WORK EXPERIENCE & EDUCATION
Jan-Dec 2019 ATLAS AUTOMATIC, Casablanca, Morocco
Information / Cyber Security & Business Development and Strategy Consultant. Main responsibilities:
Company general audit (Finance, Operations & IT)
IT Risk & Vulnerability assessment and Controls definition & implementation
Pen-testing demonstration & Information security awareness program
Information security procedures creation
Local market analysis & strategic positioning definition
Planning & prioritization of actions with KPI’s implementation
Business development: B2B partnership, new products/deals, customers/suppliers’ relationship Mgmt.
2017 - 2018 EXECUTIVE MASTER, STRATEGIC BUSINESS UNIT MANAGEMENT, HEC Paris, France
Apr 16-Feb 18 NISSAN AUTOMOTIVE EUROPE, Paris, France
Regional IS Process Transformation Project Lead. Main responsibilities:
Requirements gathering, Scoping, Planning & Prioritization, Roles & Responsibilities definition
End-to-end RFP process Management
Liaising with Procurement, Legal & Corporate Nissan Realise 2020 Transformation program teams
Change management & communication (Stakeholders meetings/workshops, reporting to Exec board)
IT processes Design & Implementation Strategy and Roadmap definition
Actions follow-up & Risks monitoring
Internal and external staff management (incl. Matrix Organizational structure)
Budget monitoring & controlling
IS Target Operating Model: OCIO, Info. Security, BRM, EA, SW Factory, Service Delivery & ITS
Design & Implementation of IT processes across the region
Active support to Corporate Nissan Realise 2020 Transformation program
Apr 13-Mar 16 NISSAN EMEA (Europe, Middle-East & Africa), Paris, France
EMEA IS QAC (Quality Audit and Compliance) Manager. Main responsibilities:
Second Line of Defense team creation & development : Recruitments, Onboarding, Training/Coaching
Team Management (staff based in 5 locations: FR, NL, UK, SA & IN / 3 continents: EUR, ASIA, AFR)
Governance of IS EMEA Audits : ITGC/ITAC, Sarbanes-Oxley (SOX), Statutory & Questionnaires
Scope Increase Management : Impact & Risk Analysis. Remediation strategy definition & execution
Regional SME in Information Security Audit and Compliance (Infrastructure, Application & Systems)
Risk Assessment & Control Matrix definition for in scope Apps., Infra., Processes & Projects
Interfacing with internal & external auditors (big four) for regional and local audits (SP, SA, UK, FR…)
Deployment of best practices (Policies, Standards, Procedures) in new locations (Africa & Middle-East)
Planning & Coordination of IS audits (results, findings, remediations, follow-up & reporting Sr Mgmt.)
Regional IS Scorecard production and KPI’s monitoring and reporting to executive board
ServiceNow Deployment Project : Procedures & Processes implementation & Compliance validation
Core & Non-Core team activities analysis
Offshore Outsourcing of mature Non-Core compliance activities to India
Budget monitoring & controlling
Oct 10- Mar13 NISSAN EMEA (Europe, Middle-East & Africa), Paris, France
EMEA IS Audit & Compliance Team Leader. Main responsibilities:
Review & maintenance of ITGC RCM (Risk & Control Matrix)
Planning & coordination of controls testing on Security, IT OPS, IS and Projects streams
SPOC for Internal / External Auditors (pre-audit, audit & post-audit activities) within EMEA region
Self-assessment activities optimization & Internal and External auditors reliance development
Follow-up of remediation action plans
Consolidation of reports for the executive team
Compliance training for IT stakeholders & Business control and application owners
Regional SME in Information Security Audit and Compliance (Infrastructure, Application & Systems)
Mar 09-Sep 10 NISSAN EMEA (Europe, Middle-East & Africa), Paris, France
EMEA Information / Cyber Security Engineer. Main responsibilities:
Investigation of Information Security incidents
Expansion of Information Security best practices thru the region
Supervision of suppliers’ adherence to Nissan Information Security policies, standards & procedures
Implementation of Information Security processes (e.g. Patching, IAM) across the region
Production of Information Security monthly dashboard for Senior Management team
Creation or update of Information Security documents (Policies, Standards and Procedures)
Management of IT risk database
CERT member
ITGC/SOX Security Project : Controls definition, implementation and execution (Infra., App. & Sys.)
ITGC/SOX Security : Internal & External audits support
Pen testing results review
May 06-Feb 09 DHL EXPRESS, Paris, France
Information / Cyber Security Consulting Project Manager. Main responsibilities:
Security Dashboard production and communication to the Management team
Security consultant role for both IS and Business stakeholders
ISO27001 audit planning, support & remediation follow-up
Global/local security policies, standards and procedures implementation
Notification to CNIL (French DPA : Data Protection Authority)
CERT activities coordination
Vulnerability Management (QualysGuard, MBSA)
Budget monitoring & controlling
Projects : - Deployment of WIFI infrastructure (Incl. RFP process : CISCO/AVAYA & their partners)
- Set up of Websense platform to optimize web resources
- Deployment of a CBT Information Security Awareness Program
- DRP formalization & testing
2005-2006 Post-MSc in IS Audit & Security, Lyon University, Lyon, France
Feb-July 2005 Internship at the Network Centre of Jiangxi Province, Nanchang, China
2002-2005 MSc in Networks & Telecommunications Engineering, ENSEA, Paris, France.
Aug 2004 Internship at AXA, Paris, France.
Apr-Jun 2002 Internship at VALEO, Le Mans, France.