You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Nasr-Eddine A.NA

Nasr-Eddine A.

IT Audit & Risk Management Consultant | Ex-EY/PwC

€720/day
Paris, FR
8-15 years

Average response time: 1 hour

About Nasr-Eddine

Avec plus de 9 ans d’expérience en audit, gestion des risques et contrôle interne, j’accompagne les directions Audit, Risques, Conformité et IT dans le renforcement de la maîtrise des risques IT et cyber au sein d’organisations complexes et fortement régulées.

Issu de cabinets internationaux (EY, PwC) et avec une expérience multisectorielle, j’interviens sur des problématiques liées à l’audit des systèmes d’information, la gouvernance, la gestion des risques et la conformité réglementaire.

Mon approche consiste à transformer les constats d’audit et analyses de risques en actions concrètes, permettant d’améliorer durablement les dispositifs de contrôle interne, de sécurité et de gouvernance.

J’accompagne également les organisations dans la sécurisation de leurs projets de transformation digitale, en intégrant les enjeux de risques et de conformité dès les phases amont.

Domaines d’intervention

  • Audit IT & Cybersécurité
Audit des systèmes d’information, gouvernance IT, sécurité, production informatique et projets technologiques.

  • Évaluation et cartographie des risques IT
Identification et analyse des risques liés aux applications, infrastructures, processus IT et projets de transformation.

  • Contrôle interne IT & dispositifs de contrôle (ITGC)
Conception, évaluation et amélioration des dispositifs de contrôle interne IT (1ère et 2ème ligne de défense).

  • Gestion des accès & séparation des tâches (SoD)
Revue et optimisation des processus IAM, gestion des habilitations et conformité aux bonnes pratiques de sécurité.

  • Programmes de transformation et gestion des risques projets
Accompagnement des initiatives de transformation digitale pour sécuriser les processus et anticiper les risques.

  • Suivi des recommandations d’audit et plans de remédiation
Pilotage et mise en œuvre de plans d’actions visant à renforcer la maîtrise des risques.

Référentiels : COBIT, NIST, ISO 27001, ITIL
  • French

    Native or bilingual

  • English

    Native or bilingual

Can work on-site
Paris (up to 50km), Marseille (up to 50km), Lille (up to 50km), Bordeaux (up to 50km)

Experience

  • ENGIE
    Internal Control Manager
    ENERGY AND UTILITIES
    April 2026 - Today (3 months)
    Paris, France
    _Acted as second line of defense for IT internal controls, ensuring design, implementation, and effectiveness of ITGCs and application controls in compliance with Group policies and regulatory requirements.
    _Served as primary contact for external auditors (statutory auditors / CACs), coordinating IT audits, evidence collection, walkthroughs, and remediation tracking.
    _Led annual IT internal control self-assessment campaigns across multiple entities, ensuring timely completion and follow-up on control deficiencies and action plans.
    _Managed Segregation of Duties (SoD) framework, including conflict analysis, risk identification, and remediation with IT and business stakeholders.
    _Supported IT risk management activities, including risk assessment, control mapping, and definition of mitigating controls.
    _Produced internal control reporting for senior management, including KPIs, audit results, and remediation progress.
    _Contributed to Continuous Control Monitoring (CCM) initiatives using data analytics to improve control effectiveness and automation.
    Risk Management ITGC Implémentation ERP Contrôle interne Cartographie des risques
  • EY
    Manager Internal Audit
    CONSULTING AND AUDITS
    August 2021 - March 2025 (3 years and 7 months)
    Genève, Switzerland
    - Oversee the execution of the internal audit plan, ensuring timely delivery and alignment with global and regional best practices.
    - Develop and implement risk frameworks and policies adaptable to the country regulatory environment.
    - Implement and monitor internal controls, ensuring alignment with company objectives and regional requirements.
    - Collaborate with first and second lines of defense to assess and mitigate risks across operations.
    - Foster a positive risk culture, emphasizing integrity, professionalism, and collaboration.
    - Assisting organizations in the identification and management of information security risks by assessing the current state, prioritizing improvements and conducting projects to reduce risk and improve regulatory compliance.
    - Identifying and managing privacy and data protection risks and compliance requirements, working across our clients' organizations to help meet stakeholder expectations and requirements.
    Internal Audits Risk Management Corporate Strategy IT Strategy Controlling and Performance Management Systems
  • PwC
    IT Senior Auditor
    CONSULTING AND AUDITS
    September 2018 - July 2021 (2 years and 10 months)
    Paris, France
    - Engaging clients and providing authoritative advice and professionalism throughout transactions.
    - Contribute to the different phases of interventions: from the realization of diagnostic to the elaboration of organizational, functional and technical recommendations.
    - Synthesize information & prepare the audit report.
    - Implement IS transformation project reviews and map IT risks.
    Gestion de projet IT Agile Project Management Change and Transformation Management Internal Audits Implémentation ERP

Recommendations

Be the first to recommend Nasr-Eddine

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • MS
    SKEMA Business School
    2018
    MS
  • MA
    Lille Catholic University
    2017
    MA

Skill set

Categories