Practicing Information Security at AISI is genuinely a full-time job (figuratively and literally). We aim at promoting and implementing the good, best and ever-better practices in information security to our clients. ## Why do we do that ? Not (only) because we love it. But mainly because we think information security is a vital need (Level 0 in Maslow pyramid) for every single company living in data era and digital days and age.## What do we do ?Our jobs (including mine) consist in coordinating and managing information security in clients environment, which meaning :- Working as external CISO- Evaluating IS maturity and defining roadmap- Running risk analysis- Building resiliency approach- Building ISMS and leading clients to ISO27001 certification- And so much moreOn my side, over these operational activities, I manage my team and service portfolio as a Department manager, to help my fellow teammates grow up, spread their wings and fly to unexpected new challenges.## Who do we work for ?Sorry, that's confidential. However, we may reveal that our main clients are in bank, industry, transportation, aviation and service activities

Genwin.tech is not only a new generation IT company but also a fabulous place to work. We aim at promoting change and innovation as leverage for a better future and continuous improvement : that is our Gen-ethics.Our services support companies through two main services:** IT Services consist of great ways to operate change in systems, like Business Analysis, Softwae Development or Software validation** Information Security consist of empowering your people to deal more confidently with IT risks and threats and IT system evolution, through IS Risk Management, Cybersecurity and Information Security governance

As a consultant in Information Security, I work at improving security level and security awareness every day in an organisation dealing with national stakes.My job includes three main activities:** IS COMPLIANCEAssist CISO to define IS strategy and organisationMake IS reports to Boards and CommiteesHelping maintaining compliance to IS standards (ISO 27001, PCI-DSS, SWIFT Framework)Coordinating ISMS activities with local Business and departmentsTaking actions to comply with legal and classified requirements** OPERATIONAL SECURITY & RISK MANAGEMENTDefine IS Risk process and proceduresPerform IT Risk Analysis (ISO27005/EBIOS RM) for IS Department and review projects risk analysisDefine and implement Actions PlanSet up unified corporate security requirements standards (LPM, ISO 27001, SWIFT, PCI-DSS)** IDENTITY AND ACCESS MANAGEMENTDefine Identity and Access governance, including IAM model, role-based organisation and segregation of dutyDefine and perform operational process and proceduresDefine IT systems mapping, app rights and interactionsDefine and perform regular access rights review** IS PROJECT MANAGEMENTInitiate and run IS projects for security improvements, including IAM project

PROJECT LEADER- Plan and Lead 100+K€ projects in Health & Pharmaceutics Sector- Manage Team working (1 to 60+ counterparts)- Secure the project (Risks / Impacts Analysis)- Lead highly strategic and sensitive issues (i.e insuline production, health quality information)COMPLIANCE COORDINATOR- In charge of IT Dept compliance with ISO 9001, 20001 & 27001 norms, Corporate standards and other regulations- Audit processes and identify gaps or low maturity- Implement Continuous Improvement actions- Capitalize in QMS

- Publish articles (press/online) about flourishing economic sector in developing countries- Partnership with several media (e.g. US News, L’Express, Africa Review, etc.)- Investigate and gather data from interviews/meetings with economic, political and diplomatic leaders- Main achievements: Country reports on Nigeria and Congo-Brazzaville- Key-points: investigation, international, developing countries, politics and economics

- In charge of production process improvement- Observe and audit process and practices to identify gaps and loss, through interviews, work in the field and performance measurement- Design new process to optimize performance (Lean, VSM, KPI, “Good practice”). For instance, focusing on scrap root-causes, product change process or human resources lead to -20% scrap and a fall in absenteeism- Foster change and continuous improvement by implementing new practices (8D, new procedures, knowledge sharing)- Main achievements: New top management, drop in scrap (-20%), optimized process (-30% HR), global costs reduction (-3M €)- Key-points: cost-killing, lean management, process optimization, change management