Hi,
I'm a seasoned and certified Information Security professional with more than 10 years of experience in the field (30 years in IT as a whole), with much experience in web applications and systems security design, architecture, development, audits and penetration testing. I have also several years of experience in Risk Management and Compliance, in the health and financial sectors.
I have several years of experience in:
- Security management and consulting, as CISO and external consultant
- SOC and incidents management
- Sensitive applications and services design and architecture
- Cloud Security
- Application Security
- Audit and pentesting
- And of course experience with the generic and specific frameworks and regulations: NIST, CIS, CSA, OWASP, GDPR, ISO27K, ISAE 3402, PCI-DSS, HIPAA, HDS (French health hosting regulation).
Along my career, I had the opportunity to work on most of the subjects you mentioned:
- IT Security policies enforcement and controls
- SOC
- System hardening
- API, SSO development and usage, scripting
- I also have much experience in software engineering and architecture.
I may not know yet the specific technologies you use, but having experience with similar ones, I think I can be operational rather quickly. I often learned by doing.
Feel free to reach me so we discuss in more detail about your project, and see if I can be of help.
Kind regards,
JC