You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
Nouveau rapport
Malt Tech Trends 2026
Malt Strategy
Nouveau rapport
Malt Tech Trends 2026
Hmd ZHZ

Hmd Z

Information Security consultant (CISSP/CISM/CCSK)

800 €/jour
Paris, FR
15 ans et +

Délai de réponse moyen : 1h

À propos de Hmd

Hamid is an Information Security consultant available in Paris/Luxembourg or Geneva.

Mainly focused on banking sectors with various missions within :
  • BNP Group & CIB,
  • Banque de France,
  • Oddo BHF,
  • BPCE.

Hamid has worked on missions related to :
  • cyber strategy,
  • security audits,
  • cyber project management,
  • coordination of cyber services (CSIRT, SOC),
  • deployment of security solutions
  • cyber risk analysis..

Certified CISSP, CISM, ISO 27001, DORA and more.
Banques et services financiers

  • Français

    Bilingue ou natif

  • Anglais

    Capacité professionnelle complète

Accepte de travailler sur site
Paris (jusqu’à 50 km)

Expériences

  • ODDO BHF
    CISO advisor
    BANQUE & ASSURANCES
    décembre 2022 - Aujourd'hui (3 ans et 6 mois)
    Paris, France
    CISO advisory for the CISO group:
    • Provide guidance and strategic advisory to the Group CISO (and local CISOs)
    • Act as CISO deputy for validation of CISO reviews / non-compliance alerts /meetings with software vendors
    • Handle special missions for CISO (merge audits, action plans definition, ISO 27 security baseline...)

    Enterprise Architecture:
    • Validate all deliverables produced by architecture team (technical architecture, encryption, GDPR, legal...)
    • Contribute to complex architecture projects (merge projects, stable coin, Private Equity distributors channel...)
    • Coach the security architecture team manager and local CISOs
    • Recruit the security architects for architecture team
  • Keolis Group
    Cyber Defense coordinator
    TRANSPORTS
    octobre 2018 - décembre 2022 (4 ans et 2 mois)
    Paris, France
    CyberDefense and crisis management
    • Handle crisis and orchestrate teams at group level (CTO security team, local CISOs and third parties)
    • Manage alerts from CTO teams, CyberSOC, SNCF, threat intel providers
    • Communicate clear incident reports to senior managers
    • Oversee security monitoring, thresholds, and metrics

    Corporate cybersecurity and compliance
    • Lead and follow-up on-demand pentests, audits initiatives and remediation/treatment plans
    • Direct vulnerability management provider on exposed perimeter (350 websites), do remediation plans follow-up
    • Lead internal blue team campaigns (Blue Hound, Purple Knight, Pingcastle, Warhorse...) and associated mitigations
    • Oversee cyber technology watch to anticipate 0days, emerging incidents, or risk of potential failures

    Enterprise Architecture
    • Improve architecture maturity and compliance on:
    - Technical side (Security by design, cloud security, intrusion audits)
    - Contractual aspects (Insurance Plans, service contracts)
    - Regulatory questions (privacy questionnaire, and security features GDPR, HDS, CNIL)

    • Support and provide assistance and technical expertise to Business units

    Team coordination (5 experts)
    • Manage day-to-day activities and mature the team through mentorship
    • Deliver cybersecurity reports with updated KPIs
    • Participate to the 24/7 on-call schedule
  • BNPPARIBAS CIB
    Deputy Head of CSIRT
    BANQUE & ASSURANCES
    mars 2015 - septembre 2018 (3 ans et 6 mois)
    Paris, France
    CyberSecurity crisis management
    • Handle major incidents coordination at group level (CTO/CISO teams, and potential third parties)
    • Coordinate operational CSIRTs and bring expertise during investigation (logs analysis, lateralization mitigation)
    • Gather incidents related data and communicate reports to CISO and top management

    Key-projects management (CyberSecurity program)
    • Threat intel platform: internal TIP for better knowledge on upcoming threats (external providers: FS-ISAC...)
    • Log correlation: globalization of detection “use cases” (unusual behaviors, weak signals)
    • Incident response protocol review: standardization of a global reaction plan, incident handling and crisis management

    Team coordination (10 experts worldwide)
    • Manage CSIRT services at a Global level (Amer, APAC, MEA, and FR/UK regions)
    • Lead day-to-day activities (relationships with legal, steerco metrics, team sync, alerts management)
Consulter toutes les expériences de Hmd

Recommandations

Soyez le premier à recommander Hmd

Contribuez à la réussite de ce freelance en partageant votre expérience de collaboration avec lui.

Ces profils de freelance correspondent également à vos critères

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

S’inscrire pour les voir

Formations

  • Master 2 OPSIE (Organisation et Protection des Systèmes d'Information dans les Entreprises), Sécurité / sûreté de l''information des systèmes informatiques
    Université Lumière (Lyon II)
    2009
    Master 2 OPSIE (Organisation et Protection des Systèmes d'Information dans les Entreprises), Sécurité / sûreté de l''information des systèmes informatiques
  • Master 1 Informatique, Administration et gestion de l''informatique / technologies de l''information
    Conservatoire National des Arts et Métiers
    2006
    Master 1 Informatique, Administration et gestion de l''informatique / technologies de l''information

Certifications

  • CISSP
    ISC2

Compétences (19)

Gestion de projet
Audit
Analyse de risques
ISO 27001
Securité informatique
Audit de sécurité
RSSI
OWASP
RGPD
EDR
THREAT INTEL
Cybersecurity
Incident Management
CSIRT
SOC
Palo Alto
RISK ANALYSIS
Protection des données (RGPD, CCPA)
GRC (gouvernance, risques et conformité)

Catégories