You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
Hafid BHB

Hafid B

Senior Infrastructure & Security Project Director

€1,400/day
Zurich, CH
15+ years
Gestion de projet IT
Cybersécurité
Infrastructure
GRC
SAP

Average response time: 1 hour

About Hafid

Senior IT Program & Project Director | Infrastructure Resilience, Cybersecurity & SAP Transformations

With over 28 years of international experience directing large-scale IT infrastructure, cybersecurity, and corporate business transformations—including 15+ years on-site in Switzerland leading strategic initiatives for world-class organizations like Novartis, Nestlé, and Banque Cramer—I drive high-stakes programs with rigorous governance and a delivery-focused mindset.

My core expertise spans across:

Infrastructure & Cyber Resilience: Designing and executing robust business continuity (BCP/DRP) and cybersecurity frameworks within highly regulated environments (GRC).

SAP & Middleware Ecosystems: Streamlining complex SAP migration roadmaps, cloud integrations, and coordinating seamless post-go-live "hyper care" phases.

Strategic Governance: Leading complex cross-functional teams, structuring corporate project management methodologies, and managing high-budget portfolios.

Based in Zurich, I am fully available for local on-site assignments and hybrid setups ("semainier"), bringing immediate senior leadership to your IT and Supply Chain challenges.

  • French

    Native or bilingual

  • English

    Fluent

  • Arabic

    Native or bilingual

Can work on-site
Zurich (up to 50km), Bâle (up to 50km), Zoug (up to 50km), Genève (up to 50km), Winterthour (up to 50km)

Experience

  • Groupe Lactalis
    Senior Infrastructure & Security Project Director
    June 2024 - March 2026 (1 year and 9 months)
    Laval, France
    PAM Architecture ERP, Jenkins, Azure DevOps
    • ▪ Directed a portfolio of mission-critical enterprise infrastructure resilience projects, overseeing the architectural redesign and safe migration of core SAP ERP ecosystems, transactional middleware (Tibco) and central batch scheduling (Control-M) to high-availability IBM Power10 and Cisco SAN platforms.
    • ▪ Spearheaded a deep-dive PAM architecture benchmark (CyberArk, BeyondTrust, Thycotic): conducted functional and technical comparative studies to define a multi-year privileged access hardening roadmap, adopted by the CISO as the firm's access security baseline.
    • ▪ Designed and executed multi-site Disaster Recovery Plans across the full SAP/Tibco/Control-M stack: led failover simulation campaigns, coordinated SLA sign-off with business owners and produced formal acceptance reports for executive risk committees.
    • ▪ Established and continuously animated the full programme governance model: weekly technical COPROJ, monthly executive COPIL, cross-functional risk and dependency registers, escalation management and multi-stream budget tracking.
    • ▪ Produced consolidated executive dashboards (KPI/KRI) on operational performance, capacity and incident trends; presented directly to C-level steering committees and Group CIO.
    • ▪ Managed CMDB data quality and technical asset lifecycle in Workfront, coordinating with production teams and third-party vendors to maintain referential integrity and ensure audit-ready posture.
    • ▪ Coordinated CI/CD pipeline improvements (Jenkins, Azure DevOps) to reduce infrastructure deployment lead times and align release cycles with agile sprint schedules.
  • WorldLine
    Infrastructure Project Director – Cybersecurity
    November 2022 - May 2024 (1 year and 6 months)
    Paris, France
    • ▪ Commanded the global cybersecurity transformation programme following the multi-billion Euro carve-out from Ingenico, managing complex regulatory profiles across 40+ countries simultaneously on a hybrid Azure/AWS environment.
    • ▪ Led full evaluation, architecture design and worldwide deployment of an integrated defensive ecosystem: replaced legacy CrowdStrike and McAfee with SentinelOne EDR, Splunk SIEM and Microsoft Authenticator MFA — coordinated with Group CSIRT, cloud architects and external integrators across multiple time zones.
    • ▪ Maintained zero security blind spots during active migration by routing real-time events between the incoming Splunk architecture and the legacy monitoring environment simultaneously throughout the transition.
    • ▪ Drove ISO 27001 compliance alignment across all post-carve-out entities: codified unified security policies, verified evidence packages, mapped technical exceptions and coordinated formal external certification loops.
    • ▪ Built a unified international project delivery office: tracked multi-stream programme investments, critical cross-border constraints and delivered regular status reports directly to CISO and executive steering committees in English and French.
    • ▪ Managed multi-vendor dependencies, contract escalations and international stakeholder communication across cloud, security, compliance and business teams in a fully matricial organisation spanning FR, DE, UK, US and APAC.
    Cybersécurité Infrastructure SAP GRC Gestion de projet
  • Abeille Assurances (Aviva)
    Cybersecurity Programme Director
    December 2021 - October 2022 (10 months)
    Paris, France
    • ▪ Orchestrated the full cybersecurity transition programme following Abeille's separation from Aviva Group: designed and deployed an independent semi-outsourced hybrid SOC from scratch (SIEM, VMS, CTI, MFA, EDR, IPS/IDS) under compressed timelines.
    • ▪ Integrated structured Cyber Threat Intelligence (CTI) feeds into the SIEM platform: normalised threat telemetry, built custom IoC tracking workflows and provided analysis tier with contextualised indicator-of-compromise detection, directly reducing mean-time-to-detect.
    • ▪ Built and institutionalised a full Vulnerability Management System (Qualys): configured active discovery across all internal and cloud assets, enforced automated remediation SLA tracking and established clear executive posture reporting for the CISO.
    • ▪ Engineered a highly resilient emergency backup SOC architecture in direct response to heightened cyber risks from the Ukraine geopolitical crisis — instantaneous hot-site data sync, zero-downtime failover capability, delivered ahead of deadline.
    • ▪ Conducted a foundational EBIOS RM risk assessment across all critical IT structures and multi-tenant hosting environments; risk remediation blueprint adopted by the Executive Risk Committee as the firm's 18-month security baseline.
    • ▪ Supervised multi-million-Euro programme budget controls, resource planning and vendor contract negotiations; delivered high-level regulatory updates to compliance committees and board.
Check out Hafid's experience

Recommendations

Be the first to recommend Hafid

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Enterprise Architecture Framework
    The Open Group
    2019
    Enterprise Architecture Framework
  • Certified Ethical Hacker v8 (CEH)
    EC-Council
    2013
    Certified Ethical Hacker v8 (CEH)
Check out Hafid's education

Categories