Philippe GUARNIERI
Cyber security, Risk Management
Professional Status
Employed
Open to opportunities
About Me
Holistic Risk Management digital safety and security, strategy development, implementation of action plans, organization, governance.
Tools, methods, management, monitoring, quality of the level of security: BSC, ISMS, dashboards, of governance.
Risk management related to a process approach, Intelligence.
Management techniques and cross hierarchical methodology and experience of complex projects, organizations, cross-sectional and functional relationships, sometimes with a strong international dimension, live, teams of 4 to 80 + people.
Assistance with CSO
Seminars and training to the security of information systems.
Construction of technical proposals, outsourcing, missions, pre-sales consultant, webmarketing.
Tools, methods, management, monitoring, quality of the level of security: BSC, ISMS, dashboards, of governance.
Risk management related to a process approach, Intelligence.
Management techniques and cross hierarchical methodology and experience of complex projects, organizations, cross-sectional and functional relationships, sometimes with a strong international dimension, live, teams of 4 to 80 + people.
Assistance with CSO
Seminars and training to the security of information systems.
Construction of technical proposals, outsourcing, missions, pre-sales consultant, webmarketing.
Security Program Manager
DXC Technology
April 2017
to November 2020
- The security program manager is responsible for all program management tasks.He is is expected to define the standards, tools and governance required to effectively manage and control the security program.The person filling this role leads the program team, assigns tasks, monitors deliverables and schedules, and interfaces with other groups as needed.He or she also provides direction to the projects in the program and ensures that they meet all scope, time, budget and quality expectations.
Security Program Manager
HP
January 2014
to March 2017
Grenoble
France
- The security program manager is responsible for all program management tasks.
He is is expected to define the standards, tools and governance required to effectively manage and control the security program.
The person filling this role leads the program team, assigns tasks, monitors deliverables and schedules, and interfaces with other groups as needed.
He or she also provides direction to the projects in the program and ensures that they meet all scope, time, budget and quality expectations.
Account Security Officer
Hewlett Parckard
Since March 2012
Grenoble
France
- Compliance, quality, and optimization
Security governance, compliance, and operations
Creation, implementation, and optimization of processes or standards
Management of the security and compliance risks, ensuring that contractual security commitments are met
Audit facilitation, tracking, remediation, and follow-up
Sustained and continuous delivery excellence in IRM operations (including margin protection, avoidance of non-performance and non-compliance contractual penalties)
Relationship management between HP ESS suppliers and the client, overseeing multiple third party services
Identification of additional services and revenue generation for HP
Consultant
reseau des entreprises
2007
to March 2012
Freelancer
Grenoble
France
- "Network specializes in entrepreneurship, management and
the organization "
Various missions: Computer security and Risk digital IT projects, WEB 2.0, Social Networks.
Company website
Leader
Clusir
January 2007
to April 2010
Grenoble
France
- The animation of CLUSIR put me in a close relation
to specific security concerns of IT managers,, in addition to a proactive approach towards business, i had established a strong network. " - commercial experience of: prospecting, making appointments, meeting, persuade, lead, enter into partnership
Company website
Deputy Head of the Information System Security
ADP-GSI
February 2001
to September 2006
Full-time
Grenoble - Paris
France
- Experience in an American group specializing in human resources beyond its growth was very informative because of its multicultural
- Establishment of an organization's computer security management information system
Detailed Description
- Approach to risk analysis: Mehari, Marion, Incas, links with the trade, classification of risks and threats, analysis of value.
Management tools: charts, indicators, SLA, security assurance plan.
Approach to quality: TQM, PDCA, MRP process.
Organization of the technological gaps in coverage.
Coordination of technical teams, internal consulting.
Standards, rules, policies.
Security of information training for IT, sales, users, and awareness.
Definition and implementation of audits and penetration testing with service providers.
Creating and running a stop for the management of identities and rights.
Recruitment, coaching and managing a team of 4,
Analysis of the flows, and creation and deployment around the perimeter of the processes and procedures, development of profiles of type "business".
Implementation of protocols for managing incidents and crisis management for the management of identities (hurried departures, strikes, DRP service, special cases.)
Implementation of the anti-viral (reduced from 30 to 2% of machines at risk).
Formal establishment of the supply of ADP Security "
Brochure, answers to tenders of customers, collection and analysis needs.
Specifications for security service providers.
Pre-sales with the sales teams, support
Project Manager SSO (SSO WATCH).
International project for securing the portable encryption (Security-Box, Safeguard Easy), studies of exchange-type MAIL security through encryption (PKI, IBE, PGP, SSL) on anti-spam solutions, education participation of architecture.
ISO 17799 certification (eg, 2700x) (the first French company to be certified)
Compliance with the Sarbanes-Oxley
Early integration of safety in the ITIL
Studies standards and maturity models (SSE-CMM (ISO21827), CMMI, ISO-15504, OCTAVE, OCTAVE-S, ITBPM, EBIOS) and the regulatory constraints (CNIL, LSF, Basel II).
Chief Security Officer
Schneider Electric
January 1991
to February 2001
Full-time
Grenoble
France
- The operating rules of a large group is very special and this experience helped me to understand the subtleties.
- Manager IT Services
- Establishment of an organization's security management information system
Detailed Description
- Reorganization of the department, production and installation services outsourcing, industrial, CFAO, Security
- Continuity plan data center SCHNEIDER France (tested after a real social movement.
Needs analysis by the method MARION.
Identification and selection of suppliers.
Development of the recovery plan "technical" and "user" process analysis "job", periodic testing, backup policy.
International project to develop an architecture group security functional components and technical development of standards (2 years)
Comparison tools ACCESS-MASTER (BULL) TIVOLI (IBM), HP, SUN
Study of architectural elements: LDAP, PKI, smart cards, SSL, encryption, management of identities and rights in a heterogeneous environment.
Arranging and conducting a seminar for the presentation of results.
Organization for Security on MVS mainframe with RACF then with TOP-SECRET, design and implementation of management tools
Continuity plan data center SCHNEIDER France (tested after a real social movement.
Needs analysis by the method MARION.
Identification and selection of suppliers.
Development of the recovery plan "technical" and "user" process analysis "job", periodic testing, backup policy.
International project to develop an architecture group security functional components and technical development of standards (2 years)
Comparison tools ACCESS-MASTER (BULL) TIVOLI (IBM), HP, SUN
Study of architectural elements: LDAP, PKI, smart cards, SSL, encryption, management of identities and rights in a heterogeneous environment.
Arranging and conducting a seminar for the presentation of results.
Organization for Security on MVS mainframe with RACF then with TOP-SECRET, design and implementation of management tools
It Manager
Alsthom
January 1990
to December 1990
Full-time
Macon
France
- Industrial group with its traditional values, the first experience in an industrial environment
- It Management services
Detailed Description
- Reorganization of the department, production and installation services outsourcing, industrial, CFAO, Security
Technical and Production IT Manager
France TELECOM
January 1984
to December 1989
Full-time
Marseille
France
- In this subsidiary of FRANCE-TELECOM specialized in banking (products and services), I was able to read the particular constraints of the financial world
Detailed Description
- Management of a team of 20 people (systems engineers, operators).
Technical audits, safety audits, organization RACF (profiling, delegation).
Security software security sold to Crédit Agricole of Vaison-la-Romaine.
Setting up the troubleshooting process with customers and operations teams. Creating a Helpdesk.
Creating a range of technical services
Systems engineer on MVS, VSE / SP, DPPX, VM, DOS, implementation and optimization of IBM OS (MVS, VSE / SP, DPPX, VM, DOS), design of systems and network architectures in large system environment and systems county (8100). Technical audits by customers
Design messaging VTAM.
Analysis and Application Program bank. Jean-Dominique Warnier method, LCP, LCS and MERIS = Merise adapted Télésystèmes.