Menu

Christian DA SILVA

Marne La Vallée Cedex 2

En résumé

DPO (Data Privacy Officer) et/ou RSSI (Responsable de la Sécurité du Système d'Information) / CISO (Chief Information Security Officer).

17 ans d'experiences dans le domaine de l'IT : cybersécurité, protection des données personnelles, RGPD, infrastructures, applications ... dans de nombreux secteurs d'activité en France.

Je suis disponible pour des missions en freelance ou CDI de mission en tant que DPO (Data Privacy Officer) et/ou RSSI (Responsable de la Sécurité du Système d'Information).

#dpo
#rssi
#ciso
#rgpd
#freelance
#cybersecurite
#cybersecurity


Pour me contacter :
christian.dasilva@telecom-paris.fr

Entreprises

  • Nestlé - CISO/RSSI - DPO

    Marne La Vallée Cedex 2 2020 - maintenant -Head of data privacy & security governance.

    -Internal non-compliance audit of data privacy risks, action plan, remediation plan ...

    -Be the guarantor of the operation of the Information Security Management System (ISMS, based on ISO / IEC 27001: 2013) as a Lead (Animation of Management Reviews, monitoring of risk and control reassesments, organization of internal audits (Independent Review) and external (KPMG).

    -Animate the compliance pillar within MIT to support the functional teams on Security topics (Deliverables: preparation of media, prioritization of the teams' forecast activities, up-to-date indicators, reports).

    -Bring support for the ServiceNow solution for the Application Portfolio Management areas, I train LGO employees and ensure compliance with the standard linked to the GDPR (General Data Protection Regulations).

    -Coordinate and animate the Cloud Service Review Management in relation with the Security Operation Center and the MIT & Business teams (Deliverables: Security Compliance Index at the required level, up-to-date documentation, compliant solutions).

    -Be the guarantor of the dissemination and respect of Policies, Standards and good practices.

    -Be the contact point of the SOC (Security Operation Center) and I coordinate the resolution of Security incidents as a first level. I am the point of contact for NIA internal auditors on the security field.

    -Be the guarantor of the implementation of compliance management tools by the Group, and I am in contact with KMPG auditors, the National Agency for Information Systems Security (ANSSI) and the IT department of Cloud solution providers.

  • Cnam Ile De France - IT Trainer

    2016 - maintenant RSX112: Security and networks
    US3339: System, networks and security
    US333F: New Technologies and Web Programming
    NFA008: Databases
    NFA064: HTML5, CSS3 and JavaScript / DOM website design
    NFA077: IT and Network Technology
    NFA086: Installation and administration of the Windows and Linux workstation

  • Le Groupe La Poste - Cybersecurity Project Manager (applications, infrastructure, governance, risks and GDPR)

    Paris-15E-Arrondissement 2016 - 2019 Management of a team of 4 people, risk analysis, definition of Security policies (ITIL, ISO2700x and EBIOS Risk Manager), GDPR / RGPD compliance, assistance with Security Project Management, budget of 500,000 euros including 50 % in Build and 50% in Run

    Security and risk analysis governance:
    • Mapping of operational SI risks with EBIOS Risk Manager
    • Definition with the RSSI of the security policy on the basis of the EBIOS Risk Manager and ISO 27005 Risk Manager methodologies

    GDPR regulatory compliance:
    • Manage compliance projects
    • Anonymization and pseudonymization of personal data
    • Identify the constraints and requirements of the RGDP in relation to business activities
    • Offer internal customers a standard GDPR compliance response
    • Feed the treatment register

    Audit of access to applications and infrastructures:
    • Preparation of a scoping note for the in situ and technical audit
    • Identification and planning of user workshops
    • Overhaul of the authorization process for business applications
    • Update the operational risk matrix
    • Ensure change management with users of the Manager type

    Assistance with security project management:
    • PSSI variation on the project
    • Animation of internal (MOE) and external (publishers and ESN) partners
    • Construction of the budget trajectory
    • Writing change management materials
    • Animation of User, Project and Steering Committees

Formations

  • TELECOM ParisTech

    Paris 2018 - 2019 Mastère Spécialisé

    Bac +6 level

    17,5/20

    Cybersecurity architectures:
    Information systems security, data protection; Internet of things and big data security; The cloud and digital security in the health sector; Security for IS management; APT-type computer hacking (advanced persistent threat); Security of TCP / IP and WLAN networks; Securing mobiles, Android systems; Legal aspects, cybercrime.

    Telecom network arc

  • Université De Picardie Jules Verne (UPJV)

    Amiens 2002 - 2002 Master 2 (M2)

    Mention Good

Réseau

Annuaire des membres :