À propos de Anis
I'm currently a Cybersecurity & Monetic Security Expert, over 20 years of a experience in Information Security System, perspectives including more 10 years in complex Security Project Management & program across world wide banking & assurance.
With a focus on GRC (Governance, risk management, and compliance) and Information System Security, I currently serve in a key role of leading requirements contract security appendix with third-party & provider, guiding the development of strategic and tactical Cyber-Security efforts, designing and driving implementations to completion, and function overall as a IT Risk security leader for traditional and evolving security strategy across various sector clients specialy Electronic Banking.
//Technical environments
• New technologies & innovations “Business” projects;
• Technical infrastructures (Firewall "CheckPoint, Fortinet", Router, Switch, F5, IDS / IPS, VPN SSL / IPSEC, NAC CISCO ISE, Proxy, Reverse Proxy, WAF, servers, storage, network, workstation), Multi environment -Cloud (MS AZURE, AWS);
• Tools / Technologies & methodologies applicable to security: Microsoft (AD, ADFS, AZURE AD, AD CONNECT, EXCHANGE, ONEDRIVE, SCCM), SYMANTEC DLP & SEP, SIEM “Splunk”, MDM / MAM, Patch management, Scans “Qualys , Nessus, Rapid7 ”, Agile (Scrum), PMP, ITIL.
• Frameworks : ISO 27x; PCI, NIST, CIS, LPM.
• Regulatory compliance: PCI-DSS standard, GDPR regulation, ANSSI and NIS directive.
Anglais
Capacité professionnelle complète
Arabe
Bilingue ou natif
Français
Bilingue ou natif
Italien
Capacité professionnelle limitée
Accepte de travailler sur site
Savigny-sur-Orge (jusqu’à 50 km)
Expériences
- Société Générale / CyberSecurityCISO Assistantaoût 2024 - Aujourd'hui (1 an et 10 mois)ï Goal : ¨ Support the Chief Information Security Officer (CISO) in overseeing the organization's information security program to protect information assets, ensure compliance with regulations and standards, and strengthen the overall security posture.ï Work accomplished : ¨ Development and implementation of enterprise-wide information security strategies and policies.¨ Providing technical expertise in information security engineering and architecture.¨ Collaborating with IT, business, and compliance teams to integrate security into organizational processes.ï Risk management : ¨ Conducting comprehensive risk assessments related to information security.¨ Developing and implementing mitigation plans for identified risks.¨ Continuous monitoring to identify and address emerging vulnerabilities.ï Results Achieved : ¨ Implementation of security solutions aligned with standards such as NIST CSF.¨ Significant reduction of vulnerabilities and potential threats.¨ Ensured compliance with information security regulations.¨ Enhanced organizational resilience against cyber threats.
- BNPParibas / Cybersecurity Expert - Payment Systemsseptembre 2021 - août 2024 (2 ans et 11 mois)ï Goal : ¨ Provide cybersecurity consulting and expertise within the IT Security & Risk team (Regulatory Audit, Risk Assessment, Outsourced Services, Security Cloud Maturity), focusing mainly on IAM APIs and data protection for the Co-branded Digital Payment Card App & EPI (European Payments Initiative).ï Work accomplished : ¨ Security support and compliance for contracts, considering legal and regulatory constraints.¨ Ensuring compliance across ITG/ITPS for payments, following the IRPP methodology.¨ Risk assessment and monitoring for projects, producing reviews on security, resilience, and project risks, proposing mitigation measures.¨ Conducting risk analyses following the EBIOS RM methodology.¨ Contributing to security audits to identify risks, define controls, and develop action plans.ï Tasks : ¨ RFP/RFI (client/supplier), managing and monitoring audits (vulnerabilities, configurations, architecture, and code).ï Risk management : ¨ Formalizing risk sheets, security reviews, and proofs on due diligence/risk assessment..ï Team management : ¨ Contributing to committees with internal partners (RSSI, IT Risks & Cyber Committee).¨ Leading and coordinating contributing teams.¨ Managing collaborators or service providers on audit-related projects in the context of outsourced services.ï Results Achieved : ¨ Drafting/reviewing contracts (Security Annex) with suppliers¨ Defining security controls and action plans for ITPS (Mobile/Web/Payments) and applicable security frameworks (DSP2, 3DSecure, OTP SMS, MFA, 2FA, etc.)
- AXA Technology ServicesInfrastructure & Security Project Managerfévrier 2016 - décembre 2018 (2 ans et 10 mois)ï Goal : ¨ Define and lead projects for optimal outcomes, meeting business requirements in terms of quality, performance, cost, timeline, and security.¨ Multi-Cloud migration (AWS & AZURE) for application bases, implementing secure multi-cloud architecture, Encryption, ExpressRoute, CyberArk, etc.ï Work accomplished : ¨ Defining and analyzing needs with a relevant business representative.¨ Analyzing constraints, prerequisites, and client expectations.¨ Writing project budgets and proposals.¨ Establishing a provisional plan.¨ Adapting and improving tools and functionalities to meet evolving business needsï Monitoring of project progress : ¨ Planning and monitoring projects, reporting to governance bodies ;¨ Purchases, budget monitoring.ï Team management ; ¨ Organizing and leading: steering committee, technical committee, and crisis cell.¨ Coordinating all project contributors (Business, Publishers, Operators, and Providers).¨ Modeling and specifying necessary environments for application functionality¨ Leading and coordinating the project team ;¨ Managing resources for technical implementation operations (WH/ NWH) ;¨ Managing collaborators or providers on national or international projects.ï Results Achieved : ¨ Delivered projects within deadlines and budgets with full security compliance.
Recommandations
Soyez le premier à recommander Anis
Contribuez à la réussite de ce freelance en partageant votre expérience de collaboration avec lui.
Ces profils de freelance correspondent également à vos critères
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Formations
- PhD of Information and Communication Sciences - PhDUniversité Vincennes-Saint-Denis (Paris VIII)2012Topic: Metatechnologies: Interdependence between the level of hypermediatization and the (ecosophical) consideration of the living.
Certifications
- Project Management Professional (PMP)Project Management Institute2016
- Methodology Risk Analysis - MESARICredit Agricole Consumer Finance2015