Gary Alexis GRIVAULT
Port Louis, Mauritius
Gary Alexis GRIVAULT
GRC Cybersecurity Expert
Category : Cybersecurity
With in-depth expertise in EBIOS RM risk analysis and regulatory compliance (ISO 2700x, NIS2), I offer cybersecurity project management. I support you in your cyber challenges with a pragmatic approach combining governance, risk management and compliance.
ISO 27001 Lead Implementer certified, I can also provide you with support in improving your security processes and in your compliance.
I lead the security committees in conjunction with the Infrastructure, Applications, Operations and Suppliers teams in order to ensure the alignment of stakeholders and the control of risks related to the new architectures and flows exposed. Of course, all my work is the subject of deliverables corresponding to your needs.
ISO 27001 Lead Implementer certified, I can also provide you with support in improving your security processes and in your compliance.
I lead the security committees in conjunction with the Infrastructure, Applications, Operations and Suppliers teams in order to ensure the alignment of stakeholders and the control of risks related to the new architectures and flows exposed. Of course, all my work is the subject of deliverables corresponding to your needs.
Working hours
- Monday:08h00 To 18h00
- Tuesday:08h00 To 18h00
- Wednesday:08h00 To 18h00
- Thursday:08h00 To 18h00
- Friday:08h00 To 18h00
- Saturday:Not available
- Sunday:Not available
![Cybersécurité & GRC (ISO 27001, Risk & Compliance)]()
Cybersécurité & GRC (ISO 27001, Risk & Compliance)350 $ - Per day- Risk analysis (EBIOS RM) - ISO 27001 / GDPR compliance - Security Policy Development (ISSP) - Security audit and compliance review - Management of cybersecurity programs - Employee awareness - ...
Security Engagement Manager
Nov 2024 - Jul 2025
Chemical sector
Monitoring of the maintenance in safe condition (MCS)
Cybersecurity awareness among the group's employees
Risk control and reassessment
Preparing for NIS2 Compliance
Cyber Security Consultant
Aug 2024 - Dec 2024
EBIOS RM Risk Analysis | Public Sector
EBIOS RM Committee Planning and Project Monitoring (Workshops 1 to 5)
Writing workshop materials and deliverables
Participation in the realization of the final synthesis deliverable
PMO Cybersecurity
Jul 2023 - Dec 2024
CYBERSECURITY AWARENESS PROGRAM 23-24 | Agri-food sector
Planning and monitoring of the CAP 23-24 program for 10,000 employees
Creation and animation of steering committees
Management and scoping of the group's Cybersecurity awareness project
Creation and dissemination of cybersecurity awareness materials in
Multiple languages
Provision of new CYBER indicators and consolidation for management
PMO Cybersecurity
May 2022 - Dec 2023
Operator of vital importance | Industrial sector
- Action plan follow-up as part of a strategic business program (risk analysis, penetration tests, code audits, configuration audit)
- Risk analysis update
- Implementation of an awareness program for a group of 10,000 employees in the industrial sector
- Planning of steering committees, coordination of safety audits
- Participation in Cyber actions (explain vulnerabilities to the project management / project management teams)
- PCI-DSS compliance study (SAQ-A, P2PE) for website and payment terminals
- Drafting of processes and procedures (security incident response plan, authorization management procedure, etc.)
Nov 2024 - Jul 2025
Chemical sector
Monitoring of the maintenance in safe condition (MCS)
Cybersecurity awareness among the group's employees
Risk control and reassessment
Preparing for NIS2 Compliance
Cyber Security Consultant
Aug 2024 - Dec 2024
EBIOS RM Risk Analysis | Public Sector
EBIOS RM Committee Planning and Project Monitoring (Workshops 1 to 5)
Writing workshop materials and deliverables
Participation in the realization of the final synthesis deliverable
PMO Cybersecurity
Jul 2023 - Dec 2024
CYBERSECURITY AWARENESS PROGRAM 23-24 | Agri-food sector
Planning and monitoring of the CAP 23-24 program for 10,000 employees
Creation and animation of steering committees
Management and scoping of the group's Cybersecurity awareness project
Creation and dissemination of cybersecurity awareness materials in
Multiple languages
Provision of new CYBER indicators and consolidation for management
PMO Cybersecurity
May 2022 - Dec 2023
Operator of vital importance | Industrial sector
- Action plan follow-up as part of a strategic business program (risk analysis, penetration tests, code audits, configuration audit)
- Risk analysis update
- Implementation of an awareness program for a group of 10,000 employees in the industrial sector
- Planning of steering committees, coordination of safety audits
- Participation in Cyber actions (explain vulnerabilities to the project management / project management teams)
- PCI-DSS compliance study (SAQ-A, P2PE) for website and payment terminals
- Drafting of processes and procedures (security incident response plan, authorization management procedure, etc.)
Implementation of a shared ISSP according to ISO27001-ISO27002 standards
Monitoring of the ANSSI's Cybersecurity course
- Vulnerability mapping and configuration update tooling
- Protection of privileged access
- Reinforcement of shared protection of mobile devices and terminals
- Identity Reinforcement
- Raising awareness
Improved security incident management
Creation of a security working group (member IT departments and CISOs)
Community Cyber Security Awareness
Setting up an ISS dashboard
Monitoring of the ANSSI's Cybersecurity course
- Vulnerability mapping and configuration update tooling
- Protection of privileged access
- Reinforcement of shared protection of mobile devices and terminals
- Identity Reinforcement
- Raising awareness
Improved security incident management
Creation of a security working group (member IT departments and CISOs)
Community Cyber Security Awareness
Setting up an ISS dashboard
Microsoft AZURE Security (AZ500)
Implementation and management of the ISMS ISO 2700x compliance
- IS security policy, audit and risk management (ISO 27001, 27002, 27005, crisis management) 70%
- Security and offensive and defensive techniques (penetration testing, vulnerabilities, forensics) 30%
Implementation of an ISMS (ISO 270001 & ISO27002)
- Security and offensive and defensive techniques (penetration testing, vulnerabilities, forensics) 30%
Implementation of an ISMS (ISO 270001 & ISO27002)
Result: Level C1 - Advanced
Intensive 200-hour training in English face-to-face and eLearning.
Passing the BULATS level C1 (advanced user)
One-week immersion course in London
Intensive 200-hour training in English face-to-face and eLearning.
Passing the BULATS level C1 (advanced user)
One-week immersion course in London
Microsoft Certified System Engineer
Industrial Computing
- ISO 27001 Lead Implementer 22/09/2023
![ISO 27001 Lead Implementer]()
Certified by PECB
- 🇬🇧 English
- 🇫🇷 French
Please sign in as a customer to give your feedback
Need a service ?
Do you want to hire the services of this Professional ?
Post your need and you will receive dozens of proposals from the Professionals of the community.