You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
Hmd ZHZ

Hmd Z

Information Security consultant (CISSP/CISM/CCSK)

€800/day
Paris, FR
15+ years

Average response time: 1 hour

About Hmd

Hamid is an Information Security consultant available in Paris/Luxembourg or Geneva.

Mainly focused on banking sectors with various missions within :
  • BNP Group & CIB,
  • Banque de France,
  • Oddo BHF,
  • BPCE.

Hamid has worked on missions related to :
  • cyber strategy,
  • security audits,
  • cyber project management,
  • coordination of cyber services (CSIRT, SOC),
  • deployment of security solutions
  • cyber risk analysis..

Certified CISSP, CISM, ISO 27001, DORA and more.
Banking and Financial Services

  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Paris (up to 50km)

Experience

  • ODDO BHF
    CISO advisor
    BANKING AND INSURANCE
    December 2022 - Today (3 years and 6 months)
    Paris, France
    CISO advisory for the CISO group:
    • Provide guidance and strategic advisory to the Group CISO (and local CISOs)
    • Act as CISO deputy for validation of CISO reviews / non-compliance alerts /meetings with software vendors
    • Handle special missions for CISO (merge audits, action plans definition, ISO 27 security baseline...)

    Enterprise Architecture:
    • Validate all deliverables produced by architecture team (technical architecture, encryption, GDPR, legal...)
    • Contribute to complex architecture projects (merge projects, stable coin, Private Equity distributors channel...)
    • Coach the security architecture team manager and local CISOs
    • Recruit the security architects for architecture team
  • Keolis Group
    Cyber Defense coordinator
    TRANSPORTATION
    October 2018 - December 2022 (4 years and 2 months)
    Paris, France
    CyberDefense and crisis management
    • Handle crisis and orchestrate teams at group level (CTO security team, local CISOs and third parties)
    • Manage alerts from CTO teams, CyberSOC, SNCF, threat intel providers
    • Communicate clear incident reports to senior managers
    • Oversee security monitoring, thresholds, and metrics

    Corporate cybersecurity and compliance
    • Lead and follow-up on-demand pentests, audits initiatives and remediation/treatment plans
    • Direct vulnerability management provider on exposed perimeter (350 websites), do remediation plans follow-up
    • Lead internal blue team campaigns (Blue Hound, Purple Knight, Pingcastle, Warhorse...) and associated mitigations
    • Oversee cyber technology watch to anticipate 0days, emerging incidents, or risk of potential failures

    Enterprise Architecture
    • Improve architecture maturity and compliance on:
    - Technical side (Security by design, cloud security, intrusion audits)
    - Contractual aspects (Insurance Plans, service contracts)
    - Regulatory questions (privacy questionnaire, and security features GDPR, HDS, CNIL)

    • Support and provide assistance and technical expertise to Business units

    Team coordination (5 experts)
    • Manage day-to-day activities and mature the team through mentorship
    • Deliver cybersecurity reports with updated KPIs
    • Participate to the 24/7 on-call schedule
  • BNPPARIBAS CIB
    Deputy Head of CSIRT
    BANKING AND INSURANCE
    March 2015 - September 2018 (3 years and 6 months)
    Paris, France
    CyberSecurity crisis management
    • Handle major incidents coordination at group level (CTO/CISO teams, and potential third parties)
    • Coordinate operational CSIRTs and bring expertise during investigation (logs analysis, lateralization mitigation)
    • Gather incidents related data and communicate reports to CISO and top management

    Key-projects management (CyberSecurity program)
    • Threat intel platform: internal TIP for better knowledge on upcoming threats (external providers: FS-ISAC...)
    • Log correlation: globalization of detection “use cases” (unusual behaviors, weak signals)
    • Incident response protocol review: standardization of a global reaction plan, incident handling and crisis management

    Team coordination (10 experts worldwide)
    • Manage CSIRT services at a Global level (Amer, APAC, MEA, and FR/UK regions)
    • Lead day-to-day activities (relationships with legal, steerco metrics, team sync, alerts management)
Check out Hmd's experience

Recommendations

Be the first to recommend Hmd

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Master 2 OPSIE (Organisation et Protection des Systèmes d'Information dans les Entreprises), Sécurité / sûreté de l''information des systèmes informatiques
    Université Lumière (Lyon II)
    2009
    Master 2 OPSIE (Organisation et Protection des Systèmes d'Information dans les Entreprises), Sécurité / sûreté de l''information des systèmes informatiques
  • Master 1 Informatique, Administration et gestion de l''informatique / technologies de l''information
    Conservatoire National des Arts et Métiers
    2006
    Master 1 Informatique, Administration et gestion de l''informatique / technologies de l''information

Certifications

  • CISSP
    ISC2

Skill set (19)

Gestion de projet
Audit
Analyse de risques
ISO 27001
Securité informatique
Audit de sécurité
RSSI
OWASP
RGPD
EDR
THREAT INTEL
Cybersecurity
Incident Management
CSIRT
SOC
Palo Alto
RISK ANALYSIS
Data Privacy (GDPR, CCPA)
GRC (Governance, Risk and Compliance)

Categories