Information Security Consulting
Independent
Total years of experience :14 years, 9 Months
Information Security Consulting (for independent asset managers)
" Human risk analysis linked to information security managed by third parties
" Information Security within the Cloud computing
" Analysis and selection of secure infrastructures adapted to independent asset
managers' needs
! Personal Project (Jinja):
" Development of a new and innovative concept of e-business, considering mobility,
transparency, simplicity and based in a direct interaction between people
" Identification and setting up of a group of 10 specialists (marketing, finance,
development, etc, )
! Consultant Web (Europtaxi & Tourfiller): Creation of an online booking solution for taxis:
" Analysis and architectural design of the Web site
" Writing of all functional specifications concerning the platform
" Supervision of development teams located in Tunisia and Morocco
" Coordination with Web marketing teams based in Tunisia
" Monitoring the project in all its different phases (analysis, development, marketing)
Information Security Officer in charge the information security
" Projects:
• Setting up of a business continuity plan
• Conducting a comprehensive risk analysis to ensure the protection of all sensitive
information of the bank (ISO 27002)
• Creation of a local security policy: PSSI, IT charter
• Implementation of internal documents concerning the process of IT accesses
management
" Daily routine:
• Management of all newcomers and leavers (in view of their IT accesses, training on the IT security)
• Identity management and access rights
• Periodical review and check of the access rights (review with the manager)
• User awareness of security issues: short training sessions and regular diffusion of information documentation concerning security regulations in the domain of
confidentiality
• Daily checks of security logs to detect unauthorized activity
• Implementation and security controls of the information systems processes
• Preparing and active participation in audits and inspections (internal and external) and regular updates of regulatory files
• Ensuring the availability and integrity of all IT resources
• Analysis and implementation of global security policies received from Spain
• Documentation and incidents management
• Coordinating together with the Head of Information Systems based on US projects
relating to the private bank and with Head of Global Security worldwide based in
Spain for general safety guidelines
• Creation and maintaining of an IT tool that manages all the access rights
• Document of all changes made in all the systems
Collaborator Security and Risk IT (Technologies & banking architecture)
" Setting up of the user guide for the application " LODH Access "
" Setting up and updating of a statistics spreadsheet for the activity " LODH Access "
" Management of IT access requests according to security standards as per the following
points: • Analyse of the request and identification of key information
• Creation of a user access card duly validated by authorised people
• Dispatching and follow-up of the tasks to the various teams in charge of executing
them
• Input in the central register all query concerning the right access
• Research in the system for the information needed to establish an application forms
• Maintaining the Central Register Reference
• Periodical review and check of the access rights (review with the manager)
• Monitoring for all entries and departures directory RH
• Managing of parameters required the proper functioning "LODH Access"
• Organization the communication between all administrators of application
• Coordination with the owners of applications
Salesman (sport, children, men, toys)
Internship (IT department)
Maintaining of an Internet site and creation of various pages related to management of server
Internship (Accounting department)
Various temporary missions for Adecco Geneva
Sailing instructor for Club Med
Information Technology Management and IT Governance Certification « COBIT 4.1 »
Management of Operational Services Certification « ITIL V3 Foundation »
Project Management Certification « PRINCE 2 »
Information System Security Governance Thesis • Governance applied on new mobile technologies « Financial institutions: Information Security challenge within the new area of mobile technologies »
Gouvernance et Management de la Sécurité des Systèmes d'Information) " Project • Association pour le Development du Service Notarial "ADSN": Risk analysis for the central directory of deeds and judicial "MICEN" " Development and conservation of deeds electronically " " Conducting a risk analysis based on EBIOS " Development of a security policy " Integration of MICEN within the existing disaster recovery plan " Presentation of an action plan
Ecole Supérieure d'Informatique de Gestion HEG-Esig " IT Management "
Economics at University Kadi Ayad
Baccalauréat Sciences Mathematics