About
Highly accomplished Senior Cyber Security Advisor with over 12 years of expertise in designing robust security frameworks, managing complex risks, and driving digital transformation across banking, healthcare, and government sectors. Proven expert in cloud architecture (AWS, Azure), DevSecOps, and regulatory compliance (ISO 27001, NIST, GDPR), consistently enhancing security postures and mitigating cyber threats in complex IT environments. Adept at guiding development teams through application migration and security best practices, ensuring resilient and compliant systems.
Work
National Bank of Canada
|Senior Cyber Security Advisor
Montreal, Quebec, Canada
→
Summary
Senior Cyber Security Advisor leading security initiatives, advising development teams, and designing secure cloud architectures to enhance security posture and operational efficiency for the National Bank of Canada.
Highlights
Guided development teams on shift-left security practices, integrating security early in the SDLC, which significantly improved code quality and reduced vulnerabilities.
Established comprehensive security benchmarks and guidelines for DevOps environments, ensuring continuous improvement and adherence to industry standards, enhancing overall security compliance.
Designed and deployed secure AWS architectures, establishing robust standards and strategies that met organizational requirements, improving security and operational efficiency.
Directed the migration of critical applications to AWS, ensuring service continuity and strict security protocol adherence, minimizing downtime and enhancing data protection.
Executed comprehensive security audits and vulnerability assessments, leading to a significant reduction in application security risks and improved postures.
Implemented continuous monitoring and automated remediation solutions, proactively addressing security gaps and enhancing overall system security.
Oversaw a diverse portfolio of applications, ensuring robust maintenance, security, and scalability, which improved system reliability and user satisfaction.
Performed regular risk assessments and developed effective mitigation strategies, significantly reducing exposure to cyber threats and enhancing overall security posture.
Desjardins
|Senior Cyber Security Advisor - Azure Architecture & Project Support
Montreal, Quebec, Canada
→
Summary
Defined and implemented secure Azure architectures for critical business applications, leveraging SIEM and advanced monitoring tools, and coordinated multiple concurrent projects.
Highlights
Defined and implemented secure Azure architectures for critical business applications, leveraging SIEM and advanced monitoring tools to enhance threat detection.
Integrated automated security testing and continuous monitoring into CI/CD pipelines, reducing production delays and enhancing compliance.
Coordinated multiple concurrent cybersecurity projects, ensuring strict adherence to regulatory requirements (GDPR, ISO 27001) and industry best practices.
Facilitated comprehensive security awareness sessions and training programs for IT teams, improving overall security posture.
Eviden
|Senior Cyber Security Advisor
Montreal, Quebec, Canada
→
Summary
Executed high-impact cybersecurity projects for the Quebec government, developing security frameworks and action plans to counter evolving threats, and providing strategic guidance to stakeholders.
Highlights
Executed high-impact cybersecurity projects for the Quebec government, developing robust security frameworks and actionable plans to counter evolving threats.
Provided strategic guidance to key stakeholders on risk mitigation and process optimization initiatives.
Conducted in-depth risk assessments and established proactive action plans, significantly strengthening the organization's security resilience.
Coordinated cross-functional teams to seamlessly integrate innovative security solutions into core business processes.
CHU de Québec-Université Laval
|Senior Cyber Security Advisor
Quebec, Quebec, Canada
→
Summary
Provided expert advice on implementing tailored security solutions for complex healthcare and academic IT infrastructures, performing security audits, and designing comprehensive cybersecurity training programs.
Highlights
Provided expert advice on implementing tailored security solutions for complex healthcare and academic IT infrastructures.
Performed comprehensive security audits and established stringent data protection protocols to safeguard sensitive information.
Designed and delivered comprehensive cybersecurity training programs for over 200 staff members, significantly increasing security awareness.
Collaborated with senior leadership to strategically align security initiatives with operational and regulatory objectives.
Bank of Tunisia and the Emirates
|Information Security Manager
Tunis, Tunisia
→
Summary
Managed information security for Bank of Tunisia and the Emirates, overseeing policy development, audit management, and leading a team of 10+ security professionals to enhance application security.
Highlights
Developed and implemented comprehensive security policies and procedures, ensuring full alignment with ISO 27001 standards.
Managed internal and external audits, and conducted thorough risk assessments to secure critical organizational data.
Led a team of 10+ security professionals, implementing secure coding practices that reduced application vulnerabilities by 30%.
Established proactive monitoring and alerting solutions, ensuring early detection and rapid response to security incidents.
Bank of Tunisia and the Emirates
|IT Analyst
Tunis, Tunisia
→
Summary
Performed detailed analyses of IT infrastructures to identify performance issues and implement scalable solutions, improving system reliability and reducing downtime.
Highlights
Performed detailed analyses of IT infrastructures to identify performance issues and implement scalable solutions, significantly improving system reliability.
Collaborated effectively with development and network teams to reduce downtime incidents by 20%.
Education
Polytechnique Montréal
→
Certificate
Cybersecurity Architecture and Management
Time
→
Master's
Cybersecurity
Faculty of Sciences of Tunis
→
Bachelor's Degree
Information Science and Technology
Languages
English
French
Certificates
AWS Cloud Practitioner
Issued By
AWS
ISO 27001 Lead Auditor
Issued By
ISO
ISO 27001 Lead Implementer
Issued By
ISO
ISO 27005 Senior Risk
Issued By
ISO
Security Auditor
Issued By
National Cybersecurity Agency (NCA) of Tunisia
Skills
Secure Architecture & Cloud Design
AWS, Azure, CI/CD, DevSecOps, SIEM, Automation, AWS Lambda.
Risk Management & Compliance
ISO 27001, ISO 27005, NIST, GDPR, Vulnerability Assessments.
Application Security
Threat Analysis, Penetration Testing, Securing Application Development.
Incident Response & Threat Management
Incident Handling, Risk Modeling, Forensic Analysis.
Leadership & Project Management
Cross-functional Team Coordination, Application Portfolio Management, Strategic Project Leadership.
Technical Proficiency
IT Governance, Automated Solution Integration, Securing Complex IT Environments.