CV/Mission de Consultant itil problem manager freelance

Exemple de missions de Thomas,
Consultant itil problem manager habitant l'Indre-et-Loire (37)

• Manager Security Enhancement

  Tours (37)
  Jan 2023 - aujourd'hui

  Responsibilities
  ● Manager of the company.
  ● Service Provider.
  
  Achievements
  ● Support for the governance of the ISS.
  ● Conducting pentests and audits to improve customer security, industrialization (DEVOPS) and supervision of code auditing to strengthen secure coding practices.
  ● Leading R&D projects to integrate AI into security, improving operational efficiency and competitive advantage.
  ● Creation and management of SOCs.
  
  Skills
  ● Management: Team leadership, project management, strategic decision-making.
  ● Communication: Presentation of technical solutions to non-technical stakeholders, facilitating the understanding and adoption of security strategies.
  ● Technical Expertise: Solid foundation in architecture and cybersecurity to enable effective oversight of technical initiatives.

• CISO Assistant

  Dexia - Paris (92)
  Jan 2022 - aujourd'hui

  Responsibilities
  ● Participation in the bank's strategic transformation projects in the area of IS Security and Business Continuity, including:
  Interactions with operational departments
  Interactions with audit departments
  Interactions with compliance
  Interactions with permanent control.
  ● Participation in the implementation of security aspects in projects (e.g. Security Questionnaire and Security Impact Assessment) and in this context participates in the Architecture and PPB Committee.
  ● Participation in information system security management committees with the main service providers.
  ● Organization and management of technical projects:
  Internet Access Requests
  Audits
  Penetration Testing
  Infrastructure & Security Topics
  Other....
  ● ISS/BCP Risk Assessment (RCSA ICT Mapping)
  ● Coordination and follow-up of ISS/BCP risk remediation actions
  ● Analysis and management of security incidents and assistance to related committees.
  ● Management of vulnerability and obsolescence remediation plans.
  ● Management of logical authorizations and access, and Business Continuity Plans (BCP) in support of other members of the Security team.
  
  Achievements
  ● Management of the implementation of an EDR and an NDR.
  ● Industrialization of COPIL/CODIR indicators.
  ● Securing outsourcing projects.
  ● Project management:
  o Definition of workload plans and framing of works.
  o Animation of the project teams, in support of the COPIL.
  o Follow-up of commitments (schedules, milestones, budgets, deliverables).
  o Analysis and monitoring of project risks.
  o Communication and preparation of reporting for the supervisory and arbitration body.
  o Study of business needs.
  o Workshop Management
  o Change management.
  o IS security and enablement processes.
  o Drafting of procedures.
  
  Skills
  ● Permanent member of the Group Architecture Committee for Cybersecurity activities.
  ● Permanent member of the "Project Portfolio Management" for Cybersecurity activities.
  ● Management of the relationship between outsourcing and project management for Cybersecurity activities.
  ● Supervision, drafting, and validation of amendments/contracts between DEXIA and these suppliers for the purposes of Cybersecurity activities/topics
  ● Supervision, writing, and validation of the management templates for cybersecurity evaluations of DEXIA software projects and services.

• SOC Architect

  CloudTemple - Tours (37)
  Jan 2022 - Jan 2022

  Responsibilities
  ● Conducting project management studies for the development of the SOC, establishing the needs and business objectives aligned with safety.
  ● Architecture design for the SOC, defining optimal security protocols and workflows.
  ● Manage the development and integration of connectors, detection rules, and playbooks to improve SOC responsiveness and efficiency.
  ● Assistance in the definition of standard operating procedures and in the development of KPIs to measure and improve the performance of the SOC.
  ● Integration of dynamic application security analytics (DAST) solutions to enhance security in DevOps development cycles.
  
  Achievements
  ● Establishing a customized Security Operations Center (SOC) to effectively respond to incidents for various customers, improving security resiliency.
  ● Design and implementation of a threat management system to anticipate and respond to security threats in real time, integrated with existing information systems.
  
  Skills
  ● In-depth cybersecurity skills, with a specialization in static and dynamic code analysis (SAST/DAST).
  ● Ability to guide teams in adopting and implementing application and code security best practices.

• Cybersecurity Architect

  Enedis - Nanterre (92)
  Jan 2021 - Jan 2021

  Responsibilities
  ● Design and update of system and application hardening standards, aligned with best practices and regulatory requirements.
  ● Coordination of technical committees dedicated to the continuous improvement of hardening policies and the review of safety standards.
  ● Lifecycle administration of exclusion policies and security alert management for rugged systems.
  ● Project management for the development and deployment of a compliance scanner tool, improving the automation of security audits.
  ● Collaboration with the ANSSI for the validation and commissioning of the company's public key infrastructure (PKI).
  
  Achievements
  ● Streamlining the process of publishing hardening guides, making it easier for security teams to access and implement.
  ● Automate periodic hardening reviews to ensure ongoing compliance and reduce operational risk.
  ● Systematization of security exception management, allowing better governance of security rules.
  ● Proof-of-concept of the PKI solution, ensuring the integrity and robustness of the communications security infrastructure.
  
  Skills
  ● In-depth expertise in cybersecurity, including security architecture design and security solution development.
  ● Mastery of cryptography and techniques for securing information exchanges.

• SOC Manager

  Metsys - Tours (37)
  Jan 2019 - Jan 2021

  Responsibilities
  ● Design and implementation of the SOC architecture, including the definition of KPIs and SLAs, to ensure the quality and performance of services.
  ● Pre-sales consultant role to promote SOC services, demonstrating the value and effectiveness of the proposed solutions.
  ● Recruitment of new talent and management of the SOC operator team, fostering skills development and operational excellence.
  ● Development and delivery of training programs for operators, ensuring a high level of technical expertise within the team.
  ● Mentoring and supervision of work-study students, ensuring their integration and professional progression.
  ● Contribution to the definition of the company's information security policy and associated procedures, strengthening security governance.
  ● Preparation and presentation of detailed reports to customers, providing transparency and accurate tracking of security services.
  ● Advising and implementing the hardening of customer infrastructures, improving their security posture.
  ● Maintaining a proactive technology watch to anticipate changes in the field and adapt SOC services accordingly.
  
  Achievements
  ● Design and commissioning of a security incident response operations center, meeting the specific needs of various customers.
  ● Initiated and supervised the construction of a data center in Tours, increasing operational capacity and service resilience.
  ● Development of two innovative cybersecurity service offerings, leveraging IBM Qradar and Microsoft Sentinel technologies.
  ● Development of customized solutions and tools that increase the value of the SOC, including threat monitoring, security assessments, and attack simulation tools.
  ● Design and hardening of security architectures for customers, raising protection standards.
  
  Skills
  ● Advanced expertise in security architecture, with a demonstrated ability to lead complex design and optimization initiatives.
  ● Proven management skills, with a track record of effective leadership and team development.
  ● Certification ISO27032 as a Lead Cybersecurity Manager, validating professional leadership in cybersecurity.

• Operational Security Architect/Engineer

  AG2R La Mondiale (by Lineware) - Tours (37)
  Jan 2016 - Jan 2019

  Responsibilities
  ● Needs analysis and technical specifications for SIEM integration, improving threat detection and management.
  ● Development of an advanced architecture for security monitoring and threat detection.
  ● Automate vulnerability scanning and threat response processes, including mobile devices and Indicators of Compromise (IOC) management.
  ● Optimization and standardization of security reporting to provide a clear and actionable view of security risks.
  ● Improved hardening protocols for systems and servers, reducing the attack surface and potential risks.
  
  Achievements
  ● Design and implementation of a robust security architecture, using a variety of programming languages for security operations automation.
  ● Streamlining the production of indicators and reports, facilitating safety information management and decision-making.
  ● Led a systemic tightening project, introducing proactive measures for the protection of the company's digital assets.
  ● Creation of an integrated threat intelligence tool, enabling a rapid and coordinated response to security incidents.
  ● Establishment of a secure platform for the management of PKI private keys, compliant with RGS standards.