My main role at SCRT is to assist small, medium, and large companies in their journey to strengthen their security posture, creating and maintaining a data privacy culture and to comply with the major laws, regulations, and standards.I develop and apply tailored methodologies to efficiently assess the maturity level, the security posture as well as evaluate an organization’s operational resilience and cybersecurity practices.I follow through and support the enterprises to implement the security controls to secure their data, assets and comply with the defined international standards (ISO, NIST, CIS, etc.).My main activities are:• Information Security risk assessment• Information Security gap analysis (ISO, NIST, SWIFT, CIS, etc.)• Information Security Management System (ISMS) Implementation (ISO27001:2013, ISO27001:2022)• Information Security awareness training, coaching, Data Privacy culture development• Information Security governance• Information Security incident management• Compliance with Data Privacy regulations (oLPD, GDPR)• Information Security project management• Information Security tools expertise

• Portfolio development in Swisscom: In charge to develop the new security portfolios (vulnerability scan, hardening, patching, compliance report and security bulletin). Estimated income value of ~5% of the business unit revenue. Responsible for the POC in order to evaluate and select the products that are in line with the corporate vision. Presenting my results to the management.• IT Standards implementation: Comply and respect with Swisscom, FINMA, General Data Protection Regulation (GDPR) and other security requirements or regulations. Collaborate with the legal department when necessary. Taking care of confidentiality for customers like banks and financial organizations.• IT governance framework improvement with new proposals: My guidance has been approved by Swisscom top management. The future Swisscom IT security framework will be standardized following my recommendation, saving time and money estimated at ~200Kchf/year. Collaborate with the security governance team to satisfy stakeholders and plan the project of deployment of the new framework.• IT representative and advisor for Swisscom customers: Acting as CISO on my consulting mission for Swisscom customers like banks, insurances, healthcare, luxury hotel chain, foods industry, European sports association, and international organizations). Documenting the security concept, defining standards, writing the BCP/DRP, data protection, risk and change management.• Gaining the trust of my management allowed me to share my ideas and visions with the Swisscom governance team. My mindset and determination have permitted to reach the objectives of the unit within the timeframe. My efforts have been highly appreciated by my line managers.• IT Operations: Providing guidelines when IT team members come across to me to obtain technical advice to solve IS case. By proposing an effective solution and respecting all our SLAs the head of technology has promoted me advisor of the IS engineer and security unit.

• Identify, plan and deploy IT solutions for the luxury hotels and healthcare industry within Switzerland and Paris. Internet connectivity, wireless, video conferencing system, dedicated solutions for the customers have all been under my responsibility. I have also in charge of maintaining the highest assurance and availability for all IT services within the group of ~800 employees.• Abacus, Oxygen, Sterigest, eHealth community few of many projects related to the digitalization accomplished for Swiss Medical Network. As IT expert, I have collaborated closely with the digital consultant firm to implement new digital solutions. POC, evaluation of costs of the new systems, evaluate the needs, understanding the project and business goals, ordering the material, configuring, testing and validating. Designing, scoping and leading medical digitalization project to its success.• Lead the integration of a new clinic within the group SMN. Planning, scoping and quoting the cost related to the integration. Similar projects include: (integration of IT solution for the luxurious hotel chain). In total four private clinics have been integrated and new solutions have been deployed over four luxury hotels and their 400 rooms.• Maintain and Improve the level of security with new proposals for the management. Evaluation of security product to fit with the business need (Q-radar, Trendmicro, Splunk). Labeling and protecting highly sensitive assets. Reviewing the corporate security solution with our partners within the IS budget.• Participate in the yearly external audit and I have been in charge of securing personal health information (PHI). Acting as the team leader during the major incidents. Coordinating the actions of the desk team and providing guidance to the infrastructure team during external attack i.e massive ransomware targeting the medical industry.

• Participate to public events. Constantly creating new contact and expanding my network to create new business opportunities.• Scoping, tailoring and offering adaptive IT solutions. Acting as a security advisor in order to respond to customer needs. Offering consulting services, keeping customer satisfaction as the top priority.• Planning and deploying security solutions (wireless, video system, firewall, antivirus, router, switch, load balancer, web proxy). Deployment and renewal of certificates and licenses for customer products.Operational • Cisco ASA Firewall• Cisco Wireless Technology WLC• Networking Technologies: OSI Model, IPv4 & IPv6, TCP,UDP,ICMP, DNS, DHCP• Design: PPDIOO life cycle (prepare-plan-design-implement-operate-optimize). Conceptualize the network infrastructure in a high-availability, load balanced. Prepare, plan and draw, install and configure the network solutions. • Routing (RIPv1, RIPv2, OSPF, EIGRP, BGP) GLBP, HSRP,• Security: ASA 55xx, IPS, IDS, CCP (CISCO Configuration Professional), ASDM (Cisco Adaptive Security Device Manager), AAA, RADIUS, TACACS+ IEEE 802.1x, VPN, Ironport, SSL certificate, secure shell SSH, ACL(s), Class Map, Policy Map, Service Policy • Hash: SHA - MD5• Encryption: Symmetrical 3DES - AES - IDEA, Asymmetrical RSA - Diffie-Hellman• National Security Agency (NSA) & Committee on National Security Systems (CNSS) formal certification recognition• Troubleshooting: (OSI Layer 1,2,3,4). Investigate and solve the problems quickly using (top-bottom, bottom-top, divide and conquer) approach.Unified Communications• Analog Voice Circuit, Circuit Switched Network, Packet Switched Network, PBX, PSTN• Cisco Unified Call Manager, IOS gatekeeper, Cisco Unity Express, Unity Connection, Cisco ip communicator• H.323, SIP, MGCP, SCCP, G.711, G.722, G729, iLBC, iSAC, RTP, VG224• Jitter, Delay, Packet loss, Bandwith for voice and video• Qos, Traffic shaping

• Management ~15'000 servers Linux 98% Microsoft 2%.• Racking, cabling, labeling, staging. Datacenter database management. Datacenter incident response management.• Modern infrastructure Cabling, installing, operating, troubleshooting • Cisco Catalyst, Cisco datacenter Nexus • Night shift: 24/24 7/7 & On-call

• Microsoft Active Directory & exchange server administration. Systems administration (LAN, DHCP, DNS).• EMEA IT project manager. Renegotiation of worldwide MIS contracts with the partners to save up to 5% of the total MIS department budget. Mass deployment of the new IS licensing models. Organization of company's office relocation (IT lines, servers, etc) within Geneva. Project leader for the deployment of the voice system solution. Help-desk Level I, II, III and special care for all VIPs and the headquarter users based in Geneva.• Help-desk Level I, II, III for VIP and the headquarter users based in Geneva.• In charge of EMEA Operations:• IT Support Servers Migration • Implementation of the new Cisco VOIP system • Management of the Active Directory ~800 computers • Exchange, DNS, DHCP, Backup, Anti-virus • Video conference, voice conference• Management of the IT department • End-user trainer, writing IT Documentation

• Installation of phone lines, ISDN and Internet for customers• Management of small, medium, big size projects• Management of orders• Schema design• Customer support