Mayer Nicolas
23 fourche des jumeaux
F-57100 THIONVILLE

Personal details

• Date of Birth: May 29th, 1982, in Thionville, France
• Citizenship: French
• Holder of a driving licence

Education

• 2009: PhD in Computer science at the University of Namur, Belgium
  Title: Model-based Management of Information System Security Risk


• 2004: Master of Science (DEA) in Computer Science at the University Henri Poincaré, France
  Area : Telecommunications, Networks and Services
• Internship at the Centre de Recherche Public Gabriel Lippmann (Luxembourg)
  Topic: Modelling and e-Contracting in Virtual Organisations


• 2004: Master of Engineering (Engineer degree) at ESSTIN (Ecole Supérieure des Sciences et des Technologies de l'Ingénieur de Nancy)
• Industrial project in 2003 for NOVASEP: Development of a secure website for online consumables selling
• Industrial project in 2002 for SOVITEC: Analysis of a traceability system for the production of glass microbeads (design, database implementation and exploitation, automatic information acquisition)


• 1999: Baccalauréat, area of Science, option: Physics-Chemistry (Lycée Charlemagne, Thionville, France)

Professional experience

• From 2010-12: Chargé de mission at the Economic Interest Group "Agence pour la Normalisation et l'Economie de la Connaissance" in charge of the development and follow-up for ILNAS of the IT standardization field
• Follow-up of the ISO/IEC JTC1 (Joint Technical Committee 1) standardization committee, that is the reference committee of ISO and IEC for IT standardization
• Follow-up of the ISO/IEC JTC1/SC38/WG3 working group, that is the reference committee of ISO and IEC for Cloud Computing standardization
• Management of the "ISO/IEC JTC1 Forum" and organization of the "ISO/IEC JTC1 National Day" that are the platforms for IT standardization communication in Luxembourg
• Standardization awareness and trainings
• Management and development of research projects for ILNAS


• 2009-01 to 2010-11: Product Manager at the Centre de Recherche Public Henri Tudor, in charge of the business line Security & Continuity Management
• Management of the set of products and services related to information security
• Scientific coordination of the research team in information security
• Research work and industrial applications in risk management, business continuity management, security standards, security policy and records management (within the following projects: ISMS-PME, NormaFi-IT, CASSIS SECURITE 2, TAO ICASE)
• Development of a toolset related to the ISO/IEC 27001 standard
• Assistance in the establishment and management of the Information Security Management Systems (ISMS) of:
  • IfOnline (ISO/IEC 27001 certification in 2011)
  • Luxembourg’s Ministry of the Economy and Foreign Trade
  • Luxembourg Airport Authority
  • Streff
  • Sandstone
  • Luxembourg e-Archiving (ISO/IEC 27001 certification in 2011)
  • European Court of Auditors
• Partnership development and presales activities
• Trainings about risk management and the ISO/IEC 2700x series of standard
• Publication of scientific and professional articles
• Project and PhD definition


• 2004-09 to 2008-12: R&D Engineer at the Centre de Recherche Public Henri Tudor
• Scientific watch in the information security field
• Development of a risk management framework and method
• Development of a security requirements identification method
• Assistance in the establishment of the Information Security Management System (ISMS) of Codasystem (ISO/IEC 27001 certification in 2008)
• Trainings about risk management
• Publication of scientific and professional articles
• Working in the following projects:
• ACCES-PME (FNR project)
• LINKALL
• SECURE PME (FEDER project)
• RISK-DESANA (FNR project)
• CASSIS SECURITE


• Student works
• August 2003: Internship at the Centre de Recherche Public Gabriel Lippmann
  Topic: Design and implementation of an IT inventory application in PHP


• July 2002: Internship at the Centre de Recherche Public Henri Tudor
  Topic: State of the art on GroupWare tools

Additional qualification and certification

• 2007: ISO/IEC 27001 Lead Implementer
• 2007: ISO/IEC 27001 Lead Auditor
• 2006: ISO/IEC 15504, process assessor
• 2005: ITIL Foundation, certificated in IT-Service Management
• 2004: CISCO network certification (CCNA level 4)

Language skills

Language	Ability to Listen	Ability to Read	Ability to Speak	Ability to Write
French	Proficient user (C2)	Proficient user (C2)	Proficient user (C2)	Proficient user (C2)
English	Proficient user (C1)	Proficient user (C1)	Proficient user (C1)	Proficient user (C1)
German	Independent user (B1)	Independent user (B1)	Independent user (B1)	Independent user (B1)
Luxembourgish	Basic speaker (A2)	Basic speaker (A2)	Basic speaker (A2)	Basic speaker (A2)

Teaching

• University Paul Verlaine (Metz), Master SSIC (Sécurité des Systèmes d'Information et de Communication), lecturer from 2007


• University of Luxembourg, Master MSSI (Management de la Sécurité des Systèmes d'Information), lecturer from 2008


• Other (irregular) lectures:
  • University of Namur, Master level (2006)
  • ICHEC Brussels Management School, Infosafe certificate (2007)

Professional association and standardization committees

• Member of the following standardization technical committees:
• ISO/IEC JTC1 - Information technology
• ISO/IEC JTC1/SC38 - Distributed application platforms and services (DAPS), mainly SG1 on Cloud Computing
• From 2007 to 2010: ISO/IEC JTC1/SC27 - IT security techniques, mainly WG1 on Security services and guidelines


• Member of CLUSIL (CLUb de la Sécurité de l'Information Luxembourg) from 2005 to 2011