You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
Walid Ait MouffokWA

Walid Ait Mouffok

PCI DSS Compliance Specialist, CISSP, CISA

€737/day
Dijon, FR
8-15 years
PCI DSS
Gap analysis
Governance, Risk and Compliance
Consultant GRC
Regulatory Compliance

Average response time: 1 hour

About Walid

Consultant GRC avec plus de 8 ans d’expérience, spécialiste en conformité PCI DSS. J’accompagne les entreprises dans la mise en œuvre de leur conformité PCI, à travers des audits, analyses d’écarts et stratégies de gestion des risques adaptées aux objectifs business. J’ai notamment joué un rôle clé dans le développement d'un framework ayant permis à mon client de réaliser plus d’10 M€ d’économies. Analytique et attentif au détails, je mets mon expertise au service de la sécurité, de la gouvernance et de la conformité réglementaire.



I help organizations achieve PCI DSS and GRC compliance by translating complex technical controls into clear, actionable audit evidence. At La Poste, I managed the compliance framework that decommissioned over 3,500 VMs and validated system change controls under PCI DSS 4.0, saving the company over €10M. With experience in vulnerability management, asset auditing, and compliance reporting, I bridge the gap between technical operations and governance. I’m now focused on helping global enterprises prepare for successful PCI DSS and NIST CSF 2.0 assessments.
Consulting and Audits
Digital and IT Services
Banking and Financial Services

  • French

    Native or bilingual

  • English

    Fluent

  • Arabic

    Native or bilingual

Remote only
Primarily works remotely

Experience

  • Baxter Clewis Cybersecurity
    PCI DSS Consultant
    CONSULTING AND AUDITS
    May 2025 - December 2025 (7 months)
    Texas City, United States
    - Reviewed ASV scan results (Qualys/OpenVAS) for PCI DSS alignment, enabling effective risk prioritization and sustained audit readiness across regulated, high-value environments. (PCI DSS Req. 11.3.1, 11.3.2)
    - Built a detailed control mapping matrix for RHEL and Windows Server environments, advising stakeholders on aligning configurations with PCI DSS, CIS, and NIST CSF to enable secure, consistent, and repeatable golden image deployments. (PCI DSS Req. 2.2.1, 2.2.6)
    - Refined PCI DSS scoping through network and dataflow diagram analysis and inventory review, collaborating with PCI consultants and enabling cross-functional teams to reduce audit scope by up to 30%, saving $100K–$250K annually in compliance and operational costs. (PCI DSS Req. 12.5.1, 12.5.2)
    - Performed in-depth firewall audits (SonicWall/Palo Alto), identifying rules, settings, and segmentation gaps that reduced potential exposure to multi-million-dollar compliance and security risks. (PCI DSS Req. 1.2.5, 1.3.1, 1.3.2, 1.4.1)
    PCI DSS Gap analysis Internal Audit Scoping Governance, Risk and Compliance
  • La Poste
    Senior Cybersecurity Compliance Analyst
    CONSULTING AND AUDITS
    October 2023 - July 2025 (1 year and 9 months)
    Paris, France
    - Designed and implemented an enterprise-wide system decommissioning framework, ensuring secure and compliant retirement of over 3,500 VMs and 400 servers, eliminating unsupported systems (PCI DSS Req. 6).
    - Audited change control processes (RFCs) and CMDB entries to validate evidence of decommissioning in compliance with PCI DSS and ISO 27001.
    - Coordinated cross-functional teams during kick-off, scoping, and validation meetings, ensuring compliance with security policies and documentation standards.
    - Delivered detailed audit reports identifying gaps, remediation actions, and risk mitigations, resulting in €10M+ in operational savings while maintaining full compliance.
    Gap analysis PCI DSS Regulatory Compliance Audit IT Gestion de projet IT
  • La Poste
    Cybersecurity Analyst – IT Operations & Compliance Monitoring
    CONSULTING AND AUDITS
    January 2022 - September 2023 (1 year and 8 months)
    Dijon, France
    - Performed vulnerability management and patch audits, validating timely remediation of critical findings for regulated environments (PCI DSS Req. 6.3, 11.2).
    - Conducted incident response documentation, log analysis, and control validation aligned with PCI DSS logging and monitoring requirements (Req. 10).
    - Led server compliance checks and go-live deployment audits, ensuring hardened configurations for production systems.
    - Authored and standardized incident response procedures and technical remediation plans, reducing audit findings by 30%.
    PCI DSS Regulatory Compliance Least Privilege Principles Audit IT Red Hat Linux
Check out Walid's experience

Recommendations

Be the first to recommend Walid

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Bachelor of Cybersecurity (Bac+4)
    Onlineformapro
    2021
    Administrateur d'infrastructures sécurisées- RNCP37680
  • Associate's degree in Computer science
    Onlineformapro
    2020
    Technicien supérieur systèmes et réseaux - RNCP37682

Skill set

Red Hat Enterprise Linux
pfsense
SonicWall
Least Privilege Principles
GRC (Governance, Risk and Compliance)
Security Awareness Training
Risk and Vulnerability Assessment
Windows Server
Zero Trust
Qualys
Nessus
Jira/Confluence
NIST CSF
Cisco Nexus
IT Architecture
IT Project Management
Elastic Stack (ELK)
Conformité RGPD
Palo Alto
F5 BigIP

Categories