Hamza

• Managed Service Now migration project timelines effectively, ensuring all scheduled deliverables were completed accurately and within stipulated timeframes.
• Developed training materials and guidelines to ensure that all stakeholders can create risks and asset classifications and also maintain compliance to our risk management and security procedures.
• Supported the integration of Service Now GRC modules within client environments, streamlining workflows and enhancing overall efficiency.
• Assisted in updating policies and procedures that aligned with organizational objectives while adhering to regulatory requirements (ISO 27001).
• Used Service Now Dashboard to provide accurate information about expired risks and asset classifications within to compile and review information with pivot tables and charts.

• Updated procedures to prepare for upcoming ISO 27001 audit;
• Identified all the procedures defined in the ISMS scope for review.
  

Collaborated with security team to develop and maintain comprehensive access control by contributing to a safer working environment :

● Ensured identity access control to Datacenter

● Follow up of security incidents

● Access Management reporting : DMZR Reporting, Quarterly Employment Verification and Continious Business Needs.

• Tracking and reporting compliance to SG on non compliant applications regarding the GDPR regulation.
• Identify business challenges, security requirements and associated action plans, by assessing residual risks related to projects of the SG Group's central departments (General Management,

At Devoteam Research and Innovation (DRI) we manage a large number of research projects, some of which involve research on a current topic or the creation and development of toolkits.
My work consisted of creating a toolkit to assess the health
and safety of a company and creating a calculation method, based on the ISO 22301 standard in order to help auditors assess the level of compliance of an organization.

The TGS (Total Global Services) branch provides IT (TGITS) and business services (6 entities: Treasury, HR, Training...) to the branches of TOTAL group.
The TGS IS ensures the governance of projects and applications, both IT (infrastructure) and business (application) of the TGS branch, but also of the holding's information system :

• Third party security assessment.
• Software security assessment;
• Data classification in accordance with GDPR.
• Conducting risk analysis in accordance with
  ISO27005 and based on EBIOS method;
• Management of cyber security audits (Pentests, compliance audit, code audit, configuration audit, architecture audit);
• Development of KPI reports related to the progress
  of cyber security audits;
• Follow-up of action plans after risk analysis and
  cyber security audits;

Hightech Payment Systems (HPS) is a multinational company leader in the publishing of electronic payment solutions for financial institutions, processors, national and regional switches worldwide.
My mission consisted of implementing an ISMS (Information Security Management System):

• Formalization of the ISMS perimeter provided for
  ISO27001 certification;
• Assessment of risks on the ISMS perimeter;
• Implementation of a risk cartography;
• Development of a risk treatment action plan;
• Definition of roles and responsibilities (segregation
  of duties matrix, Sarbanes-Oxley ).