Eric STUMPP

Rue du Centre *B

**** ******** – Switzerland

Mobile : +41-79-798-**-**

E-mail : adzpzi@r.postjobfree.com

www.linkedin.com/in/ericstumpp

Swiss nationality

**-*****-***

Senior Security Consultant - CISO

Information Security and Risk Manager

Head of IT and Security with over 30 years of experience in the information technology industry with a strong knowledge in communication, strategy, project management, service, infrastructure and security management. Strong ability to build and translate business requirements into efficient, secure, innovative and scalable IT environments.

Large and deep capacity to transform and advise in modernization of financial, banking and industry platform architecture across wide project management, hands-on operations and compliance regulatory.

Operation Level

- Design, conception and implementation of critical infrastructures

- IT governance, Security, risk, compliance, legal and regulation

- C-suite and Technology Strategy Advisor - Business Process integration

- Management and support of information systems and teams

- Functional analysis and audit procedures

- Site resiliency and acceptance procedures

- User training and troubleshooting

Specialities

Information Security CISSP (2005) – IS Auditing CISA (2008) IT Service Management ITIL (2007)

Business Continuity Management – Risk Management EBIOS/HERMES/FAIR – ServiceNow GRC ISO27000 Family/COBIT/TOGAF/NIST/SABSA

Project Management - PMP (2018)

IOT/OT/ICS Security

Technology consulting, Sourcing and Vendors Management Speaker and trainer on IT topics related to security, audits, GDPR,…. Technical Skills

System and Network

Cisco (Nexus,UCS, ASA), VDI, NetApp, VMAX3, Corning, Citrix, IBM Power7 (OS/400-AIX/Oracle), Microsoft (PC, Servers/Exchange/SQL), VMWARE, NetBackup, DataDomain, Linux, MacOS, AWS, Azure, Docker, Kubernetes, OpenShift, SCADA/DCS

Security

Qradar/Watson/AppScan/BigFix/Guardium/Resilient, SD Elements/SDLC/ALM, Checkpoint, Fortinet, F5, Splunk, Darktrace, Qualys, Vormetric, SourceFire, AlienVault/Soltra, Arcsight, Tufin, AirWatch, Bluecoat, MobileIron, Safenet, Sailpoint, CyberArk, RSA, McAfee, Foundstone, Open Systems, RealSentry, Fireeye, Synopsys, Maltego, Recorded Future, PaoloAlto, Falcon, FlashPoint, Airlock, Zscaler, BitSight, Dragos EXPERIENCES

Since 2017 E3S/Architic – Founder - CxO and Principal Security Advisor Enhanced Security Services Management - SmartCity, IOT/OT - AI/ML SOC as a Service - CyberSec Architect - CISO as a Service

• Cybersecurity Architect for Bank – BNP Paribas WM - 2022/2023 Review the Group's reference architectures (ISO27001/27005 – NIST CSF) and security requirements in projects; Advise project managers and application managers for GRC compliance. Conduct of IT and Cyber risks assessment and review (SAST/SCA/FSAT/DAST/Pentest/OWASP) and impact analysis in projects; Participate in the determination of business security requirements

• Cybersec Command Center Architect Public Sector – Royal Commission for AlUla (KSA) 2020/2021

Designing and building the core security center eSOC - integrating critical IOT/OT network infrastructure

(power plant, water treatment, health network, police and traffic, etc ...) – designing segmentation/ZTNA Definition and implementation of Use case and playbooks - Resilience and crisis scenarios - Project and documentations

• Cybersecurity Consultant for Bank/Finance – AVALOQ - 2020/2021 Description and implementation of 70 use cases for a SOC as a service Benchmark the rule-based against machine learning

2019 - 2020 AVALOQ – Client Facing Security Officer Manage client relationships from the security governance perspective, contribute to the definition of the client specific security baseline, consult and advise internal and external clients about security topics, manage the Security SLA governance and GRC.

Manage the processes of the moves of the customers environments to SDDC in a secure manner including design and configuration of the new architecture.

2017 - 2018 IBM Security Partner - Senior Security Managing Consultant Solution Architect and coordinator for complex managed security service program. IBM Immune System business development.

Design, implement and manage large Security Operation Center and RED Teams Perform information risk, security, and related compliance assessments, including testing of related controls according to Data Security and Privacy Framework and Industry Regulation and GDPR compliance - Coordinate information risk and security discussions with technical and non-technical groups (business/legal/devops) Cyber Awareness policies/training procedures to meet corporate and regulatory requirements and standards 2014 – 2017 JP MORGAN (Suisse)

VP - Data Center, Network, Security Services Infrastructure Lead Senior Data Center, Network and Security services infrastructure technology lead heading all the core services team responsible for Microsoft Exchange, VMware and Citrix; Network services in charge of IP network, security, telecommunications and data centers; and the Data Services team responsible for tier 1 storage, NAS, Virtual System and Cloud infrastructure located in Geneva covering global applications.

- Led Media Management (backup to disk, Tape management, media destruction)

- Led Internal Infrastructure Audit.

- Managed and coached a team of 10 Engineers and 5 Consultants on site and off-shore as well as broader Asset.

- Budget and Sourcing management (over 10M$/yearly) Major accomplishments:

Led the Strategic Relocation Program of the New Data Center

- Site and supplier selection – Impact and Budget Analysis (10 M USD)

- Analysis, sanctioning and design of the new room (200 m2) – Power/Rack/Cooling

- Design, architecture and implementation of the network diversity and backbone

- Setup of the virtual cloud and storage over 3 Data centers in Switzerland

- Built-out of the network L2 strech for the application migration

- Planning and operation model to maintain the business continuity during the application migration and data integrity

- Management of the system/network/storage/cloud capacity in global provisioning view 2013 – 2014 INTEROUTE

Technical Security Account Manager for UEFA

Responsible for the Security of the Systems/Network project with UEFA.

- Undertook a range of new projects to improve the service continuity in case of disaster which related in reducing risks and increasing compliance.

- Planned and designed the implementation of eSoc and SIEM architecture to identify vulnerabilities and threats. Reviewed PenTest and Audit to establish a strong risk assessment for EURO 2016 2006 - 2013 - ERI BANCAIRE

IT Manager and Security Officer

- Led and coached the IT strategy/governance and team (8/12 engineers) over 7 sites (Europe- Asia) Corporate Security Officer

- Led projects from the design to the implementation within the system, network, private cloud and security architecture.

- Improved the IT business processes applying ISO 27x and ITIL/Cobit Standards, vulnerability management, network security, server hardening, security incident management, identity management and secure software development. - Architect of the new data center and built-up the Saas center (Olympic Core Banking System), the BCP/SRM strategy and contingency plan providing software and activity loss prevention (300 developers)

2003- 2005 SKYGUIDE SA

Information Security Officer and Security Project Manager

- Designed and built up the national security, implemented the protection perimeters regarding risk analysis.

- Elaborated Information Security policies and advised future strategies and corporate security policies to management board, steered projects roll-out and budget.

- Led the engineering and support security team of 5 Engineers, provided users and Engineers security training and awareness programs.

- Architect and Project Implementation of a strong authentication tokenless platform for the Pilots Air Flight Traffic Management.

2000 - 2002 - CNET CHANNEL SERVICES

Network and Security Manager

- Architect and designer of the security and network infrastructure project of the European datacenter. Responsible for all aspects of security and network communications. PREVIOUS EXPERIENCES

1999 - 2000 ORANGE COMMUNICATIONS SA - ISP Security Infrastructure 1998 - 1999 DECAN Group - Technical Consultant for HEWLETT-PACKARD 1996 - 1998 ABN AMRO SECURITIES FRANCE - IT Front Office Manager 1993 - 1996 STRATUS COMPUTER - TAM Finance Telecom Air-Control EDUCATION

• MBA CSSI program - 2004 HEC - University of Geneva

• M.Eng/Engineer degree in Computing (Informatique et Systèmes d'informations) - 1987 ENSAM - 1996 - CNAM, Paris

• BA Interior design – 2021

English: C1-Business Proficient French: Mother Tongue German: B1-Intermediate Hobbies: Skiing – Diving – Golf – Biking - Photography - Egyptology

Contact this candidate