About Gulzhan
Experte en cyber sécurité, j'ai travaillé en tant que consultante et auditrice sécurité au sein des cabinets de conseil, notamment chez Deloitte dans le département de Cyber Risk Advisory. Plus récemment, j'ai construit mon expertise en sécurité opérationnelle au sein d'AXA Group Operations en tant que SOC Product Manager.
Aujourd'hui, je suis consultante indépendante et j'accompagne mes clients sur les sujets suivants:
Gouvernance sécurité :
- Développement des systèmes de management de la sécurité de l'information (SMSI)
- Analyse de risques sécurité
- Rédaction des politiques de sécurité
- Intégration de la sécurité dans les projets
- Accompagnement et gestion des équipes sécurité
- Gestion des budgets
Audits sécurité :
- Audits organisationnels de conformité
- Organisation et gestion des campagnes d'audits et de tests d'intrusion
Sécurité opérationnelle :
- Définition et amélioration des processus SOC
- Coordination des prestataires de service
Je suis certifiée CISSP, ISO 27001 Lead Auditor et Lead Implementer, CISA. J'interviens dans des domaines à la fois organisationnels et techniques. Je sais m'adapter rapidement à de nouveaux environnements.
French
Native or bilingual
English
Fluent
Can work on-site
Paris (up to 30km)
Experience
- AXA Group Operations SASSOC Product ManagerBANKING AND INSURANCEJanuary 2021 - March 2023 (2 years and 2 months)Paris, FranceDefining and deploying the SOC roadmap:- Aligning with the group’s cyber defense programs and ”move to the cloud” strategy- Performing monthly and quarterly reportings on the roadmap and the budgetManaging the Use Case Factory:- Defining and putting in place a process for the detection rules lifecycle management- Performing governance of the third party provider- Managing requests to the Use Case Factory from the analysis of the need until going live (delivery of detection rules and playbooks)Building and managing a team of SIEM engineers to onboard log sources and increase the scope of SOC monitoring (on-prem and cloud, infrastructure and application)
- AXA Group Operations SASInformation Security ConsultantBANKING AND INSURANCESeptember 2017 - December 2020 (3 years and 3 months)Paris, FranceInformation Security Risk Management:- Designing, building and supporting the group information security risk management framework- Monitoring and analyzing key information security risks for the senior management to trigger security strategy and key initiatives at group levelInformation Security Consultant: Working for an ambitious worldwide program as SME and activity owner on various projects such as- Security Target Operating Model- Information Security Management System Improvement- Security Incident Management- Physical and Travel Security
- DeloitteSenior Consultant - Manager | Cyber Risk ServicesCONSULTING AND AUDITSFebruary 2013 - August 2017 (4 years and 6 months)Neuilly-sur-Seine, FrancePenetration Test Campaigns Management:- Organization and coordination of worldwide penetration test campaigns InformationSystem Security Compliance Review:- Compliance reviews based on international standards such as ISO 27002 as well as on customers internal security policies- Third party providers security reviewsInformation System Security Management:- Information security management system implementation- Information system security risk assessment- Information security organization and governance assessment
Recommendations
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Diplôme d'IngénieurIMT Atlantique (Télecom Bretagne)2009Systèmes, Logiciels et Réseaux
Certifications
- CISSPISC2
- ISO 27002 Lead ImplementerPECB