À propos de Hmd
Hamid is an Information Security consultant available in Paris/Luxembourg or Geneva.
Mainly focused on banking sectors with various missions within :
- BNP Group & CIB,
- Banque de France,
- Oddo BHF,
- BPCE.
Hamid has worked on missions related to :
- cyber strategy,
- security audits,
- cyber project management,
- coordination of cyber services (CSIRT, SOC),
- deployment of security solutions
- cyber risk analysis..
Certified CISSP, CISM, ISO 27001, DORA and more.
Français
Bilingue ou natif
Anglais
Capacité professionnelle complète
Accepte de travailler sur site
Paris (jusqu’à 50 km)
Expériences
- ODDO BHFCISO advisorBANQUE & ASSURANCESdécembre 2022 - Aujourd'hui (3 ans et 6 mois)Paris, FranceCISO advisory for the CISO group:
- Provide guidance and strategic advisory to the Group CISO (and local CISOs)
- Act as CISO deputy for validation of CISO reviews / non-compliance alerts /meetings with software vendors
- Handle special missions for CISO (merge audits, action plans definition, ISO 27 security baseline...)
Enterprise Architecture:- Validate all deliverables produced by architecture team (technical architecture, encryption, GDPR, legal...)
- Contribute to complex architecture projects (merge projects, stable coin, Private Equity distributors channel...)
- Coach the security architecture team manager and local CISOs
- Recruit the security architects for architecture team
- Keolis GroupCyber Defense coordinatorTRANSPORTSoctobre 2018 - décembre 2022 (4 ans et 2 mois)Paris, FranceCyberDefense and crisis management
- Handle crisis and orchestrate teams at group level (CTO security team, local CISOs and third parties)
- Manage alerts from CTO teams, CyberSOC, SNCF, threat intel providers
- Communicate clear incident reports to senior managers
- Oversee security monitoring, thresholds, and metrics
Corporate cybersecurity and compliance- Lead and follow-up on-demand pentests, audits initiatives and remediation/treatment plans
- Direct vulnerability management provider on exposed perimeter (350 websites), do remediation plans follow-up
- Lead internal blue team campaigns (Blue Hound, Purple Knight, Pingcastle, Warhorse...) and associated mitigations
- Oversee cyber technology watch to anticipate 0days, emerging incidents, or risk of potential failures
Enterprise Architecture- Improve architecture maturity and compliance on:
- Technical side (Security by design, cloud security, intrusion audits)- Contractual aspects (Insurance Plans, service contracts)- Regulatory questions (privacy questionnaire, and security features GDPR, HDS, CNIL)- Support and provide assistance and technical expertise to Business units
Team coordination (5 experts)- Manage day-to-day activities and mature the team through mentorship
- Deliver cybersecurity reports with updated KPIs
- Participate to the 24/7 on-call schedule
- BNPPARIBAS CIBDeputy Head of CSIRTBANQUE & ASSURANCESmars 2015 - septembre 2018 (3 ans et 6 mois)Paris, FranceCyberSecurity crisis management
- Handle major incidents coordination at group level (CTO/CISO teams, and potential third parties)
- Coordinate operational CSIRTs and bring expertise during investigation (logs analysis, lateralization mitigation)
- Gather incidents related data and communicate reports to CISO and top management
Key-projects management (CyberSecurity program)- Threat intel platform: internal TIP for better knowledge on upcoming threats (external providers: FS-ISAC...)
- Log correlation: globalization of detection “use cases” (unusual behaviors, weak signals)
- Incident response protocol review: standardization of a global reaction plan, incident handling and crisis management
Team coordination (10 experts worldwide)- Manage CSIRT services at a Global level (Amer, APAC, MEA, and FR/UK regions)
- Lead day-to-day activities (relationships with legal, steerco metrics, team sync, alerts management)
Recommandations
Soyez le premier à recommander Hmd
Contribuez à la réussite de ce freelance en partageant votre expérience de collaboration avec lui.
Ces profils de freelance correspondent également à vos critères
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Formations
- Master 2 OPSIE (Organisation et Protection des Systèmes d'Information dans les Entreprises), Sécurité / sûreté de l''information des systèmes informatiquesUniversité Lumière (Lyon II)2009Master 2 OPSIE (Organisation et Protection des Systèmes d'Information dans les Entreprises), Sécurité / sûreté de l''information des systèmes informatiques
- Master 1 Informatique, Administration et gestion de l''informatique / technologies de l''informationConservatoire National des Arts et Métiers2006Master 1 Informatique, Administration et gestion de l''informatique / technologies de l''information
Certifications
- CISSPISC2