Jérémy Fridman

Head Of Information Security at PlayPlay
  • Claim this Profile
Contact Information
us****@****om
(386) 825-5501
Location
Toulouse, Occitanie, France, FR
Languages
  • Espagnol Limited working proficiency
  • Anglais Full professional proficiency
Skills

Topline Score

Topline score feature will be out soon.

Bio

Generated by
Topline AI

You need to have a working account to view this content.
Join now
You need to have a working account to view this content.
Join now

Credentials

  • Security Operations on AWS
    Global Knowledge
    Sep, 2018
    - Nov, 2024
  • ISO 27001 Lead Auditor
    LSTI
    Mar, 2018
    - Nov, 2024
  • ISO 22301 Lead Implementer
    PECB
    Jun, 2016
    - Nov, 2024
  • ISO 27005 Risk Manager
    LSTI
    Nov, 2014
    - Nov, 2024

Experience

  • PlayPlay
    • France
    • Software Development
    • 200 - 300 Employee
    • Head Of Information Security
      • Apr 2022 - Present

      - Structure & implement a Risks-approach Security program for the whole organization (EBIOS-RM Risk analysis) - Develop and increase the Security posture at Governance, Product & Operational levels (Process & Policies, Risks Analysis, Bug Bounty program, Application-level tooling) - Strengthen and exercice a Cyber Security-aware culture across all the teams - Drive and lead the compliance roadmap (Validate the SOC 2 attestation) - Management of the Security & DevOps team - Structure & implement a Risks-approach Security program for the whole organization (EBIOS-RM Risk analysis) - Develop and increase the Security posture at Governance, Product & Operational levels (Process & Policies, Risks Analysis, Bug Bounty program, Application-level tooling) - Strengthen and exercice a Cyber Security-aware culture across all the teams - Drive and lead the compliance roadmap (Validate the SOC 2 attestation) - Management of the Security & DevOps team

  • Airbus
    • France
    • Aviation and Aerospace Component Manufacturing
    • 700 & Above Employee
    • Big Data Platform Security Officer
      • Feb 2019 - Apr 2022

      Responsible of the implementation of an efficient Security Strategy on multi-customers Big Data program including: - A Security Governance strategy - The definition and application of an Information Security Policy - ISO 27001 approach - The application of a Security Risks Management strategy - The management of Security Incidents & Crisis - The constant compliance to legal and regulatory requirements - The implementation of the Detection & Response program Definition and application of Security Operational activities - Systematic Security Risks Analysis approach within a global risks program - DevSecOps routines at project level including: + The integration of DevSecOps Tools (Checkmarx, R7, GitLeaks, SonarQube, Dependabot) + The integration to the SIEM for SOC Monitoring (Splunk) + The usage of compliance tools + The training for secure development best-practices (i.e. OWASP Top 10) Definition and management of the Security budget and the audit plan Support the Data Officers for data compliance (GDPR, Export Control...) Manage Customers relationship and keep their trust Adaptation of Security activities to the SAFe agile framework Show less

  • APSYS - An Airbus Company
    • France
    • IT Services and IT Consulting
    • 100 - 200 Employee
    • Data Platform CyberSecurity Consultant
      • Mar 2018 - Feb 2019

      Data Platform Security Responsible - Provide a Risk Assessment framework for the solution - Ensure the compliance with Security standards - Provide Security expertise Data Platform Security Responsible - Provide a Risk Assessment framework for the solution - Ensure the compliance with Security standards - Provide Security expertise

  • EADS APSYS
    • Information Security Consultant
      • Jul 2013 - Mar 2018

      E-Solutions Security responsible of the A/C programs developments at Customer ServicesEnsure and improve Security level on developed products - Participate to the project definition providing security requirements - Validate project compliance with security requirements - Support for suppliers security activities - Expertise for COTS Security vulnerability management - Provide Security recommendations and expertise for development and architectureImplementation of a Vulnerability monitoring process on A/C products COTSAircraft Security Team - Aircraft Security Architecture Dossier - Definition of an Aircraft Security Vulnerability Management ProcessParticipation to the redaction of a Security Press Review (identification & vulgarisation of technical vulnerabilities) Show less

    • Information Systems Security Consultant
      • Sep 2012 - Jun 2013

      Security Risk Analysis on a satellite navigation system- System Architecture Description- High level Risk Assessment- Security threat scenario identification and assessment- High level Security requirements identification

    • Information Systems Security - Internship
      • Mar 2012 - Aug 2012

      - ISO 27000 standards study- ISO 27002 audit - Audit Guidelines description - System Security actors interviews - Security documents maturity analysis and assessment - Audit deliverables edition

Education

  • Université de Limoges
    Master 2 Cryptis - Sécurité des Systèmes d'Information, Sécurité Informatique - Cryptographie
    2010 - 2012
  • IUT du Limousin
    DUT Informatique, Informatique
    2007 - 2009

Community

You need to have a working account to view this content. Click here to join now