CV/Mission d'It security compliance coordinator freelance

Exemple de missions de Richard,
It security compliance coordinator habitant l'Eure (27)

Chief Technology Architect and Cyber Security Officer
DINUM (OFFICE OF THE FRENCH PRIME MINISTER)POSITION PARIS
3/2020 -
CISO DINUM / Clearance Officer / Deputy DPO  Lead the Architect and CISO team to define, implemented and developed architecture standards and
provides technical and Cyber Security for all Government Department (Ministries),  Provide leadership for the Ministries and its agencies within the information security and IT architecture,  Formulate information security goals and establish policies, standards and procedures in line with whole-ofgovernment cyber security directions,  Business Continuity Program Management,  Operational Resilience Program Management,  Ensure cyber security compliance to whole-of-government policies and standards,  Review, endorse and align information security and develop risk management and mitigation plans,  Advise management on the appropriate cyber security solutions and technologies to be deployed,  Align IT needs with the strategic cyber security direction of whole-of-government,  Implement change management process to keep up with evolving cyber threat landscape (with ANSSI = The
National Cybersecurity Agency of France),  Collaborate with National Cybersecurity Agency of France (ANSSI) for all subject cyber security, cyber
defense et resilience for French all government departments and public administrations,  Collaborate with French Data Protection Authority (CNIL) for the implementation and security personal
data protection in all projects and products,  Lead the creation and evolution of the French Government architecture program (FranceConnect, Tech.gouv,
Pilot, Tchap, OSMOSE, RESANA, ...)  Lead the development of an implementation plan for the public service architecture based on French
Government requirements. o Team management: IT Architect, Information Security Officer, Principal Cyber Security Engineer,
Interns and Apprentice.
Technical environment:
- Windows, Linux, UNIX,
- DevOps, Micro-services, SQL, noSQL, PostgreSQL, EAI, ESB, Web Services, APIs, SOA, REST, BPMN,
Data Management Platforms (DMP), Progressive Web Applications (PWA),
- Java, J2EE, JBOSS, C++, Python, NodeJS, Shell,
- ISO27001, ISO27002, ISO27005, EBIOS, EBIOS Risk Manager, DevSecOps, eIDAS, GDPR, EU Cybersecurity
Act, PSSIE, IGI901, IGI1300

Crisis Advisor: Cyber Security – Information Security - Cybercrime Investigator & competitive Economic Analyst
GENDARMERIE (FRENCH GOVERNMENT AGENCY - OPERATION RESERVE), France
4/2019 -
 Responsible for collecting, analyzing, and disseminating all-source intelligence on a range of topics to include
space, counterspace, cyber, and emerging technologies.
 Provide documentation and reporting for investigation and litigation or digital evidence handling, preservation,
and storage.
 Identify emerging cybercrime trends and methodologies.
 Provide investigative and analytical support to criminal investigations.
o Cyber Risk and Strategic Analysis,
o Vulnerability Detection and Assessment,
o Intelligence and Investigation,
o Networks and Systems Engineering,
o Digital Forensics and Forensics Analysis,
o Financial Fraud Analyst.
 Sector coordinator: Cybersecurity crisis management and coordination
o ANSSI: The National Cybersecurity Agency of France,
o Frontex,
o NATO,
o EUROGENDFOR: European Gendarmerie Force,
o DGSI: General Directorate for Internal (homeland) Security
o DRSD: The French Defense Intelligence and Security Directorate
o TRACFIN (Intelligence processing and action against underground financial circuits).

FORTIL - FREELANCE GENEVA, SWITZERLANDGroup Head of Information Security & Cyber Security Offering (France, Belgium, UK and Switzerland)
2/2020 -
Leader of the implementation of industry best practices for physical and technical security elements:
o Access controls, lighting and security signage, CCTV and video management systems, alarm
systems, communication systems, visitor management, emergency response, Photo ID systems etc.
 Leader of the Information & Cyber Security management:
o Strategy, Governance, Audit, Risks, Crisis management, Security incident response, Threat
intelligence, Data Protection and Vulnerability management.
 MDM (Mobile Device Management), FAM (File Activity Monitoring), DAM (Database Directory Monitoring),
ISO/IEC 27000 series, NIST Cybersecurity Framework, CCTV, GDPR, Swiss Federal Data Protection Act
(DPA), COBIT, Third Parties, Security Cloud, DLP, CASB, Sandbox, WAF, IAM, PAM, SIEM/SOC, IDS/IPS,
EDR/Endpoint Security, information security assurance, Cybersecurity Maturity / Cybersecurity Score Card,
Data governance and protection, OWASP, MITRE ATT&CK, SDLC, BCP(Business Continuity Planning), DRP
(Disaster Recovery Plan), Network Security, Penetration Testing, DDoS mitigation systems and technologies.
 Information Security Committee (ISC),
 Corporate information security steering committees (CISSC),
 information security governance committee,
 Manage security vendor relationship (physical and technologies).
INFORMATION & CYBER SECURITY
 Responsible for IT and Cyber Security strategic and operational security management on all regional site,
 Responsible for the Information Security Management System (ISMS),
 Leader and manage information security incidents and events to protect Regional IT assets, intellectual
property, regulated data and the FORTIL reputation,
 Provide recommendations on Strategy, Policy, Standards, Security Controls and KRIs,
 Responsible of information security awareness & training,
 Develop and lead post-mortem exercise,
 Responsible of the Cyber security crisis exercise
 Build and manage the security dashboard,

Chief Information Security & Cyber Security Officer, Region EMEIA
FUJITSU - CONTRACT POSITION Asnières-Sur-Seine, France CISO
1/2007 - 11/2019
EMEIA Executive Committee member.
 Document and update information and physical security processes, procedures, and standards,
 Lead strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating
the evaluation, deployment, and management of current and future security technologies and practices,
 Assist the CISO Group in documenting the Security Risk Assessment,
 Manage projects and other implementation activities for security controls for the enterprise,
 Ensure that records of security operations activities are properly organized and available,
 Respond to audit and exam requests for information,
 Protecting Intellectual Property and Data Collective,
 Interface with law enforcement as necessary due to physical or information security incidents.
Technology Risks management: EBIOS, ISO27005, NIST SP 800-37,
o Compliance: LPM, EU NIS, GDPR, NIST, SOC2, PCI, IS027001 and 27018,
o Industrial Control Systems (ICS) Security (NIST 800 - 82, ISO27032),
o Business Continuity Program Management for EMEIA region,
o Operational Resilience Program Management,
o SCADA and PLC Security,
o Automated Logistics Systems,
o Security Cloud (IDaaS, CASB & DLP),
o IAM and PAM policy implementation,
o DLP incident management,
o Security Intelligence and Operat

Senior Manager Risk Consulting – Cyber Security
FREELANCE Paris, France Humans 4 HelpCISO TMM Group - healthcare company
12/2018 -
Chief Information Security Officer, TMM Group:
o Leading the strategic vision, development, implementation, and enforcement of organization-wide
security risk assessment and control standards, policies, and procedures,
o Lead the company’s crisis management efforts and response to security incidents and threats.
o SOC / Security Cloud program organization (analysts, team incident response).
o SCADA vulnerabilities analyst, mitigation strategies and implementation remediation.
o Security business plan and compliance with IEC 62443, NIST SP 800 – 82.
o Audit and Risk management (NIST SP 800-30 & ISO27005).
 Cyber Security services & operation management (Cyber Security Manager Risk Consulting):
o Define the cyber security strategies for Humans 4 Help (H4H),
o Respond and coordinate for RFI and RFP answers:
• IAM / PAM project
• CASB and DLP integration
• GDPR Project
• DevSecOps Project
o Team management, recruitment,
o Pre-sales,
o Cyber Security program director,
 Manage and drive external:
o Technologies business Partners,
o Cyber Security and Information Security Standards Forums,
o Marketing and university forums
 Build and drive Cyber security / information security strategy and innovation:
o Information Security intelligence,
o Build the cyber security offerings,
o Cyber security innovations
• 1 week to Montreal to prepare a partnership with FX INNOVATION
Staff: +5 people (International teams: France, Canada & Senegal).

Director, Head of Global Cyber Security Department

• Chief Information Security Officer, TMM Group:
• Leading the strategic vision, development, implementation, and enforcement of organization-wide security risk assessment and control standards, policies, and procedures,
• Develop and manage to budgets for Information Security and Information Technology departments,
• Lead the company’s crisis management efforts and response to security incidents and threats.

• Cyber Security services & operation management (Cyber Security Business Unit Manager):
• Define the cyber security strategies for Humans 4 Help (H4H),
• Respond and coordinate for RFI and RFP answers
• Team management, recruitment,
• P&L management,
• Cy...