About Luc Lefebvre:
Author, speaker and privacy advocate. Also an organ donor circa 2011.
20 years of experience.
Profile: Passionate humanist. Interested in technology, international affairs and human issues.
Skills: security analysis, security architecture, risk analysis, risk management, training and awareness in hostile areas (H.E.A.T.), forensic analysis, surveillance, audit, investigation, intelligence, advanced persistent threat.
Work experiences: Full resume available on-demand.
Experience
Chief Information Security Officer (CISO) and Chief Privacy Officer (CPO),,Evolia, Québec, Québec
- Governance, Risk and Compliance:
- Lead and manage Information Security, reporting directly to the Board of Directors
- Management of a team of infosec professionals
- Development of an infosec control framework based on the NIST-CSF
- Drafting of policies, processes, standards, directives, infosec and IT positioning.
- Accountability to competent and legal authorities
- Follow-up and management of security events and incidents
- Development of metrics, performance indicators and dashboards
- Obtained SOC 2 type 2, HIPAA, GDPR, ISO 27001, and other certifications.
- Knowledge of ISO 27001, 2700x, NIST 800-53, NIST 800-82, SOC 1, SOC 2, SOC 3, GDPR, SOX, PCI-DSS, FedRAMP, etc.
- Member of Executive Committee
- Participate in organizational development, support other teams in their development
- Play the role of advisor in the development of other technological projects
- Member of the media and crisis requests management committee
- Actively participate in responding to media requests and crisis units in the event of an event or incident
- Privacy Protection (CPO) and Data Protection Officer (DPO)
- Ensure compliance with regulatory obligations (Law 25, GDPR)
- Follow up on data destruction requests
2021 - 2022
Product Manager & Senior Advisor, Governance, Cybersecurity, Desjardins, Montreal, Quebec
- Governance, risk and compliance:
- Product owner (squad leader) in governance, risk, compliance - cybersecurity
- Management of two squads: one in accountability of 6 resources, the other in risk management and control assessment
- Presentation of work of the squads with the BISOs/CISOs/Desjardins Head of Security
- Capture and analysis of metrics on security posture, information security maturity, risk rating and compliance
- Development of dashboards on PowerBI
- Participate in the development and optimization of an internal control framework in information security, mapping with all relevant industry standards, particularly in connection with the financial community (AMF, BSIF, etc.)
- Participate in the development of the target operational management model information security risks
- Knowledge of ISO 27001, 2700x, NIST 800-53, NIST 800-82, SOC 1, SOC 2, SOC 3, GDPR, SOX, PCI-DSS, FedRAMP, etc.
- Product owner (squad leader) in governance, risk, compliance - cybersecurity
2020 - 2021
Lead analyst, cybersecurity/infosec, Héma-Québec, Montreal, Quebec
- Governance, risk and compliance: Risk
- analysis and management related to information security
- Writing risk analyzes (impacts, probability, risks, threats) and recommendations
- Software security, cloud, systems embedded systems, identity and access management, signatures, PLCs and laboratory equipment, etc.
- Development of risk analysis, management and monitoring processes
- Creation of business requirements, participation and evaluation of suppliers during calls for tenders and new projects
- Writing risk analyzes (impacts, probability, risks, threats) and recommendations
- Compliance
- Drafting of policies and guidelines
- Creation and drafting of all information security / cybersecurity governance framework
- Knowledge of ISO 27001, 2700x, NIST 800-53, NIST 800-82, SOC 1, SOC 2, SOC 3, GDPR, FedRAMP, etc.
- Drafting of policies and guidelines
- Trainings and awareness
- Initial training in information
- security Regulatory government certification in information security
- Crisis management - cybersecurity and reputational risk management
- Militant groups, ransomware
- Advanced persistent threat
- analysis and management related to information security
Education
I studied in public relations.
Professionals in the same Technology / Internet sector as Luc Lefebvre
Professionals from different sectors near Montréal, Montréal
Other users who are called Luc
Jobs near Montréal, Montréal
-
Assistant Commercial en immobilier
3 hours ago
Aftec Laval, Canada AlternanceLe campus AFTEC de Laval, propose des formations de BTS à Bac+5, en alternance ou en initiale, dans différents domaines tertiaires. Rejoignez un campus dynamique qui compte plus de 400 étudiants. · UN EMPLOI ? UNE FORMATION ? POURQUOI PAS LES DEUX ? · L'ENTREPRISE : · Notre part ...
-
Agent administratif
4 days ago
CISSS de la Montérégie-Est Longueuil, CanadaAgent administratif - Laisse ton empreinte dans le réseau de la santé à Longueuil · Contribue à la santé des gens de ta région. Deviens agent administratif à l'Hôpital Pierre-Boucher, en CHSLD ou en CLSC, des établissements du centre intégré de santé et des services sociaux de la ...
-
Technologue en médecine nucléaire
1 week ago
CISSS de la Montérégie-Est Longueuil, CanadaUn emploi dans le secteur public dans le domaine de la santé, c'est avoir l'envie de servir et apporter vos compétences pour le bien de la population. · Avec ses employés, la grande famille du CISSS de la Montérégie-Est est le plus grand employeur de la région et a cette mission ...