Profile

I am currently an independent consultant and instructor in cybersecurity and AWS cloud domains. I have been working in the realm of information security for 20 years doing many things from security systems design and implementation, to cybersecurity operations, to advising developers, solution architects and senior management about security risks and solutions. Over the past decade, I have also been growing interest in cloud computing and gradually turned from a cloud skeptic to an evangelist. Cloud security and AWS cloud have been my main focus areas over the past 5 years.

I am an active and proud member of the AWS Community Builder Program. As an AWS re/Start instructor, I recently trained the first cohort in Switzerland and mentored the students until their graduation. Prior to that, I also served as AWS Educate Cloud Ambassador while I enrolled the NGO I was volunteering for as the first partner organization in Cambodia.

I hold various industry-recognized certifications, including ISC2 CISSP, ISACA CISM, CSA CCSK, as well as 6 AWS certifications.

People who have worked with me describe me as driven, versatile, out-of-the-box thinker and eager to learn and transmit knowledge.

Core Skills

Cybersecurity

Expert, 20 Years

I have a holistic view of cybersecurity. A blend of management and technical experience in almost all areas of cybersecurity across various industries. Extensive know-how in security architecture, cloud security, governance, risk & compliance, incident response management and security operations.

Amazon Web Services (AWS)

Expert, 5 Years

I have a robust background in AWS. I first started by assessing the security posture of various deployments. Since then I got my hands on the majority of services and gained a solid understanding of the AWS ecosystem, as well as an in-depth knowledge in most services, including security, analytics and DevOps tooling.

Instruction and Training

Advanced, 10 Years

I have always been engaged in training and instruction. I have been teaching as guest lecturer for universities, trained and mentored a large number of professionals, co-built an eLearning platform, authored training content and volunteered for NGOs as trainer and training manager.

Work

Consultant, instructor & lecturer

Since Dec 2021, Self-employed


Working as freelancer in cybersecurity, AWS and instruction for various businesses and educational institutions.

  • Webinar instructor at Securzy (monthly webinar AWS Security series)
  • Authored course for CodeRed, EC-Council University platform (6 hours video recording)
  • Cybersecurity Mentor for SpringBoard.com (weekly 1-to-1 mentoring)
  • Guest lecturer for MyDigitalSchool, EPSI, Tera Campus and Simplon.co: Linux Advanced, DevSecOps, AppSec (Bachelor/Master), Cloud admin
  • AWS IQ expert: consulting for various startups and SaaS providers - https://iq.aws/e/laumat

AWS re/Start Instructor — Powerhouse Lausanne

Jan 2022 - Jun 2022 (6 months), Freelancer, Part-time (remote)


Led the AWS re/Start program instruction. 100% online.

  • Selected and trained the first AWS re/Start cohort in Switzerland
  • Mentored the students until their graduation and prepared them for the AWS CCP exam
  • Coordinated other volunteers' instruction

Cloud Security Architect — Arkema

May 2021 - Dec 2021 (8 months), Freelancer, Part-time (remote)


Global Cybersecurity Architecture & Expertise Team.

  • Cloud architectures security review
  • Cloud migrations assessments
  • DevSecOps and cyber-analytics tooling development for the AWS Cloud

Independent Consultant and Instructor — Secloudia

Oct 2020 - May 2021 (9 months), Self-employed, Phnom Penh, Cambodia


Cybersecurity, cloud & AWS consultancy and training for various SMEs, NGOs and educational institutions.

  • ISO 27001 readiness assessment
  • AWS onboarding
  • Security awareness

IT & Training Manager — Passerelles Numeriques (NGO)

Oct 2019 - Dec 2020 (1 yr 3 mo), Full-time, Phnom Penh, Cambodia


Served for 15 months as International Solidarity Volunteer (French VSI) for an international NGO.
Responsible for the Systems & Network Administration (SNA) curriculum as well as the overall IT of the school (35 staff and 150 students). Led a team of 4 FTEs (2 SNA Trainers and 2 IT Officers).

  • Developed cybersecurity and cloud computing modules
  • Applied for the AWS Educate institution grant and embedded it into the SNA curriculum
  • Moved IT labs from hardware-based to cloud-based amid COVID-19 school closure and beyond
  • Boosted Google G Suite adoption and organized the training of all staff and students during COVID-19
  • Established and maintained relationships with various partners (businesses, NGOs, government)
  • Selected as part of the AWS Educate Cloud Ambassador 2020 cohort

Volunteer Cybersecurity Trainer — Passerelles Numeriques (NGO)

Apr 2019 - Jul 2019 (4 months), Vietnam / Philippines / Cambodia


Traveled for 4 months to the 3 countries where PN operates in Asia and delivered training in cybersecurity.

  • Delivered training to students (2 weeks in Da Nang, Vietnam and 4 weeks in Cebu, Philippines)
  • Mentored and trained the local IT & training team in Phnom Penh, Cambodia

Senior Information Security Risk Analyst — ABN AMRO Bank N.V.

Oct 2013 - Dec 2018 (5 yrs 3 mo), Freelancer, Amsterdam, Netherlands


Information security risk assessment and advisory for the Corporate Information Security Office (CISO).

  • Supported senior management in making risk-based decisions to achieve business objectives
  • Identified and assessed risks in all aspects of information security for various projects
  • Provided security advisory and architecture support during projects
  • Performed vendor security assessments (e.g. BPO, cloud suppliers, data center inspection, etc.)
  • Coordinated penetration testing and vulnerability assessments
  • Monitored ongoing risks and tracked remediation

IT Operations Security Lead — CNES, the French National Space Agency

Oct 2012 - May 2013 (8 months), Consultant, Toulouse, France


IT security operations and outsourcing management for the CNES ICT Department.
Assigned as a consultant for Scassi.

  • Reviewed and oversaw the overall incident management process
  • Reviewed vendors' security controls to ensure ongoing compliance with standards and policies
  • Monitored security systems operations, performance, availability and capacity
  • Reviewed and monitored security vulnerabilities and remediation activities

Information Security Consultant — Scassi

Jun 2012 - May 2013 (1 year), Full-time, Toulouse, France


R&D, presales, training delivery and consulting.

  • Co-built the eLearning platform PHOSFOREA and authored courses in information security
  • Delivered training in cloud computing security to IT auditors

CERT Senior Security Analyst — European Space Agency (ESA)

Oct 2010 - Jun 2012 (1 yr 8 mo), Consultant, Rome, Italy


ESA's Computer Emergency Response Team (ESACERT). This division is responsible for providing capability to deal with all aspects of cybersecurity within the overall ESA organization.
Assigned as a consultant for Verizon Business.

  • Led incident response and threat hunting
  • Performed malware analysis and forensics activities
  • Performed security & vulnerability assessments and monitored findings resolution
  • Co-organized and delivered yearly security awareness campaigns and seminars for all ESA sites

Senior Security Consultant — Verizon Business

Apr 2006 - Jun 2012 (6 years 2 mo), Full-time, Luxembourg / Italy


Verizon Business Professional Services EMEA. Worked for various Public-sector, SME & Enterprise customers.

  • Designed, tested, deployed and supported security infrastructures and systems in complex environments
  • Performed security audits, reviews and assessments
  • Developed security policies, guidelines and standard operating procedures
  • Delivered security coaching and training

Guest Lecturer — Université de Lorraine

2005 - 2010 (5 years), Part-time, France


Gave lectures to Bachelor students (app. 30 hours every year).

  • Taught cryptography, cybersecurity and ethical hacking
  • Security Analyst — Cybertrust

    Jul 2004 - Apr 2006 (1 yr 10 mo), Full-time, Luxembourg


    Security Operations Center (SOC) environment in a 24x7x365 shift work schedule providing Managed Security Services to various customers.

    • Analyzed logs, security trends, investigated intrusion detection alerts and handled security incidents
    • Security/system administration on firewalls, IDPS, routers, VPNs, proxies and various Linux/Unix servers

    Internship in system & network administration — La SNET

    Feb 2004 - May 2004 (4 months), France

    Education

    Master's Degree, Management & Business Engineering — EM Strasbourg

    2009 - 2010, Part-time, Strasbourg, France


    Project management, sales & marketing, strategy.

    University Degree, Network & Telecom — Université de Lorraine

    2002 - 2004, Full-time, Nancy, France

    Certifications & Awards

    AWS Certified Security - Specialty

    Since 2021, still valid

    AWS Certified DevOps Engineer - Professional

    Since 2023, still valid

    AWS Certified Solutions Architect - Professional

    Since 2022, still valid

    AWS Certified Solutions Architect - Associate

    Since 2020, still valid

    AWS Certified SysOps Administrator - Associate

    Since 2022, still valid

    AWS Certified Cloud Practitioner

    Since 2022, still valid

    AWS re/Start Accredited Instructor

    Since 2022

    AWS Community Builder

    Since 2020 - this program is for selected AWS enthusiasts and emerging thought leaders who are passionate about sharing knowledge and connecting with the technical community

    AWS Educate Cloud Ambassador

    Since 2020 - this award is for top-tier educators and thought leaders who serve as ambassadors for AWS Educate

    ISACA CISM (Certified Information Security Manager)

    Since 2015, still valid

    ISC2 CISSP (Certified Information Systems Security Professional)

    Since 2013, still valid

    CSA CCSK (Certificate of Cloud Security Knowledge)

    Since 2013, still valid

    EXIN ITIL Foundation

    Since 2008, still valid

    PECB ISO/IEC 27032 Lead Cybersecurity Manager

    Issued in 2017, expired

    PECB ISO/IEC 27005/31000 Risk Manager

    Issued in 2012, expired

    ISACA CISA (Certified Information Security Auditor)

    Issued in 2013, expired

    ISC2 SSCP (Systems Security Certified Practitioner)

    Issued in 2007, expired

    Cisco CCNA, CheckPoint CCSA, CheckPoint CCSE

    Issued in 2004-2006, all expired

    Contact Me