Hi,
I'm a seasoned and certified Information Security professional with more than 10 years of experience in the field (30 years in IT as a whole), with much experience in web applications and systems security design, architecture, development, audits and penetration testing. I have also several years of experience in Risk Management and Compliance, in the health and financial sectors.
I have several years of experience in:
- Security management and consulting, as CISO and external consultant
- SOC and incidents management
- Sensitive applications and services design and architecture
- Cloud Security
- Application Security
- Audit and pentesting
- And of course experience with the generic and specific frameworks and regulations: NIST, CIS, CSA, OWASP, GDPR, ISO27K, ISAE 3402, PCI-DSS, HIPAA, HDS (French health hosting regulation).
Before specializing in security, I had about 20 years of experience in software engineering, applications and systems/networks design and architecture, DBA... Mainly in Java/JEE but also in C/C++, Perl and other languages. So I think I have the skills to audit your web site as well as accompanying your development team to fix the issues.
Feel free to reach me so we discuss in more detail about your project, and so I can adapt my bid for the best.
Kind regards,
JC