Experience

• 

  France telecom r&d

  Jan 2009 - Jun 2009

  Telecom engineer
• 

  Cegelec

  Sept 2009 - Sept 2010

  Information system engineer
• 

  Ernst & young

  Sept 2010 - Mar 2014

  Senior it auditor & consultant

  IT auditMy works consisted of :- Reviewing business process- Evaluating IT general controls using the cobit framework- Reviewing IT process (Logical access management, configuration management, change management, project management, backup management, IT business continuity, service provider assessment, risk management, IT organisation, IT internal control organization)- Leading IT security audit (configuration analysis, pentest) - Leading tests for Sarbanes-Oxley (SOX) compliance- Auditing applications- Reviewing project management- Performing data analysis within ACLConcerning IT advisory engagements, it concerns- Member of the jury in charge of the assessment of Information Technology companies for innovative entrepreneurship competition- R&D tax credit for software and telecommunication companies- IT Internal controls concerning High Level Classification Documents, Information Security Risk Assessments and Privacy Impact Assessments - Assistance in choosing a tool (CRM, custom tools, HRIS)- PMO Show less

• 

  Hsbc private bank

  Mar 2014 - Sept 2016

  IT internal control management for 7 countries including :- Identification of risk areas and ensure that IT internal control work is aligned accordingly,- IT SOX and Internal Control Monitoring Plan testing+ Identification causes relating to problems and investigate possible solutions or measures for improvement, + Preparation of findings and recommendations, + Presentation of review's result to the management- Improvement of testing instructions, tools and methodologies- Definition, implementation and monitoring of Key Risk Indicator- Dispensation / Risk Acceptance management- Reporting of IT internal control environment across GPB Show less IT internal control management for 7 countries including :- Identification of risk areas and ensure that IT internal control work is aligned accordingly,- IT SOX and Internal Control Monitoring Plan testing+ Identification causes relating to problems and investigate possible solutions or measures for improvement, + Preparation of findings and recommendations, + Presentation of review's result to the management- Improvement of testing instructions, tools and methodologies- Definition, implementation and monitoring of Key Risk Indicator- Dispensation / Risk Acceptance management- Reporting of IT internal control environment across GPB Show less

  • IT Risk Testing Manager and Program IT Risk Manager

    Sept 2015 - Sept 2016

  • IT Risk and Control Analyst

    Mar 2014 - Sept 2016
• 

  Nestlé

  Sept 2016 - now

  - Identify, assess, and measure Information Technology risk- Plan, lead, and perform IS/IT audits across business streams, infrastructure teams, zones, markets and 3rd parties- Onboard all business and IT stakeholders on the audit process from the entry meeting to the exit meeting (presentation of findings and recommendation to management) - Perform review of on-going projects and post-implementation - Conduct in-depth security risk & threat assessment for products & solutions- Leverage on Data Analytics and automation to allow full population analysis instead of sampling- Create and implement minimum viable product for innovative tests in order to demonstrate critical improvement areas Show less

  • IT M&A Lead

    May 2023 - now

  • France IT Security & Compliance Manager

    Jan 2021 - May 2023

  • International IS/IT Audit Team Lead

    Sept 2016 - Dec 2020