Richard - Consultant cybersécurité FIREWALLRef : 181127S003
16 March 2020 to present DINUM (OFFICE OF THE FRENCH PRIME MINISTER) - CONTRACT POSITION PARIS
Chief Technology Architect and Cyber Security Officer / CISO DINUM / Clearance Officer / Deputy DPO Lead the Architect and CISO team to define, implemented and developed architecture standards and
provides technical and Cyber Security for all Government Department (Ministries), Provide leadership for the Ministries and its agencies within the information security and IT architecture, Formulate information security goals and establish policies, standards and procedures in line with whole-ofgovernment cyber security directions, Business Continuity Program Management, Operational Resilience Program Management, Ensure cyber security compliance to whole-of-government policies and standards, Review, endorse and align information security and develop risk management and mitigation plans, Advise management on the appropriate cyber security solutions and technologies to be deployed, Align IT needs with the strategic cyber security direction of whole-of-government, Implement change management process to keep up with evolving cyber threat landscape (with ANSSI = The
National Cybersecurity Agency of France), Collaborate with National Cybersecurity Agency of France (ANSSI) for all subject cyber security, cyber
defense et resilience for French all government departments and public administrations, Collaborate with French Data Protection Authority (CNIL) for the implementation and security personal
data protection in all projects and products, Lead the creation and evolution of the French Government architecture program (FranceConnect, Tech.gouv,
Pilot, Tchap, OSMOSE, RESANA, ...) Lead the development of an implementation plan for the public service architecture based on French
Government requirements. o Team management: IT Architect, Information Security Officer, Principal Cyber Security Engineer,
Interns and Apprentice.
- Windows, Linux, UNIX,
- DevOps, Micro-services, SQL, noSQL, PostgreSQL, EAI, ESB, Web Services, APIs, SOA, REST, BPMN,
Data Management Platforms (DMP), Progressive Web Applications (PWA),
- Java, J2EE, JBOSS, C++, Python, NodeJS, Shell,
- ISO27001, ISO27002, ISO27005, EBIOS, EBIOS Risk Manager, DevSecOps, eIDAS, GDPR, EU Cybersecurity
Act, PSSIE, IGI901, IGI1300
Ap. 2019 to present GENDARMERIE (FRENCH GOVERNMENT AGENCY - OPERATION RESERVE), France
Crisis Advisor: Cyber Security – Information Security - Cybercrime Investigator & competitive Economic Analyst
Responsible for collecting, analyzing, and disseminating all-source intelligence on a range of topics to include
space, counterspace, cyber, and emerging technologies.
Provide documentation and reporting for investigation and litigation or digital evidence handling, preservation,
Identify emerging cybercrime trends and methodologies.
Provide investigative and analytical support to criminal investigations.
o Cyber Risk and Strategic Analysis,
o Vulnerability Detection and Assessment,
o Intelligence and Investigation,
o Networks and Systems Engineering,
o Digital Forensics and Forensics Analysis,
o Financial Fraud Analyst.
Sector coordinator: Cybersecurity crisis management and coordination
o ANSSI: The National Cybersecurity Agency of France,
o EUROGENDFOR: European Gendarmerie Force,
o DGSI: General Directorate for Internal (homeland) Security
o DRSD: The French Defense Intelligence and Security Directorate
o TRACFIN (Intelligence processing and action against underground financial circuits).
Feb. 2020 – 10 March 2020 FORTIL - FREELANCE GENEVA, SWITZERLAND
Group Head of Information Security & Cyber Security Offering (France, Belgium, UK and Switzerland)
Leader of the implementation of industry best practices for physical and technical security elements:
o Access controls, lighting and security signage, CCTV and video management systems, alarm
systems, communication systems, visitor management, emergency response, Photo ID systems etc.
Leader of the Information & Cyber Security management:
o Strategy, Governance, Audit, Risks, Crisis management, Security incident response, Threat
intelligence, Data Protection and Vulnerability management.
MDM (Mobile Device Management), FAM (File Activity Monitoring), DAM (Database Directory Monitoring),
ISO/IEC 27000 series, NIST Cybersecurity Framework, CCTV, GDPR, Swiss Federal Data Protection Act
(DPA), COBIT, Third Parties, Security Cloud, DLP, CASB, Sandbox, WAF, IAM, PAM, SIEM/SOC, IDS/IPS,
EDR/Endpoint Security, information security assurance, Cybersecurity Maturity / Cybersecurity Score Card,
Data governance and protection, OWASP, MITRE ATT&CK, SDLC, BCP(Business Continuity Planning), DRP
(Disaster Recovery Plan), Network Security, Penetration Testing, DDoS mitigation systems and technologies.
Information Security Committee (ISC),
Corporate information security steering committees (CISSC),
information security governance committee,
Manage security vendor relationship (physical and technologies).
INFORMATION & CYBER SECURITY
Responsible for IT and Cyber Security strategic and operational security management on all regional site,
Responsible for the Information Security Management System (ISMS),
Leader and manage information security incidents and events to protect Regional IT assets, intellectual
property, regulated data and the FORTIL reputation,
Provide recommendations on Strategy, Policy, Standards, Security Controls and KRIs,
Responsible of information security awareness & training,
Develop and lead post-mortem exercise,
Responsible of the Cyber security crisis exercise
Build and manage the security dashboard,
07 Jan. – 29 November 2019 FUJITSU - CONTRACT POSITION Asnières-Sur-Seine, France
CISO - Chief Information Security & Cyber Security Officer, Region EMEIA
EMEIA Executive Committee member.
Document and update information and physical security processes, procedures, and standards,
Lead strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating
the evaluation, deployment, and management of current and future security technologies and practices,
Assist the CISO Group in documenting the Security Risk Assessment,
Manage projects and other implementation activities for security controls for the enterprise,
Ensure that records of security operations activities are properly organized and available,
Respond to audit and exam requests for information,
Protecting Intellectual Property and Data Collective,
Interface with law enforcement as necessary due to physical or information security incidents.
o Technology Risks management: EBIOS, ISO27005, NIST SP 800-37,
o Compliance: LPM, EU NIS, GDPR, NIST, SOC2, PCI, IS027001 and 27018,
o Industrial Control Systems (ICS) Security (NIST 800 - 82, ISO27032),
o Business Continuity Program Management for EMEIA region,
o Operational Resilience Program Management,
o SCADA and PLC Security,
o Automated Logistics Systems,
o Security Cloud (IDaaS, CASB & DLP),
o IAM and PAM policy implementation,
o DLP incident management,
o Security Intelligence and Operations management,
o Manage and coordinate SOC / CSIRT team
o Detection and Response management,
o Security program management,
o Audit and assessment (NIST SP 800-53),
o DevSecOps Project (Service Now)
o Vulnerability Management,
o Training and Awareness.
Staff: + 10 peoples (International teams: France, Belgium, South Africa, UK and Luxembourg)
Feb. to December 2018 FREELANCE Paris, France
Humans 4 Help
Senior Manager Risk Consulting – Cyber Security and CISO TMM Group - healthcare company
Chief Information Security Officer, TMM Group:
o Leading the strategic vision, development, implementation, and enforcement of organization-wide
security risk assessment and control standards, policies, and procedures,
o Lead the company’s crisis management efforts and response to security incidents and threats.
o SOC / Security Cloud program organization (analysts, team incident response).
o SCADA vulnerabilities analyst, mitigation strategies and implementation remediation.
o Security business plan and compliance with IEC 62443, NIST SP 800 – 82.
o Audit and Risk management (NIST SP 800-30 & ISO27005).
Cyber Security services & operation management (Cyber Security Manager Risk Consulting):
o Define the cyber security strategies for Humans 4 Help (H4H),
o Respond and coordinate for RFI and RFP answers:
• IAM / PAM project
• CASB and DLP integration
• GDPR Project
• DevSecOps Project
o Team management, recruitment,
o Cyber Security program director,
Manage and drive external:
o Technologies business Partners,
o Cyber Security and Information Security Standards Forums,
o Marketing and university forums
Build and drive Cyber security / information security strategy and innovation:
o Information Security intelligence,
o Build the cyber security offerings,
o Cyber security innovations
• 1 week to Montreal to prepare a partnership with FX INNOVATION
Staff: +5 people (International teams: France, Canada & Senegal).
Director, Head of Global Cyber Security Department
• Chief Information Security Officer, TMM Group:
• Leading the strategic vision, development, implementation, and enforcement of organization-wide security risk assessment and control standards, policies, and procedures,
• Develop and manage to budgets for Information Security and Information Technology departments,
• Lead the company’s crisis management efforts and response to security incidents and threats.
• Cyber Security services & operation management (Cyber Security Business Unit Manager):
• Define the cyber security strategies for Humans 4 Help (H4H),
• Respond and coordinate for RFI and RFP answers
• Team management, recruitment,
• P&L management,
• Cyber security business development, customer crisis management,
• Cyber Security program director,
• Manage and drive external:
• Technologies business Partners,
• Cyber Security and Information Security Standards Forums,
• Marketing and university forums
• Build and drive Cyber security / information security strategy and innovation:
• Information Security intelligence,
• Build the cyber security offerings,
• Cyber security innovations
• Staff: + 30 people
February 2018 – 14 August 2018, ATOS – BEZONS – France
Senior Manager, Executive Cyber Security Advisor Lead
• France Cybersecurity portfolio construction
• From Atos Global portfolio & specific offers creation for France
• Head of innovation
• Regulation, compliance & Organization (GDPR, LPM-FR, NIS, NIST, PCI-DSS, ISO27xxxx)
• Secure Digital Workplace
• Sovereignty / Trusted Cloud Environments (OVH, IBM, AWS, Azure, Google)
• Building specific offers related to the partnership Google / Atos (France)
• Data Protection / Data-Centric Approach
• 360 ° security operation (automation & orchestration)
• Market Studies & Business Plans
• Selection of technology partners
• Construction of packages (products / services)
- Sales pitch / high-level
- Documentation for presales
- Costing / P&L
- Delivery plan
• Operational management of all pre-sales cybersecurity France
• Deal evaluation / Deal qualification
• Attack plan & Response strategies (partnerships / approaches)
• Support of the sales team to present the cybersecurity offers or develop specific proposals.
• Pre-sales and offer definition
Staff: + 20 people
April 2014 – January 2018- BT Global Services – PARIS- La Défense – France
Global Delivery and Contract Account Director: Cyber security – Security Infrastructure Cloud & IT
• Act as Delivery Manager, Contract Manager and Team Management.
• Participate in all strategic IT decisions for my clients (Steering committee strategic).
• Improve on automation, quality, speed of delivery, sourcing- strategy, international cooperation, simplification and reduction of fixed cost.
• Oversee Asia and US responsibilities and significant international
• Cyber Security pre-sales and solution management,
• Cyber security development.
• Review security maturity
• Cyber Incident Response Plan (CIRP),
• Incident Response Plan (IRP),
• Information System Contingency Plan Test (ISCPT),
• Management of team Penetration Testing,
• Write and / or update security policy for the information systems.
• Network Dark Web monitoring
• Simulation APT (Advanced Persistent attacks)
• Ensure GDPR-related Policies are understood and embedded within the projects
• Contact point for the Data Protection Commission
• Acted as head of the P&L, Forecast and margin.
Revenue: +40M€ / Staff: + 50 people
September 2012 - April 2014 – ENGIE– INEO DIGITAL – CLICHY-France
Business Manager Director: Cyber Security, Cloud (IaaS,PaaS & SaaS) and Data Center
• Management of the customer accounts: sales contract and project governance
• Supervision and realization of the projects for the Storage, System Backup, Data Center, LAN/WAN and the Security IT Global.
• Management of multidisciplinary team: Storage, System Backup, Network, Telecommunications, Data Center and Security Experts and Engineers,
• Write and / or update security policy for the information systems
• The development of the Account activity and the growth of revenue
• Presentation of the RFP’s, proposal creation and management of the contractual amendments on the global and project levels
• P&L management and supervision
• Quarterly Business review with the management on the contract margin, gap and the markup.
• IAM Project
• SIEM, SOC, IDS, IPS Project
• GRC Project
• Proxy project
• Reverse Proxy Project
• Network filtering project
• Cyber Security Benchmark
Revenue: +10M€ / Staff: 20 people
September 2011- August 2012, Orange Business Service (OBS) – PARIS - France
JOB 1: Project Account Director: IT Security and Networks (LAN, WAN & MPLS)
• The definition of the services offerings to the existing customers and the new prospects
• Responsible for the outsourcing for the BULL account (projects and post-sales services)
• Evaluation and preparation for the change conduction
• Project organization in accordance to the Orange Business Services guidelines (PMI / Synergy)
• Animation of project related teams: Pilot, Operations
• Acted as lead in all international responsibilities
• Application & Infrastructure Security
• BCP: Business Continuity Planning
• DRP: Disaster Recovery Plan
• Security by design
• Network Security Audit
• IT Security Industry (SCADA / ICS)
Revenue: +5M€ / Staff: 45 people
JOB 2: Business Manager for Networks and Telephony Trading
• Management of the Technical Team
• Supervision of the various customer accounts:
• commercial development
• P&L Management
Revenue: +5M€ / Staff: 20 people
July 2010 - August 2011 – SFR DGRE & Business Team – Boulogne Billancourt and Meudon –France
JOB 1: Networks & Telecom Project Manager: LAN, WAN, xDsl, ToIP
• Team Management (planning, skills, and charges)
• Management of the critical situations (Internal, customer, foreign operators, suppliers)
• Coordinating the engineering teams, project validation and deployment
• Following up the budget (cost management, following up the purchase orders, deliveries etc…)
• Ensuring the project completion within the set deadlines and the costs
JOB 2: WAN & MPLS Project Director Manager
• Deployment supervision and coordination of RIN4 (approx. 800 sites including with all the technologies: Internet, Ethernet, WAN, Man, VPN, MPLS, Vo IP, To IP, FH, Satellite)
• Organization and setting up of the methodology processes, writing the operational modes and the project follow up
• Reporting on project advancement in order to organize the setting up of pre-requisites for the sites (work requests, purchases, follow up with contractors and suppliers)
• Coordination of the related internal and external players (about 100 people) for the project deployment, integration and migration
• Global reporting.
April 2010- June 2010, UTRAM (business merger VIDELIO) - - Le Plessis Robinson - France
Project Manager for LCL Bank (Deployment ToIP, Service Management Data Center).
• Supervision and optimization of the services quality and preparation
• Customer relationship management (Real Estate Direction, DIS, Logistics Center of Bank LCL)
• Following up the supply of materials, deliveries to the technical teams
• Post-sales Management (Support and maintenance management)
October2009- March 2010, IPEX TELECOM (business merger acropolis telecoms& Foliateam) – Gennevilliers
Technical Service Manager (IP Centrex, ToIP, WAN and LAN)
• Direct and indirect management (18 persons: 2 coordinators, project planners, 10 technicians, 2 architects and 4 engineers).
• Manage a team for telephony, routing, switching, datacenter, and firewalls, wireless, load balancers, and similar technologies
• Provide a high level of customer focused service
• Follow the service delivery metrics (SLAs) for given service desk tickets, requests and incidents
• Developing standard technology platforms, partnerships building and managing the engineering team
• Prepare Network and IT implementation and Migration plans for LAN/WAN, Data Center, ISP and inter agencies network connectivity
• Produce and review technical statement of work documentation for all network and IT security projects.
• Develop and maintain policies and procedures toward meeting goals for infrastructure expenditures of the Data Network Infrastructure.
• Maintain contact with key Data Network suppliers and maintain knowledge of current technology, equipment, prices to minimize the investment required to meet agreed customer service levels.
• Responsible for keeping data pathway up and running for the entire MTA on a 24x7 basis, 365 days a year.
September 2006- September 2009, UNISYS – Colombes – France
Networks & Security Support Engineer L2
Management of technical incidents on L1 & L2 for the clients’ accounts (Air France, Bank Crédit Agricole, L’OREAL, ECOLAB, and Education Minister).
• Management of the various subcontractors (Coordination, Planning, reporting, budget management)
• Responsible for the technical team (technicians Unisys, consultants, subcontractors and service providers)
• Writing specifications, bid management and following up the solution deployments provided by the suppliers
• Telephony scheme design (mono site / multi sites).
• Architecture design and definition for the VPN connection for OBS.
• Audits, complex service and the deployment of infrastructures.
• Manufacturer: Checkpoint, Cisco, Juniper, Palo Alto, Fortinet, F5, Bluecoat
October 2005- August 2006, SPIE -Montpellier – France
Technical coordinator Telecommunications/ICT
• Technical Management of the IT infrastructure site in Montpellier.
• Supporting the Product Manager at project initiation meetings.
• Create/update Network Diagrams, Risk & Issue logs, Communications plans and Customer
• Administration and exploitation IT local.
• Procedure & operating mode writing for the management of the infrastructure.
• Manage the deployment of small call-out solutions and projects for our internal & external customers
• Manage the customer cancellation of solutions and components
• Ensure that equipment requirements for operations & customer projects are approved, ordered and received on time, in the correct call-out Centers
EDUCATION - DEGREE
2017 - MBA ISC PARIS BUSINESS SCHOOL
Information security management system (ISMS)
Ethical Hacking / Cyber security
2009 - ITIN Cergy (France) – Master degree
System Information Management
Information LifeCycle Management (ILM)
Business Process Model and Notation (BPMN)
Very good Stress Management
Information System Master Plan & Security System Management Strategy Plan
GRC (governance, risk, and compliance)
Forecast / P&L
Team Management and Leadership
ITIL, CoBit, PMP, Prince2,
ISO/CEI 27001: Lead implementer
ISO/CEI 27001: Lead auditor
ISO/CEI 27005: Risk Manager,
GDPR, NIS, NIST, HIPAA, PCI-DSS, HDS, IEC 62443
DLP: Data Loss Prevention
Data Privacy Impact Assessment (DPIA)
Design / Default and data security
SOC: Security Operations Center
SIEM: Security Information and Event Manager
NOC: Network operations center
OPEX / CAPEX
ICS, SCADA, and industrial networks Security
Telecommunication (WAN, MPLS, SD-WAN)
Networks (LAN, VPN, IPT, NAC)
Maintenance and Production
Infrastructures IT / Data Center / Cloud (SECaaS, IaaS, PaaS & SaaS)
English – Fluent
French - Native tongue
Ces profils pourraient vous intéresser !
Consultant fonctionnel FIREWALL
Consultant fonctionnel FIREWALL
Ingénieur réseaux CISCO
Chef de projet DHCP
- Saint just en chaussée
Administrateur réseaux MS OFFICE
Consultant fonctionnel ETHERNET
Directeur de projet APACHE
- saint cyr sous dourdan
Assistant à maîtrise d'ouvrage OUTLOOK
Chef de projet INFRANET
- Saint Denis
Chef de projet HUB
Chef de projet CHECKPOINT