Maxime Legas

MAXIME LEGAS

Information Systems Security Manager

ISC2 CISSP Certified

Email Courbevoie, France

Profile

Senior CISO certified CISSP, expert in governance and compliance (ISO 27001, 27018, HDS). Business-oriented and focused on continuous improvement, I manage security strategy and risk management to support Cloud service growth. With strong transverse leadership, I ensure team cyber acculturation and strategic reporting to executive management.

Skills

Governance, Risk & Compliance

  • Frameworks Expertise ISO 27001, 27018, 20000 and HDS.
  • Risk Management Risk analysis according to ISO 27005.
  • Audit Steering certification audits and internal audits.
  • Generative AI Governance Defining usage charter, analyzing risks related to LLMs (Large Language Models) and assessing solution security (Prompt Injection, Data Privacy).

Strategy & Cyber Steering

  • Performance Steering Defining objectives, KPIs and continuous improvement (PDCA cycle).
  • Resilience Business Continuity Management (BCP/DRP) and capacity planning.Crisis Management.
  • Defensive Expertise Orchestrating SIEM, EDR and XDR solutions.

Leadership & Management

  • Transverse Management Leading Security Committees and coordinating multidisciplinary teams.
  • Acculturation Coaching, training and staff awareness.
  • English Ability to evolve in an international environment.

Professional Experience

CISO

Since January 2020
Xelya | Saint Cloud, France
  • Governance & Certification: Steering the compliance program and obtaining ISO 27001, 27018, 20000 and HDS certifications. SMSI Steering.
  • Strategic Steering: Leading the Security Committee, defining strategic objectives, KPIs and steering continuous improvement.
  • Operational Security: Orchestrating the deployment of detection and incident response solutions (SIEM, EDR, XDR).
  • AI Strategy Steering: Establishing the governance framework for Generative AI usage; in-depth technical watch on model models to ensure data leak prevention and GDPR compliance.
  • Transverse Leadership: Acculturating teams to cyber issues and managing relationships with external auditors.

Associate Director – Focus CIO & Innovation

January 2006 – December 2019
Xelya | Saint Cloud, France
  • Cloud Strategy: Design and implementation of a hybrid Cloud infrastructure based on Microsoft 365 and Azure.
  • Innovation & R&D: Directing research projects on hosted services for IT and telecom convergence.
  • Management & Development: Recruitment, coaching and training technical teams to support company growth.
  • Business Development: Pre-sales support and strategic consulting for key accounts on innovative solutions.

IT Manager

September 2001 – November 2005
Wall Street Systems | Sophia-Antipolis, France
  • International Management: Leading a technical team of 5 people in a multicultural environment.
  • Bilingual Communication: Daily use of English for project coordination and support for international users.
  • Architecture & Deployment: Design and implementation of systems, local networks and WAN infrastructure.
  • Asset Management & Security: Responsible for the complete IT purchasing cycle, maintenance and fine-grained access rights management.

Customer Support Engineer / Systems & Network

October 1998 – August 2001
Wall Street Systems | Sophia-Antipolis, France
  • Client Relations & Deployment: Needs analysis, defining specifications and on-site installation of complex financial solutions (Finance Kit).
  • Pre-sales Support: Technical support during sales phases to validate the feasibility of proposed architectures.
  • Reactivity & Mobility: Carrying out missions on client sites requiring high autonomy and technical adaptability.

EDUCATION

Computer Science Engineering Degree

Polytech'Nice-Sophia

DUT Computer Science

University Bordeaux I

ENGAGEMENTS & INTERESTS

  • CSR: Member of the CSR Committee, facilitator of the Climate Fresk and Digital Fresk.
  • Sports & Balance: Regular practice of Yoga and CrossFit, hiking and cycling.