CV/Mission d'It security compliance coordinator freelance

Exemple de missions de Richard,
It security compliance coordinator habitant l'Eure (27)

• Chief Technology Architect and Cyber Security OfficerDINUM (OFFICE OF THE FRENCH PRIME MINISTER)POSITION PARIS
  Jan 2020 - aujourd'hui

  CISO DINUM / Clearance Officer / Deputy DPO  Lead the Architect and CISO team to define, implemented and developed architecture standards and
  provides technical and Cyber Security for all Government Department (Ministries),  Provide leadership for the Ministries and its agencies within the information security and IT architecture,  Formulate information security goals and establish policies, standards and procedures in line with whole-ofgovernment cyber security directions,  Business Continuity Program Management,  Operational Resilience Program Management,  Ensure cyber security compliance to whole-of-government policies and standards,  Review, endorse and align information security and develop risk management and mitigation plans,  Advise management on the appropriate cyber security solutions and technologies to be deployed,  Align IT needs with the strategic cyber security direction of whole-of-government,  Implement change management process to keep up with evolving cyber threat landscape (with ANSSI = The
  National Cybersecurity Agency of France),  Collaborate with National Cybersecurity Agency of France (ANSSI) for all subject cyber security, cyber
  defense et resilience for French all government departments and public administrations,  Collaborate with French Data Protection Authority (CNIL) for the implementation and security personal
  data protection in all projects and products,  Lead the creation and evolution of the French Government architecture program (FranceConnect, Tech.gouv,
  Pilot, Tchap, OSMOSE, RESANA, ...)  Lead the development of an implementation plan for the public service architecture based on French
  Government requirements. o Team management: IT Architect, Information Security Officer, Principal Cyber Security Engineer,
  Interns and Apprentice.

  Technical environment: - Windows, Linux, UNIX, - DevOps, Micro-services, SQL, noSQL, PostgreSQL, EAI, ESB, Web Services, APIs, SOA, REST, BPMN, Data Management Platforms (DMP), Progressive Web Applications (PWA), - Java, J2EE, JBOSS, C++, Python, NodeJS, Shell, - ISO27001, ISO27002, ISO27005, EBIOS, EBIOS Risk Manager, DevSecOps, eIDAS, GDPR, EU Cybersecurity Act, PSSIE, IGI901, IGI1300

• Security & Cyber Security Offering (France, Belgium, UK and Switzerland)

  FORTIL - FREELANCE GENEVA, SWITZERLANDGroup Head of Information
  Jan 2020 - aujourd'hui

  Leader of the implementation of industry best practices for physical and technical security elements:
  o Access controls, lighting and security signage, CCTV and video management systems, alarm
  systems, communication systems, visitor management, emergency response, Photo ID systems etc.
   Leader of the Information & Cyber Security management:
  o Strategy, Governance, Audit, Risks, Crisis management, Security incident response, Threat
  intelligence, Data Protection and Vulnerability management.
   MDM (Mobile Device Management), FAM (File Activity Monitoring), DAM (Database Directory Monitoring),
  ISO/IEC 27000 series, NIST Cybersecurity Framework, CCTV, GDPR, Swiss Federal Data Protection Act
  (DPA), COBIT, Third Parties, Security Cloud, DLP, CASB, Sandbox, WAF, IAM, PAM, SIEM/SOC, IDS/IPS,
  EDR/Endpoint Security, information security assurance, Cybersecurity Maturity / Cybersecurity Score Card,
  Data governance and protection, OWASP, MITRE ATT&CK, SDLC, BCP(Business Continuity Planning), DRP
  (Disaster Recovery Plan), Network Security, Penetration Testing, DDoS mitigation systems and technologies.
   Information Security Committee (ISC),
   Corporate information security steering committees (CISSC),
   information security governance committee,
   Manage security vendor relationship (physical and technologies).
  INFORMATION & CYBER SECURITY
   Responsible for IT and Cyber Security strategic and operational security management on all regional site,
   Responsible for the Information Security Management System (ISMS),
   Leader and manage information security incidents and events to protect Regional IT assets, intellectual
  property, regulated data and the FORTIL reputation,
   Provide recommendations on Strategy, Policy, Standards, Security Controls and KRIs,
   Responsible of information security awareness & training,
   Develop and lead post-mortem exercise,
   Responsible of the Cyber security crisis exercise
   Build and manage the security dashboard,

• Crisis Advisor: Cyber Security – Information Security - Cybercrime Investigator & competitive Economic Analyst

  GENDARMERIE (FRENCH GOVERNMENT AGENCY - OPERATION RESERVE), France
  Jan 2019 - aujourd'hui

   Responsible for collecting, analyzing, and disseminating all-source intelligence on a range of topics to include
  space, counterspace, cyber, and emerging technologies.
   Provide documentation and reporting for investigation and litigation or digital evidence handling, preservation,
  and storage.
   Identify emerging cybercrime trends and methodologies.
   Provide investigative and analytical support to criminal investigations.
  o Cyber Risk and Strategic Analysis,
  o Vulnerability Detection and Assessment,
  o Intelligence and Investigation,
  o Networks and Systems Engineering,
  o Digital Forensics and Forensics Analysis,
  o Financial Fraud Analyst.
   Sector coordinator: Cybersecurity crisis management and coordination
  o ANSSI: The National Cybersecurity Agency of France,
  o Frontex,
  o NATO,
  o EUROGENDFOR: European Gendarmerie Force,
  o DGSI: General Directorate for Internal (homeland) Security
  o DRSD: The French Defense Intelligence and Security Directorate
  o TRACFIN (Intelligence processing and action against underground financial circuits).

• Senior Manager Risk Consulting – Cyber Security

  FREELANCE Paris, France Humans 4 HelpCISO TMM Group - healthcare company
  Jan 2018 - aujourd'hui

  Chief Information Security Officer, TMM Group:
  o Leading the strategic vision, development, implementation, and enforcement of organization-wide
  security risk assessment and control standards, policies, and procedures,
  o Lead the company’s crisis management efforts and response to security incidents and threats.
  o SOC / Security Cloud program organization (analysts, team incident response).
  o SCADA vulnerabilities analyst, mitigation strategies and implementation remediation.
  o Security business plan and compliance with IEC 62443, NIST SP 800 – 82.
  o Audit and Risk management (NIST SP 800-30 & ISO27005).
   Cyber Security services & operation management (Cyber Security Manager Risk Consulting):
  o Define the cyber security strategies for Humans 4 Help (H4H),
  o Respond and coordinate for RFI and RFP answers:
  • IAM / PAM project
  • CASB and DLP integration
  • GDPR Project
  • DevSecOps Project
  o Team management, recruitment,
  o Pre-sales,
  o Cyber Security program director,
   Manage and drive external:o Technologies business Partners,
  o Cyber Security and Information Security Standards Forums,
  o Marketing and university forums
   Build and drive Cyber security / information security strategy and innovation:
  o Information Security intelligence,
  o Build the cyber security offerings,
  o Cyber security innovations
  • 1 week to Montreal to prepare a partnership with FX INNOVATION
  Staff: +5 people (International teams: France, Canada & Senegal).

• Chief Information Security & Cyber Security Officer, Region EMEIA

  FUJITSU - CONTRACT POSITION Asnières-Sur-Seine, France CISO
  Jan 2007 - Jan 2019

  EMEIA Executive Committee member.
   Document and update information and physical security processes, procedures, and standards,
   Lead strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating
  the evaluation, deployment, and management of current and future security technologies and practices,
   Assist the CISO Group in documenting the Security Risk Assessment,
   Manage projects and other implementation activities for security controls for the enterprise,
   Ensure that records of security operations activities are properly organized and available,
   Respond to audit and exam requests for information,
   Protecting Intellectual Property and Data Collective,
   Interface with law enforcement as necessary due to physical or information security incidents.

  Technology Risks management: EBIOS, ISO27005, NIST SP 800-37, o Compliance: LPM, EU NIS, GDPR, NIST, SOC2, PCI, IS027001 and 27018, o Industrial Control Systems (ICS) Security (NIST 800 - 82, ISO27032), o Business Continuity Program Management for EMEIA region, o Operational Resilience Program Management, o SCADA and PLC Security, o Automated Logistics Systems, o Security Cloud (IDaaS, CASB & DLP), o IAM and PAM policy implementation, o DLP incident management, o Security Intelligence and Operat

• Director, Head of Global Cyber Security Department

  aujourd'hui

  • Chief Information Security Officer, TMM Group:
  • Leading the strategic vision, development, implementation, and enforcement of organization-wide security risk assessment and control standards, policies, and procedures,
  • Develop and manage to budgets for Information Security and Information Technology departments,
  • Lead the company’s crisis management efforts and response to security incidents and threats.
  
  • Cyber Security services & operation management (Cyber Security Business Unit Manager):
  • Define the cyber security strategies for Humans 4 Help (H4H),
  • Respond and coordinate for RFI and RFP answers
  • Team management, recruitment,
  • P&L management,
  • Cy...