You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
Ressources
Malt Strategy
Ressources
Walid Ait MouffokWA

Walid Ait Mouffok

PCI DSS Compliance Specialist, CISSP, CISA

737 €/jour
Dijon, FR
8-15 ans
PCI DSS
Gap analysis
Governance, Risk and Compliance
Consultant GRC
Regulatory Compliance

Délai de réponse moyen : 1h

À propos de Walid

Consultant GRC avec plus de 8 ans d’expérience, spécialiste en conformité PCI DSS. J’accompagne les entreprises dans la mise en œuvre de leur conformité PCI, à travers des audits, analyses d’écarts et stratégies de gestion des risques adaptées aux objectifs business. J’ai notamment joué un rôle clé dans le développement d'un framework ayant permis à mon client de réaliser plus d’10 M€ d’économies. Analytique et attentif au détails, je mets mon expertise au service de la sécurité, de la gouvernance et de la conformité réglementaire.



I help organizations achieve PCI DSS and GRC compliance by translating complex technical controls into clear, actionable audit evidence. At La Poste, I managed the compliance framework that decommissioned over 3,500 VMs and validated system change controls under PCI DSS 4.0, saving the company over €10M. With experience in vulnerability management, asset auditing, and compliance reporting, I bridge the gap between technical operations and governance. I’m now focused on helping global enterprises prepare for successful PCI DSS and NIST CSF 2.0 assessments.
Conseil et audit
Services numériques et IT
Banques et services financiers

  • Français

    Bilingue ou natif

  • Anglais

    Capacité professionnelle complète

  • Arabe

    Bilingue ou natif

En télétravail uniquement
Travaille majoritairement à distance

Expériences

  • Baxter Clewis Cybersecurity
    PCI DSS Consultant
    CONSEIL & AUDIT
    mai 2025 - décembre 2025 (7 mois)
    Texas City, États-Unis
    - Reviewed ASV scan results (Qualys/OpenVAS) for PCI DSS alignment, enabling effective risk prioritization and sustained audit readiness across regulated, high-value environments. (PCI DSS Req. 11.3.1, 11.3.2)
    - Built a detailed control mapping matrix for RHEL and Windows Server environments, advising stakeholders on aligning configurations with PCI DSS, CIS, and NIST CSF to enable secure, consistent, and repeatable golden image deployments. (PCI DSS Req. 2.2.1, 2.2.6)
    - Refined PCI DSS scoping through network and dataflow diagram analysis and inventory review, collaborating with PCI consultants and enabling cross-functional teams to reduce audit scope by up to 30%, saving $100K–$250K annually in compliance and operational costs. (PCI DSS Req. 12.5.1, 12.5.2)
    - Performed in-depth firewall audits (SonicWall/Palo Alto), identifying rules, settings, and segmentation gaps that reduced potential exposure to multi-million-dollar compliance and security risks. (PCI DSS Req. 1.2.5, 1.3.1, 1.3.2, 1.4.1)
    PCI DSS Gap analysis Internal Audit Scoping Governance, Risk and Compliance
  • La Poste
    Senior Cybersecurity Compliance Analyst
    CONSEIL & AUDIT
    octobre 2023 - juillet 2025 (1 an et 9 mois)
    Paris, France
    - Designed and implemented an enterprise-wide system decommissioning framework, ensuring secure and compliant retirement of over 3,500 VMs and 400 servers, eliminating unsupported systems (PCI DSS Req. 6).
    - Audited change control processes (RFCs) and CMDB entries to validate evidence of decommissioning in compliance with PCI DSS and ISO 27001.
    - Coordinated cross-functional teams during kick-off, scoping, and validation meetings, ensuring compliance with security policies and documentation standards.
    - Delivered detailed audit reports identifying gaps, remediation actions, and risk mitigations, resulting in €10M+ in operational savings while maintaining full compliance.
    Gap analysis PCI DSS Regulatory Compliance Audit IT Gestion de projet IT
  • La Poste
    Cybersecurity Analyst – IT Operations & Compliance Monitoring
    CONSEIL & AUDIT
    janvier 2022 - septembre 2023 (1 an et 8 mois)
    Dijon, France
    - Performed vulnerability management and patch audits, validating timely remediation of critical findings for regulated environments (PCI DSS Req. 6.3, 11.2).
    - Conducted incident response documentation, log analysis, and control validation aligned with PCI DSS logging and monitoring requirements (Req. 10).
    - Led server compliance checks and go-live deployment audits, ensuring hardened configurations for production systems.
    - Authored and standardized incident response procedures and technical remediation plans, reducing audit findings by 30%.
    PCI DSS Regulatory Compliance Principe de moindre privilège Audit IT Red Hat Linux
Consulter toutes les expériences de Walid

Recommandations

Soyez le premier à recommander Walid

Contribuez à la réussite de ce freelance en partageant votre expérience de collaboration avec lui.

Ces profils de freelance correspondent également à vos critères

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

S’inscrire pour les voir

Formations

  • Bachelor of Cybersecurity (Bac+4)
    Onlineformapro
    2021
    Administrateur d'infrastructures sécurisées- RNCP37680
  • Associate's degree in Computer science
    Onlineformapro
    2020
    Technicien supérieur systèmes et réseaux - RNCP37682

Compétences

Red Hat Enterprise Linux
pfsense
SonicWall
Principe de moindre privilège
GRC (gouvernance, risques et conformité)
Formation de sensibilisation à la sécurité informatique
Évaluation des risques et de la vulnérabilité
Windows Server
Zero Trust
Qualys
Nessus
Jira/Confluence
NIST CSF
Cisco Nexus
Architecture IT
Gestion de projet IT
Elastic Stack (ELK)
Conformité RGPD
Palo Alto
F5 BigIP

Catégories