Votre navigateur est obsolète !

Pour une expériencenet et une sécurité optimale, mettez à jour votre navigateur. Mettre à jour maintenant

×

Julien CHAMPSEIX

Chief Information Security Officer

Veille technologique
Linux
Chef de projet
Monitoring
Réactivité
Accueil Expériences Formations Compétences Centres d'intérêt
Télécharger mon CV PDF
Julien CHAMPSEIX
42 ans
Permis de conduire
SUCY EN BRIE (94370) France
Contactez-moi
Situation professionnelle
En poste
Ouvert aux opportunités
Présentation
A technology leader with over 15 years of experience in designing secure and scalable cloud architectures. I have led complex digital transformations that have delivered measurable ROI: a 40% reduction in cloud costs (FinOps), a 60% improvement in time-to-market, and ISO 27001/SOC2 compliance achieved without operational friction.

My philosophy: Security is not a hindrance but a growth accelerator when managed with agility and intelligence (e.g., integrated into product design, ...).

Key achievements:
→ Migration from an on-premises platform to the cloud, incorporating a vision and strong security enhancements
→ Multi-cloud architecture (GCP/AWS) supporting 30M+ users with a 99.99% SLA
→ FinOps strategy that saved €3M annually while doubling capacity
→ DevSecOps framework reducing vulnerabilities by 85% in production
→ Team of 25+ engineers transformed into a center of technical excellence

Expertise: Security Awareness - Cloud Architecture • FinOps • Product Security • Platform Engineering • Team Leadership • Business Strategy

Passionate about building and integrating technology solutions that combine performance, security, and cost-efficiency.

My approach: #LeverageBusiness #BuildSecure #ScaleSmart #LeadWithPurpose
CV réalisé sur DoYouBuzz
Expériences
  • Act as the primary security contact for enterprise customers, leading security reviews, RFP responses, and trust assessments during sales cycles, then ensuring continuous security engagement throughout the contract lifecycle (audits, questionnaires, incidents, policy updates).
  • Architected unified security strategy across 3 SaaS entities (Cloud, Product, SOC/SIEM/XDR/SOAR) with direct reporting to group management.
  • Deployed zero-trust perimeter with CloudFlare (WaaP, Tunnel, Warp), significantly reducing external attack surface while preserving operational performance.
  • Led ISO 27001:2013→:2022 migration & SOC 2 Type II audit, zero major non-conformities, turning compliance into a business differentiator for enterprise customers.
  • Pioneered an AI Security & Governance framework: Shadow IT/AI detection, EU AI Act alignment, LLM risk assessments (prompt injection, data leakage, model supply chain).
  • Built an internal offensive security programme (OWASP ZAP, BurpSuite, Caido) with recurring pentests, structured vuln management & phishing simulation campaigns.
  • Redesigned identity & device governance with JumpCloud as single control plane for MDM, patch management, Shadow IT detection & asset inventory across all entities.
  • Defined group-wide SBOM strategy and integrated supply chain security into CI/CD pipelines (Github Action(syft/grype)+Dependency-Track+GUAC), bringing dependency risk to the same governance level as infrastructure.
  • NIS2, DORA, EU AI Act & CRA compliance projects, translating legal obligations into actionable controls with board-level reporting to management & investors.
  • Deployed a recurring security awareness programme (role-based training, phishing campaigns) establishing security as a shared organisational reflex across 3 entities.
  • Launched a Digital Protection business unit offering security strategy, architecture assessments & compliance advisory to external customers — opening a new revenue stream for the group.
Description de l'entreprise
Groupe Revevol est composé de 3 entités :
  • Manage security strategy, vision and budget (SecOps, Conformity, Platform Security, Product security, ...) ~ 15 people
  • Manage security budget (millions €)
  • Build from scratch security department (including SecOps division, IT division & Conformity division)
  • Build KPIs Dashboard to drive the security
  • Drive security approach inside our product (payment related to PCIDSS, ATO for login/api prevention, application password management ...)
  • Setup and drive a plan to obtain ISO27001 certification which is a first step as security framework and provide a business leverage. (Certification IS027001:2003 obtained in Sept 2022)
  • Manage & deploy IaC (Infrastructure as Code) framework for several security projects with automation. (including training inside the team to leverage them on this approach)
  • Manage external bug bounty program (YWH)
  • Manage and build awareness & pentesting framework
  • Manage security framework for our hybrid platform (mixing cloud + on-prem)
  • Defining a multi-cloud vision/architecture (GCP/AWS) to support our growth
  • Building and managing the DevOps team (recruitment, 1:1 meetings, career development, team organization, etc.). ~ 5people
  • Implementing cross-team processes to drive impact for the Cubyn product
  • Infrastructure cost management and structuring based on technical best practices (RI, Saving Plan, Spot, etc.)
  • Agile project & task management (daily warm-up, cross-team priority meetings, retrospective feedback, etc.)
  • Taking charge of security
  • Integrating FinOps methodology into our development workflows
  • Management of the DevOps, SupOps, and PaymentOps teams (~ 10 people)
  • Mentoring the DevOps team (Technology, Cloud, DevOps practices, etc.)
  • Infrastructure containerization (Docker, ECR, ECS)
  • Management of the infrastructure’s PCI-DSS “service provider” certification process. (Certification obtained)
  • Migration vers le Cloud AWS (en alignement avec les prérequis du régulateur Banque de France/ACPR)
  • Review and strengthening of security measures (bastion host, storage encryption, in-transit traffic, etc.)
  • Implementation of high-availability solutions for key components (Load Balancer, Database Cluster, Messaging, etc.)
  • Management of supervision and monitoring systems (Kafka, ElasticSearch, InfluxDB, Grafana, etc.)
  • Implementation of continuous integration/continuous deployment tools (Jenkins/GitLab CI)
  • Use of configuration management tools (Ansible)
  • Implementation of Infrastructure as Code (IAC) using Terraform, including management of multiple AWS accounts
  • Define a DoD (Definition of Done) for development and infrastructure deployment
  • Agile project & task management (daily stand-ups, Kanban, etc.)
  • Management of the Infrastructure & Platform budget
  • Setup of tools for support teams (CS & SupOps)
  • Implementation of the technical vision to support our technological business growth
  • Sharing knowledge and providing guidance on the AWS Cloud to development teams
  • Management of the DevOps/DBA team (Agility & Kanban, ~ 6 people)
  • Leading and participating in project design within the DevOps/DBA team
  • Budget management and forecasting for the entire infrastructure
  • Revamping a Kanban prioritization workflow (JIRA)
  • Management of all infrastructure-related vendors (hosting: AWS/Google Cloud/Azure, System Monitoring, Logs Monitoring, etc.)
  • Proactive in proposing infrastructure improvements
  • Implementation of BI upgrades (PeriscopeData)
  • Manage and lead a team of engineers spread across two sites (Agility, ~20 people)
  • Manage Level 3 projects related to the design, deployment, support, and administration of IT infrastructure
  • Conduct technology monitoring for the group to maintain an infrastructure that combines performance and high availability
  • Proactively propose changes to be implemented, both functionally and technically
  • Extensive use and management of cloud infrastructure (AWS)
  • Manage security related to the infrastructure
  • PCI-DSS certified “merchant provider” infrastructure
  • Lead and participate in team projects, ensure they are evaluated and scoped, ensure their quality and alignment with requirements, and ensure that best practices in the Unix/Linux/Windows domain are followed
  • Implementation of a WAF (Akamai)
  • Ensure compliance with IT security best practices across all platforms
  • Manage and adhere to allocated budgets
  • Collaborate with other teams in France, including advising and assisting the Level 2 operations team
  • Communicate daily with the team based in England
  • Actively participate with your team in Level 3 support tasks
  • Implement automation for the group (Ansible)
  • Maintain and improve applications using Zend Framework 1.12
  • Management of the project team (~5 people)
  • Regular reporting on activities and the team to the manager
  • Organizing, mobilizing, and managing resources (human, budgetary, etc.)
  • Technology watch
  • Leading projects and tasks related to IT infrastructure
  • Anticipating and preventing risks to ensure project objectives are met (e.g., budget overruns, missed deadlines, etc.)
  • Reporting progress to project stakeholders
  • Ensuring effective and harmonious communication among all project stakeholders
  • Proactive in proposing improvements to infrastructure, operating systems, and networks
  • Extensive use and management of cloud infrastructure (AWS)
  • Level 2 consulting and support for operations teams, drafting documents as part of continuous improvement
  • Ensuring compliance with Unix/Linux/Windows standards and service availability
  • Responsible for managing costs, deadlines, performance, and product quality
  • Implementation of a CDN (Akamai)
  • Application development using Zend Framework 1.12
  • Occasional participation in operational tasks
  • • Coordonner l'activité de l'équipe Système & Réseaux France (3personnes)
  • • Maintenir en condition opérationnelle du Système d'information (Machines & Réseaux)
  • • Réaliser des tâches inhérentes à l'exploitation des plates-formes et des projets Groupe
  • • Être le référent technique :
    • Tâches :
    - Être force de proposition sur les choix techniques / méthodes des tâches d'exploitation Groupe
    - Être le garant de l'application des chois retenus
    - Mise en place d'audits

    • Projets Groupes :
    - Prendre en charges certains projets Groupe en étant force de proposition des choix techniques
    - Leader ces projets en assurant leur mise en place auprès des équipes
  • • Être le responsable du pôle achat informatique France
    • Optimisation des coûts du parc informatique
    • Gestion du budget alloué en assurant son suivi
  • • Responsable des achats informatiques (en contact direct avec les fournisseurs) incluant la gestion du budget informatique alloué (Serveur, Poste Client, Poste Bureautique)
    • Mise en place/Gestion/Maitrise de différentes solutions de stockage propriétaire ou open source
    • Mise en place/Gestion d'outils de supervision (Nagios) sur une plateforme importante couplée à un système d'outil haut disponibilité (LVS) afin d'assurer une continuité de service.
    • Maitrise de la performance (Calcul de performance hardware, Calcul d'un besoin DISK/CPU/RAM)
    • Gestion, Mise en place et Administration des projets suivants :
    --------• Supervision et Développement WebUI sur instances EC2 Cloud
    --------• Plateforme MySQL 5.0/5.1 avec réplication
    --------• Plateforme Jboss 4.2/5.0
    --------• Plateforme WSUS
    --------• Plateforme Heartbeat/LVS/FailOver Auto
    --------• Outil d'inventaire du parc informatique (OCS Inventory)
    --------• Développement de plugin OCS Inventory (écrit en PHP) couplé à une base MySQL (VNC, Gestionnaires Licence, Gestionnaire immobilisation, FAQ, HOW TO,)
    --------• Plateforme d'auto déploiement via PXE Server & Cfengine 2
    --------• Développement d'une interface PHP pour optimiser l'administration
    --------• Outil de versioning : Serveur Subversion (avec backup sur stockage externe)
    --------• Plateforme OpenVPN avec Failover
    --------• Plateforme Serveur Symantec EndPoint
    --------• Plateforme de ticketing couplée à une plateforme Nagios pour administration des incidents/alertes du monitoring (OTRS)
    • Administration / Gestion d'un parc informatique de 250/300 Serveurs sous Linux
    • Déplacement/Intervention dans différentes salles serveurs en Europe
    • Administration de comptes mails via une interface web
    • Administration de Windows Serveur 2003 avec Active Directory (multi-site)
    • Centralisation des fichiers hosts du domaine Active Directory

Administrateur Systemes & Reseaux, ADVISEO

ADVISEO
Octobre 2004 à octobre 2006
CDI
PARIS
  • • Montage et Installation hardware de serveurs
    • Mise en place de serveurs dans des datacenters
    • Intervention dans des salles serveurs en France
    • Câblage Réseaux de baies et de salles informatiques
    • Installation et configuration de Serveurs Ubuntu et Debian
    • Gestion de Serveurs Linux
    • Acquisitions de quelques notions de serveurs de virtualisation (Xen)
    • Administration Support avec Request Tracker

Stagiaire Administrateur Systeme & Reseaux, Assistance publique des hôpitaux de Paris (Hopital Charles-FOIX)

Assistance publique des hôpitaux de Paris (Hopital Charles-FOIX)
Octobre 2004
Stage
PARIS
  • • Migrations des serveurs du parc hospitaliers de Windows NT4 vers 2003
    • Migrations des serveurs Citrix 1.8 vers Citrix XP
    • Mise en place d'une architecture Active Directory
    • Paramétrage réseaux (VLAN, Trunk ,.) sur switch Procurve HP
CV créé sur DoYouBuzz