27035)
• ISO 27001 implementation and audit
• Risk Management (ISO 27005, eBIOS, MEHARI)
• Definition of Security Policy
• Business Impact Analysis
• BCP/DRP definition (ISO 22321)
• Assessment
• C-Level and User Awareness
Security
• Cloud Security: compliance with security good practices
• XML Security: XAdeS, XML Signature, XML Encryption, SAML, WS-Security, XKMS, XACML, XrML, SPML
• Digital Security: Symmetric & asymmetric cryptography, PKI, S/MIME, SSL/TLS, SSH, IPSec
• Access Security: Identity, Authentication and Authorization Mgt, Accounts and entitlements provisioning
• Data backup / restore / archiving
• ACL, Filtering Router, Stateful filtering, AAA, Strong Authentication, SSO, IDS/VDS/IPS
Operations Assistance to CISO, Security Officer, Project Management, Business Development, pre-sales, response to RFP
and proposal writing, subcontractors coordination

Languages
French Native
English TOEFL Level (Business)
Spanish School level (basic)