You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
Yassine CherkaouiYC

Yassine Cherkaoui

Cybersecurity Engineer | GRC & Risk

€450/day
Madrid, ES
3-7 years
GRC (Governance, Risk & Compliance)
Risk Assessment
Secure SDLC
Threat Modeling
Application Security

Average response time: 1 hour

About Yassine

Cybersecurity Engineer specialized in GRC, Risk Assessment and Secure SDLC.

I support large organizations in securing their applications and cloud environments through threat modeling, security by design and governance practices.

Experienced in banking and regulated environments (Santander CIB, AXA), with strong expertise in privileged access governance, security assessments and automation of security processes.

Available for remote missions across Europe and international environments.
Banking and Financial Services
Digital and IT Services
E-commerce
Digital Business Models

  • Spanish

    Native or bilingual

  • English

    Fluent

  • French

    Native or bilingual

  • Arabic

    Native or bilingual

Can work on-site
Madrid (up to 50km), Cadiz (up to 50km), Málaga (up to 50km), Barcelona (up to 50km)

Experience

  • AXA Group Operations (AXA GBS)
    Security Engineer Expert — Cyber Defense department
    BANKING AND INSURANCE
    January 2026 - Today (6 months)
    Rabat, Morocco
    Driving the quarterly Azure KRI monitoring cycle across the group's cloud perimeters. Automated the quarterly KRI consolidation process to reduce manual reporting effort. Reviewed privileged access entitlement reports as part of the group PUAM governance cycle. Refreshes and analyzes Power BI dashboards tracking KRI compliance; coordinates findings with TAS Lead and validation teams.
    GRC (Governance, Risk & Compliance) Risk Assessment Application Security Privileged Access Management (PAM) Microsoft Power BI
  • Migrantexperience
    Co-Founder & CTO
    April 2024 - Today (2 years and 3 months)
    Co-founded a platform for expatriates; leading technical direction and secure-by-design architecture.
  • Santander Corporate & Investment Banking (SCIB)
    Cybersecurity Specialist — CISO Department
    BANKING AND INSURANCE
    November 2023 - November 2025 (2 years)
    Málaga, Spain
    Led the Secure SDLC program across 80+ critical applications (onboarding, threat modeling, remediation). Advanced threat modeling with IriusRisk — identified vulnerabilities and defined countermeasures. Owned group-wide DLP strategy on Purview, Trellix and Netskope. Managed EDR via CrowdStrike and performed SAST/DAST/SCA analysis with Fortify and Dependency-Check. Reviewed firewall change requests and performed threat hunting and incident triage using Splunk, IBM QRadar (SIEM) and IBM Resilient as a CTU member. Automated critical security processes using Python and Power Automate.
    Secure SDLC Threat Modeling Microsoft Power BI Application Security Risk Assessment
Check out Yassine's experience

Recommendations

Be the first to recommend Yassine

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Master’s Degree in Data Science and Cybersecurity
    University of Malaga
    2022
    Master’s Degree in Data Science and Cybersecurity
  • Bachelor’s Degree in Computer Engineering
    Int. University of Rabat
    2019
    Bachelor’s Degree in Computer Engineering
Check out Yassine's education

Certifications

  • IriusRisk Threat Modeling Champion
    IriusRisk
    2024
  • Quantum Computing and Cybersecurity
    UMA
    2024
    Cryptography Emerging Threats Cybersecurity Strategy

Skill set

GRC (Governance, Risk and Compliance)
Risk Assessment
Secure SDLC
Threat Modeling
Application Security

Categories