CV/Mission d'Expert Case Manager freelance

Exemple de missions d'Eric,
Expert Case Manager habitant ?

Since 01/2023
Societe Generale – PARIS
CyberSecurity and CyberResilience (DORA) Architect for Azure Cloud and Private Cloud
SWIFT Cyber Resilience:
o My leadership role involved overseeing infrastructure migration, risk assessment, security, and data management. I have collaborated with CSP vendors and regulatory bodies such as the UK Financial Conduct Authority (FCA) and the European Central Bank (ECB), including the Prudential Resolution and Control Authority.
o I have developed a large-scale multi-cloud strategy for both private and public clouds. As a mentor, I have guided Cloud DevOps team members in delivering high-performance solutions and educated the IT organization on industry trends and emerging cloud technologies, including Generative AI.
o In my role, I have implemented SWIFT Cyber Resilience and deployed SWIFT Alliance with Thales HSM, enabling Société Generale to access the SWIFT network through Alliance Connect. This suite of technologies includes hardware appliances for secure VPN connections to SWIFT using Microsoft Azure Cloud.
o I have utilized various Azure Cloud services for components of the reference architecture that operate in the cloud. This includes managing encryption keys to protect sensitive data using the Cloud Key Management service and establishing connections to the co-location using Azure ExpressRoute.
o Utilized Azure Cloud services (Azure Portal, AVD portal, ExpressRoute, Azure Firewall, AVD Host, OS Golden image with Microsoft Defender EndPoint and Antivirus, KeyVault, Defender for Cloud, Storage Account for configuration, Azure Bastion and Conditional Access) for components of the reference architecture that operate in the cloud. This included the use of Cloud Key Management service for managing encryption keys to protect sensitive data. Leveraged Azure ExpressRoute, a networking service, to establish connections to the co-location, facilitating the storage of SWIFT HSM hardware components of the reference architecture implementations.
o My design of an inclusive architecture features private VPC networks with stateful firewalls for managing egress/ingress traffic between SWIFT applications, SWIFT VPN, and the SWIFT network. I have helped financial institutions leverage Azure Cloud for data analytics and machine learning services, enhancing operational efficiency.
o I have simplified cybersecurity operations for customers through Azure’s architecture, ensuring adherence to the SWIFT Customer Security Controls Framework for using the SWIFT network. I have utilized Azure Cloud’s extensive features to safeguard cloud deployments against hacking attempts.
o Manage FnOps and Pattern to reduce cost associated with Architect
AZURE and AWS Cybersecurity
o My responsibilities also included performing cybersecurity audits, including ECB recommendation Network protection, vulnerability management, Encryption, Compliance, Logging and Monitoring, Backups, OS hardening, and Defender for the cloud.
o I have established a Landing Zone for Certificate Authority Infrastructure across Azure, AWS, and Private Cloud, and defined and deployed both Certificate Authority and Intermediate Authority on AWS using Private CA, ensuring secure and efficient operations across different cloud environments.
o I have led the migration of on-premises applications and data to the cloud, resulting in improved scalability and cost-efficiency, and collaborated with the cybersecurity team to implement robust security measures, adhering to industry standards and regulations.
o As a Cloud Architect Cyber Security expert at Société Generale, I led the enforcement of our NIST-based cyber security framework and fostered a security-first culture in line with NCSC, CISA, and ENISA standards. I elevated the 2LOD role, guiding the 1LOD towards advanced cyber security practices and ensuring their integration with business initiatives. In collaboration with the Enterprise Architect, I embedded security into all IT solutions, aligning with Societe Generale’s IT Security policies.
o I led the strategic implementation of Azure’s security solutions to enhance our cyber defence capabilities. I directed the enforcement of our NIST-based cyber security framework, integrating Azure CyberArk to manage privileged access and safeguard sensitive credentials within a certified vault, ensuring automated password management and cycling.
o I leveraged Azure Sentry for real-time error monitoring and code-level visibility, which significantly decreased resolution times and bolstered our application diagnostics. With Azure Defender, I established a cloud-native application protection platform, unifying security management across our multi-cloud and multi-pipeline environments, enhancing our security posture, and protecting cloud workloads.
o I also architect the Microsoft Entra ID (Azure AD), providing secure adaptive access, seamless user experiences, and unified identity management across our multi-cloud environment. Additionally, I implemented Azure PAM strategies to monitor, detect, and prevent unauthorized privileged access, further securing our critical resources against cyber threats.
Cyber Resilience based on DORA (Digital Operational Resilience Act) EU Regulation 2025
o Our project aims to enhance the digital operational resilience of our bank by aligning with DORA requirements.
o Risk Assessment and Gap Analysis by conducting a comprehensive risk assessment to identify gaps in our existing cyber resilience practices.
o Assessing the bank's IT infrastructure, third-party dependencies, and incident response capabilities.
o Policy and Procedure Development by developing and updating policies and procedures to align with DORA guidelines.
o Creating a robust incident response plan, including communication protocols and escalation procedures.
o Collaboration with Stakeholders by working closely with IT teams, compliance officers, and legal experts to ensure alignment with DORA.
o Engaging with third-party service providers to assess their resilience measures.
o Testing and Simulation by designing and executing cyber resilience tests, including tabletop exercises and scenario-based simulations.
o Evaluating the effectiveness of incident response processes and communication channels.
o Reporting and compliance by preparing regular reports for senior management and regulatory authorities.
o Ensuring compliance with DORA reporting requirements for major ICT-related incidents.
o Training and awareness by conducting training sessions for employees on cyber resilience best practices.
o Raising awareness about indicators of compromise (IOCs) and threat intelligence sharing.
o Achievements by successfully implementing DORA-compliant cyber resilience measures across the bank.
o Strengthening our ability to withstand operational disruptions caused by cyber incidents.
o Improving collaboration with third-party providers to enhance overall resilience.

01/2021-12/2022
AWS Partner Europe – LONDON/ZURICH/NEW YORK
Lead AWS Cloud Architect Landing Zone Terraform (IaaS), 6 R’s Strategy (SaaS to Serverless) and Sagemaker Machine Learning)
SAP Commerce, Sales, Service, CDC, CDP, Emarsys, S4/HANA Cloud Architect
SAP Canada (Pharmaceutical customer):
SAP IS Retail, CAR (OPP), Commerce, Emarsys (Marketing), CDC and CDP using Azure and AWS Cloud
o Provided support using the SAP Activate lifecycle, leading and supporting the transition from SAP S4 Fiori App to SAP Commerce B2B (Pharmacy) and B2C (Consumer) platform based on SAP Commerce.
o Integrated with S4 for Master Data and Master Catalogue using Planogram for Pharmacy.
o Integrated with SAP CAR, Omnichannel Price and Promotion module for B2B and B2C prices and Promotion. Managed STO (Stock Order Transport) for daily Open Order for Pharmacy including Quick Order forms for Recurring and seasonable orders and Picklist based on cutting time for both OTC (Other The Counter) and Commercial articles.
o Integrated with EWM (Extended Warehouse Management) to calculate and provide RTI (Rough Stock Indicator) as well as in Transit, Real-Time inventory and OAA (Omnichannel Article Availability and Sourcing).
o Deployed both AWS Glue ETL, Glue Catalogue and Athena to provide detailed segmentation and target Group for customer insights to internal marketing using AWS Quick Sights.
o Supported integration with AWS Data Lake for aggregation of Post DTM (POS Transaction aggregation) as well as CDP (Customer Data Platform Insight) to manage segmentation for the SAP marketing campaign.

TCS Europe (Philips Domestic Appliance Greenfield Program)
SAP S4, C4C Service (C4C), Adobe AEM Marketing Cloud, STIBO (Integration), Commerce, Emarsys (Marketing), Customer Data Cloud and Customer Data, Analytics Cloud on Platform based on AWS Cloud
Facilitated the sale of Philips’ Domestic Appliances business to global investment firm Hillhouse Capital.
o Led and managed the Enterprise and Technical Architecture Program, gathering both technical and business requirements through workshops and business information collection using the BPML Approach.
o Provided support for Self Service B2C and B2B, conducting Dry Run and Workshop information gathering.
o Articulated various processes and combinations of MVP from a country-specific perspective for both DA Authorized Retailer and D2C (Direct To Consumer) for Self Service in the area of Return, Repair, and Refurbishment.
o Supported the integration of STIBO for both B2B and B2C Catalogue with AEM Frontend storefront using extended PIM and Enterprise DAM for B2C and D2C consumer marketing worldwide.
o Managed SAP Commerce for B2B and Self Service D2B distributors and Sales Representative.
o Managed SAP CPQ with C4C and SAP Commerce for D2B retailers based on countries and assortment.
o Articulated Catalogue management throughout the Article, Price, and Promotion landscape.
o Utilized SAP SAC (SAP Analytics Cloud) in combination ...