Description

Experienced professional specializing in IT and cyber security governance and risk management. Skilled in developing strategies to safeguard critical information assets and ensuring regulatory compliance. Collaborates with cross-functional teams to enhance organizational security posture.

Key Competencies:

IT & Cyber Risk Management: Identify, assess, and mitigate cyber risks.

Governance Framework Development/Improvement and monitoring : Create and enforce effective cyber security policies, procedures, standards, guidelines, methodologies and key indicators.

Compliance Oversight: Ensure adherence to industry standards and regulations.

Stakeholder Communication: Collaborate with executives, IT teams, and auditors.

Domaines d’expertise

Langues

Français
Bilingue ou natif
Anglais
Capacité professionnelle complète
Arabe
Bilingue ou natif

Préférences en matière de lieu de travail

En télétravail uniquement

Travaille majoritairement à distance

BNP Paribas
IT/cyber risk governance consultant
BANQUE & ASSURANCES
mars 2022 - Aujourd'hui (4 ans et 3 mois)
Paris, France
Project Manager for IT/Cyber Risk Management Framework Restructuring and Review at the Group Level, involving:

Framework Analysis:
Reviewing the current framework used by the GROUP for managing IT risks.
Familiarizing oneself with key components of the framework, such as policies, procedures, standards, best practices, and various guidelines.

Relevance Assessment:
Evaluating the relevance of the framework in relation to the GROUP’s specific needs through workshops with different entities.
Verifying whether the framework covers all essential aspects of IT risk management.

Process Examination:
Reviewing processes related to risk identification, assessment, treatment, and monitoring.
Ensuring alignment of these processes with the GROUP’s strategic objectives and operational applicability.

Implementation:
Examining how the framework is being implemented within the organization.
Monitoring and providing training to operational teams on the new framework.
Verifying adherence to framework guidelines and ensuring access to necessary resources.
Gestion des risques IT gestion de projets Team Leadership EBIOS RM IRAM ISO 27005 NIST CSF
EY Services France
cyber risk consultant
CONSEIL & AUDIT
septembre 2017 - janvier 2022 (4 ans et 5 mois)
Paris, France
As an experienced IT/Cyber strategy consultant at EY, I have successfully worked with various clients across different sectors, including financial institutions, public organizations, and industries. My expertise lies in developing governance documents, implementing robust security processes, managing risks, and providing valuable insights on cyber threats. Here's a summary of my activities:

1 - Governance and Security Processes:
a - Drafting governance documents (security policies, operational procedures).
b - Implementing information security processes based on recognized standards (ISO 27k and NIST).

2 - Risk Management and Information Protection:
a - Classifying information assets of major business lines.
b - Identifying and analyzing risk scenarios related to information assets (based on IRAM v2).
c - Evaluating existing measures for information protection .

3 - Change Management and awareness:
a - Selecting, implementing, and using technology solutions (i.e data protection...).
b - Developing awareness materials and providing technical and functional training.
Project Management (PMO) Employee Training IT risk management Cybersecurity governance Réponse à appel d'offre Proposal Management