Talk to sales Try for Free
Saâd CHEKHCHEKH

Saâd CHEKHCHEKH

Stagiaire développement

Followers of Saâd CHEKHCHEKH2000 followers
location of Saâd CHEKHCHEKHManama, Capital Governorate, Bahrain

Connect with Saâd CHEKHCHEKH to Send Message

Connect

Connect with Saâd CHEKHCHEKH to Send Message

Connect

  • Timeline

  • About me

    Head of Group Cyber Strategy and Framework chez BNP Paribas | Cryptocurrency and web3 enthusiast

  • Education

    • Université Pierre Mendès-France (Grenoble II)

      2006 - 2008
      DUT Computer Engineering Computer science Two year diploma

    • SUPINFO - The International Institute of Information Technology

      2008 - 2011
      IT engineer Computer science

      Activities and Societies: - Member of the JAVA lab - Member of the microsoft lab

    • Conservatoire National des Arts et Métiers

      2015 - 2016
      Management des systèmes d'information

      - ITIL (Information technology Infrastructure Library)- IT Audit- Cobit (CobiT (Control Objectives for Information and related Technology)

  • Experience

    • Laboratoire G-SCOP Grenoble

      Apr 2008 - Jun 2008
      Stagiaire développement

      Conception et amélioration d’un tableau blanc En C#• Ajout de nouvelles fonctionnalités• Mise en réseau du tableau blancOutils et technologies : .Net C#, XML

    • Arkea web

      Jan 2009 - Jun 2009
      Stagiaire développement - mi-temps

      Gestion de logiciel• Création d’un logiciel d’archivage d’actes d’état civil en JAVA• Développement du site web www.arkeaweb.frOutils et technologies : JAVA, SQL Express

    • INSOFT

      Aug 2009 - Oct 2009
      Stagiaire développement

      Développement d’applications à installer sur carte SIM en JAVA Outils et technologies : JAVA, JAVA Card

    • CFG GROUP

      Aug 2010 - Oct 2010
      Stagiaire developpeur

      Automatisation et refonte du système de gestion des abonnements bourse en JAVAOutils et technologies : JAVA, Spring, Hibernate, Swing, SQL Express

    • Giocco

      Dec 2010 - Mar 2011
      Stagiaire développement

      Conception et amélioration d’une application de création de tableau de bord compta en .netOutils et technologies : .Net C#, Silverlight, LINQ

    • SOLUTEC

      Apr 2011 - Oct 2011
      Stagiaire développement

      Unification des applications internes et création d'un intranet Solutec • Création du module de Gestion des demandes d'investissements, validation électronique, suivi, validation des règlements,...• Création du module de gestion des prêts de matériels (suivi des prêts avec alertes en cas d’anomalies, génération automatique des fiches de remise, circuit départ,...) en .net/C#Outils et technologies : .Net C#, HTML

    • SYNETIS

      Oct 2012 - Mar 2018
      IS security consultant

    • La Mutuelle Générale

      Nov 2012 - Mar 2013
      IAM security expert (Synetis paris)

      - Audit of applications and access control- Audit of identities and accesses- Realization of a reporting folder with more than 36 audit reports

    • ENGIE

      May 2013 - Aug 2013
      IAM Security consultant (Synetis Paris)

      Development of a pre processing application to use before data integration on Brainwave GRC tool- AS IS analysis- Writing set of specifications- Definition of a target man machine interface- Development of the application on ECLIPSE SDK- Follow up of deliveries and acceptance testing

    • Crédit Agricole Assurances - CAAGIS

      Sept 2013 - Nov 2013
      IAM Security consultant (Synetis Paris)

      Brainwave GRC tool related mission : - Collection of data related to users and their accesses- Creation of audit reports- Planning and daily monitoring- Preventive data analysis and solution proposals- Technical recommendations

    • ENGIE

      Oct 2013 - Dec 2016
      IAM project manager (Synetis Paris)

      - Global Identity and access management TOOL study and project lead : AS IS, Study, RFP realization, RFI to bidders, roadmap- In charge of the FIM 2010 Platform (Microsoft Forefront Identity Manager): Evolutions, upgrades...etc- Project manager : Creation of user movements processes, Upgrade from FIM2010 to FIM2010 R2, AD LDS redesign, Security of external trading platforms, Special accounts management, Sybase account review project, SOD review- AS IS analysis and collection of needs- Technical and functional specifications- Organization of workshops with stakeholders- Support in steering the FIM2010 ecosystem- Use cases realization- Presentation of scenarios- Planning and roadmap- Technical expertise- Acceptance testing, deployment - Pre-processing script creation- Writing deliverable in english/French- Tasks monitoring through JIRA Show less

    • BNP Paribas

      Jan 2017 - Apr 2024

      - Definition of IT risk and cyber requirements to secure Artificial Intelligence models- Co-creation of a "cyber artificial intelligence community" to tackle IS security vs AI models problematics- Formalization of BNPP group IT risk strategy in order for entities to have a clear complete vision on how to manage their IT and cyber risk- Definition and implementation of entities' IT risk profile that depicts their risk exposure in order to prioritize action plans- Definition of IT risk quantification and aggregation methodologies- Restructuring of group shadow IT activities to include a special focus on cloud computing situations- Lead on a project that ensures maximum coverage and compliance of applicable IT risk and cyber regulations at group and entities level (budget and implementation steering) Show less - Project lead of the group IT risk and cyber framework (IT risk and cyber requirements applicable to all BNPP entities) : project planning, team management, reporting to top management, etc..- Definition of group IT risk management processes (applicable to all BNPP entities) : risk assessment methodology based on ISO27005 and EBIOS 2010, risk scoring matrices, risk treatment processes and definition of risk appetite- Writing IT risk and cyber procedures and requirements (applicable to all BNPP entities) on the following topics : cloud computing security, shadow IT and data integrity- Realization of various IT risk assessments Show less - Recast of the group IT risk and cyber framework : writing IT risk and cyber procedures (applicable to all BNPP entities) on the following topics : privileged/User access management, data security and data loss prevention, application security, vulnerability and patch management, IT risk management (ISO 27005), cloud computing security, shadow IT, big data, database security- Creation of KPI and KRI dashboards depicting the compliance to the written requirements- Support to BNPP entities in the application of the requirements- Support to BNPP entities in performing IT risk assessments- Follow up on audits and recommendation by legal regulators : (ECB, GI, LPM, GDPR) Show less

      • Head of Group Cyber Strategy and Framework chez BNP Paribas

        Jan 2021 - Apr 2024

      • Head of IT Risk strategy - ITRMG (IT Risk Management Group)

        Oct 2019 - Jan 2023

      • PROJECT MANAGER - Team leader

        Sept 2018 - Jan 2023

      • Expert gouvernance cyber sécurité (Synetis Paris)

        Jan 2017 - Sept 2018

    • BNP Paribas CIB

      Dec 2023 - now
      Chief Information Security Officer - Middle East and Africa

  • Licenses & Certifications

    • CISM - Certified Information Security Manager

      ISACA
      Mar 2021

    • CRISC - Certified in Risk and Information Systems Control

      ISACA
      Feb 2021

    • ISO 27005 Lead risk manager

      PECB
      Jan 2020

    • ISO 31000 Lead risk manager

      PECB
      Dec 2019

    • ISO 27001 Lead implementer

      PECB
      Oct 2019

    • Secure Cloud Services integrator

      EXIN your ICT competence partner
      Jul 2017

    • ISO 27001 Lead auditor

      LSTI
      Sept 2016
      View certificate certificate

    • ISO 27002

      EXIN
      Apr 2016

    • CISSP - Certified Information Systems Security Professional

      (ISC)²
      Mar 2017