forked from Git/tommytran.io
Upload files to "content"
This commit is contained in:
parent
415b4a4edc
commit
0e9794b3c8
83
content/about.md
Normal file
83
content/about.md
Normal file
@ -0,0 +1,83 @@
|
||||
---
|
||||
title: "About Me"
|
||||
date: 2022-12-10T03:22:30+01:00
|
||||
tags: ["about", "olivier falcoz","operational risk management","financial crime","anti-fraud","infosec","cybersecurity","business intelligence","governance","compliance"]
|
||||
author: "Olivier Falcoz"
|
||||
canonicalURL: "https://olivier.falcoz.net/about"
|
||||
hidemeta: true
|
||||
ShowReadingTime: false
|
||||
ShowPostNavLinks: true
|
||||
showtoc: false
|
||||
---
|
||||
|
||||
``$ whoami``
|
||||
|
||||
Hi, my name is Olivier Falcoz.
|
||||
|
||||
I am currently Executive Director at [AGR Asia Solutions](https://agr.asia) Pte. Ltd. a boutique firm providing strategic intelligence and operational risk mitigation services[^1].
|
||||
|
||||
Operational risk management and information systems security are areas in which I have particular expertise.[^2]. I have over 25 years of extensive experience in working with private and government entities across challenging business environments. Over the past 17 years, I have been a partner of choice for SMEs and MNCs across Asia in industries as diverse as electronics, pharmaceuticals, consumer and luxury goods, petrochemicals and construction. I am now based in France.
|
||||
|
||||
## Purpose
|
||||
|
||||
I help protect cyber, intellectual and physical assets. My role is to assist clients consolidate their existing operations or enter new markets by mitigating operational and information security risks throughout the most critical cycles of their investments, namely *planning*, *execution* and *evaluation*.
|
||||
|
||||
I bring my operational risk management approach and strengths to mitigate the risk of financial loss caused by fraudulent activities, financial crime, flawed processes or events that may disrupt business operations.
|
||||
|
||||
My expertise goes beyond just risk management; I integrate information systems security and business process security to mitigate the impact of risk on governance and compliance.
|
||||
|
||||
Please check out my [Services](/services/) page and [Resume](/resume/) for more information.
|
||||
|
||||
---
|
||||
# Contact
|
||||
|
||||
Please [get in touch](#email) if you believe that my skills and expertise could add value to your business, I would be delighted to hear from you. I am on [Linkedin](https://www.linkedin.com/in/olivierfalcoz) should you wish to connect.
|
||||
|
||||
|
||||
|
||||
## Matrix
|
||||
|
||||
Contact me through Matrix[^3] at [@olivier:envs.net](https://matrix.to/#/@olivier:envs.net).
|
||||
![@olivier:envs.net on Matrix](/images/@olivier.envs.net.png)
|
||||
*The privacy policy for the envs.net homeserver is available at [this page](https://envs.net/privacy-policy)*.
|
||||
|
||||
## Email
|
||||
|
||||
Drop me a note at:
|
||||
```
|
||||
olivier |at| falcoz d0t net
|
||||
```
|
||||
|
||||
PGP key [``ed25519/0xCAAD364477DA43C8``](/olivier.falcoz.pgp.key.asc)
|
||||
|
||||
Key fingerprint
|
||||
```
|
||||
26BC C458 2D54 0A23 FE24 0C27 CAAD 3644 77DA 43C8
|
||||
```
|
||||
|
||||
|
||||
## XMPP/Jabber
|
||||
|
||||
You can contact me via XMPP if you were born in the last century:
|
||||
|
||||
```
|
||||
xmpp:x0rg@disroot.org
|
||||
```
|
||||
![x0rg@disroot.org XMPP](/images/xmpp.x0rg@disroot.org.png)
|
||||
|
||||
#### OMEMO[^4] fingerprints ##
|
||||
|
||||
```
|
||||
837df5e5 b4b216db b1f2df50
|
||||
2210a37f a40627fe fe953cf6
|
||||
7c02389b fa3e263e
|
||||
|
||||
03ac3a7a 94c6f01a 3c3c69a3
|
||||
328758f8 ac7dc220 f1ce3002
|
||||
033ab087 d666ce46
|
||||
```
|
||||
|
||||
[^1]: [Operational risk](https://en.wikipedia.org/wiki/Operational_risk) is the risk of losses caused by flawed or failed processes, policies, systems or events that disrupt business operations (Wikipedia).
|
||||
[^2]: [Information systems security (Infosec)](https://en.wikipedia.org/wiki/Information_security) (Wikipedia).
|
||||
[^3]: [Matrix](https://matrix.org/) is a free, open, secure and decentralized protocol for real-time communication
|
||||
[^4]: See [OMEMO E2E encryption protocol](https://en.wikipedia.org/wiki/OMEMO) (Wikipedia)
|
136
content/resume.md
Normal file
136
content/resume.md
Normal file
@ -0,0 +1,136 @@
|
||||
---
|
||||
title: "Olivier Falcoz - Resume"
|
||||
date: 2022-12-07T03:22:27+01:00
|
||||
tags: ["resume","olivier falcoz","operational risk management","financial crime","anti-fraud","infosec","cybersecurity","business intelligence","governance","compliance"]
|
||||
author: "Olivier Falcoz"
|
||||
canonicalURL: "https://olivier.falcoz.net/resume"
|
||||
hidemeta: true
|
||||
ShowReadingTime: false
|
||||
ShowPostNavLinks: true
|
||||
showtoc: false
|
||||
showtags: false
|
||||
---
|
||||
|
||||
## Snapshot Profile
|
||||
``$ Linkedin-style``
|
||||
|
||||
I provide consultancy services in operational risk management and information systems security to counter fraud, financial crime and other business disruptions. Formerly based in Asia Pacific, I am now based in France.
|
||||
|
||||
I am a seasoned professional with 25 years of global risk management experience, including 17 years in Asia, working in challenging and sensitive business environments for both the private sector and government organisations.
|
||||
|
||||
I have successfully delivered complex risk intelligence assignments across various sectors, including as resources, manufacturing, retail and energy in Asia and South East Asia. I have also worked in the Balkans, West and Horn of Africa, Brazil, French Guiana and Afghanistan.
|
||||
|
||||
Data privacy advocate and former Associate Expert at EDHEC Business School [Criminal Risk Management Chair](https://www.edhec.edu/en/mrc/criminal-risks-management-chair), France.
|
||||
|
||||
---
|
||||
## Skills & Abilities
|
||||
|
||||
### Hard Skills
|
||||
|
||||
* Extensive experience in implementing operational risk frameworks and practices, conducting defensive risk mitigation strategies, collecting risk intelligence and searching assets,
|
||||
|
||||
* Extensive knowledge of the compliance and risk functions and of corruption, bribery and financial risk,
|
||||
|
||||
* Information systems security, WebApps audit & vulnerability assessment, data forensics & recovery, cryptography & encryption (GnuPG/PGP, TLS, OMEMO, OTR),
|
||||
|
||||
* SysAdmin (server administration: Debian / Nginx / Apache / NextCloud), Arch Linux advanced user,
|
||||
|
||||
* WebApps beta-tester ([mailfence.com](https://mailfence.com)), data privacy advocate (FLOSS, LibreOffice, XMPP, Android custom ROMs).
|
||||
|
||||
### Soft Skills
|
||||
|
||||
* Unique capacity to adapt myself to changing environments, understand corporate cultures and provide C-level executives with actionable intelligence,
|
||||
|
||||
* Ability to manage cross-functional teams, increasing engagement by integrating and consolidating multiple practices into a single centralised group function.
|
||||
|
||||
* Ability to track and manage complex projects, lead and supervise teams, and react quickly with discretion and good judgment in high-profile and sensitive situations.
|
||||
|
||||
* Well sharp reporting, negotiations and decision-making skills; determined and decisive; experienced in working with influencing stakeholders.
|
||||
|
||||
### Sport
|
||||
|
||||
`Mountain biking` avid Enduro and downhill mountain biker, co-organizer of the first [Enduro Asia MTB](https://enduroasiamtb.tumblr.com/post/55587094114/enduro-mtb-in-asia-our-story) race in Malaysia, [supported by Red Bull](https://www.redbull.com/my-en/riders-unite-enduro-takes-on-malaysia) (2013)
|
||||
`Muay Thai` years
|
||||
`Scuba diving` PADI Certified Divemaster (2011)
|
||||
|
||||
### Languages
|
||||
|
||||
`English:` full professional proficiency
|
||||
`French:` native
|
||||
|
||||
---
|
||||
## Experience
|
||||
|
||||
### Risk & Information Security
|
||||
|
||||
→ Conduct risk audits & vulnerability assessments, design contingency & business continuity plans against a variety of possible crisis situations including terrorism for major corporations (*Nestlé Malaysia & Thailand, Lafarge Malaysia*).
|
||||
|
||||
→ Take responsibility, as a project manager of large scale or complex international projects in collaboration with the COO (*Beiersdorf, B|Braun, BNP, Carrefour, Diageo, Lafarge, LVMH, Pernod-Ricard, P&G, Pfizer, Tesco, Total SA*).
|
||||
|
||||
→ As an expert in the risk management field, take direct responsibility over critical operational projects (security audit of *Sodexo Security Services for China*).
|
||||
|
||||
→ Conduct cybersecurity audits, test and harden information systems security policies and tools, perform data recovery & forensic analysis. Implement cyber & operational clients risk management frameworks across various clients business units.
|
||||
|
||||
### Risk Mitigation & Intelligence
|
||||
|
||||
→ Design & implement market entry/exit strategies and political, country and stakeholders risk mitigation solutions in sensitive environments (*Danone Malaysia, Safran Helicopter Engines SEA*).
|
||||
|
||||
→ Perform corporate intelligence search on fraud, criminality, counterfeiting and corruption across finance, production, purchasing and supply chain, advise and implement risks remediation solutions (*B|Braun, DCNS, Cold Storage, Danone Thailand & Cambodia, Tesco*).
|
||||
|
||||
→ Management of the stakeholders risk mitigation strategy for a USD2.5B oil project in South East Asia (Technip/JGC Vietnam).
|
||||
|
||||
→ Identify and assess new projects in China, Mongolia, Laos, Afghanistan, Qatar, Yemen, Papua New-Guinea, Vietnam, Thailand, Laos.
|
||||
|
||||
### Operations & Management
|
||||
|
||||
→ In charge of a firm’s risk strategy consulting practice for Malaysia, Thailand, Vietnam, Cambodia and occasionally other SEA countries. Conduct audits, design and implement complex risk management strategies with a focus on criminal security risks.
|
||||
|
||||
→ In charge of the Business Development & Marketing department, take part of the group strategy definition and implementation in 8 Asian countries, take responsibility for business growth and client satisfaction (China, Cambodia, Indonesia, Lao, Malaysia, Singapore, Thailand, Vietnam).
|
||||
|
||||
→ Management of *remote site* camp services for oil & gas, mining and construction industries - hospitality services, catering and security in remote and demanding environments (*Ivanhoe Mines Mongolia, EDF Lao, Technip China*).
|
||||
|
||||
→ Conduct full project acquisition cycle from tender development to contract negotiation. Plan and budget finance and operations, recruit teams, define staff mobilization programs. Take operational and financial control responsibilities.
|
||||
|
||||
→ Company creation and management. Take responsibilities for *greenfield* startup and development in Afghanistan and Laos.
|
||||
|
||||
---
|
||||
## Career History
|
||||
|
||||
* Executive Director - [AGR Asia Solutions](https://agr.asia) Pte. Ltd.[^1]
|
||||
Malaysia, Singapore then France `2019 → present`
|
||||
|
||||
* Managing Partner - [AGR Asia](https://agr.asia) Sdn. Bhd.[^2]
|
||||
Kuala Lumpur, Malaysia `2015 → 2020`
|
||||
|
||||
* Company Advisor to [Asia Global Risk](https://asia-global-risk.com) Ltd. & personal projects
|
||||
Kuala Lumpur, Malaysia `2011 → 2015`
|
||||
|
||||
* VP & Business Development Director - [Asia Global Risk](https://asia-global-risk.com) Ltd.
|
||||
Kuala Lumpur, Malaysia `2009 → 2010`
|
||||
|
||||
* Co-Founder & Director - Opus Risk Management HK Ltd.
|
||||
Shanghai, China `2006 → 2009`
|
||||
|
||||
* Managing Director - Operations (Remote Site Division) [Aden Services](https://adenservices.com/en)
|
||||
Shanghai, China `2003 → 2005`
|
||||
|
||||
* Officer - [French Foreign Legion](https://www.legion-etrangere.com/)
|
||||
Multiple roles from Combat Platoon Leader to Captain Commander of the French Jungle Warfare Center, 3e REI French Guiana. Previously served with the 13DBLE in
|
||||
Djibouti and the 2REI, France. `1994 → 2003`
|
||||
|
||||
---
|
||||
## Licenses & Certifications
|
||||
|
||||
* Executive Certificate, Cybersecurity - Harvard University ``2019``
|
||||
* PADI Divemaster ``2011``
|
||||
* [Curso de Operações Na Selva](https://cigs.eb.mil.br/) - CIGS Jungle Warfare Center, Manaus, Brazil ``2001``
|
||||
|
||||
---
|
||||
## Education
|
||||
|
||||
- **Infantry Warfare School** - Saint-Cyr Military Academy Graduate by Equivalence, France ``1998``
|
||||
- **Post-Master Degree of Business Administration (DESS)** - Major in Mergers, Acquisition and Business creation, Bordeaux I University, France ``1994``
|
||||
- **Master Degree of Business Administration** - Major in Corporate Finance, Mergers & Acquisition, Paris IX Dauphine University, France ``1993``
|
||||
|
||||
[^1]: **AGR Asia Solutions Pte. Ltd.** is the successor to both **Asia Global Risk Ltd.**, a company with over 30 years of experience in Asia and **Amarante International Asia Pte. Ltd.**, established in Singapore in 2018. In 2023, it was decided to bring the companies together under a single banner.
|
||||
[^2]: ex Asia Global Risk Ltd.
|
52
content/services.md
Normal file
52
content/services.md
Normal file
@ -0,0 +1,52 @@
|
||||
---
|
||||
title: "Services"
|
||||
date: 2022-12-09T03:22:29+01:00
|
||||
tags: ["services", "olivier falcoz","risk intelligence","risk management","cybersecurity","infosec"]
|
||||
author: "Olivier Falcoz"
|
||||
canonicalURL: "https://olivier.falcoz.net/services"
|
||||
hidemeta: true
|
||||
ShowReadingTime: false
|
||||
ShowPostNavLinks: true
|
||||
showtoc: false
|
||||
---
|
||||
## Strategic Risk Intelligence
|
||||
|
||||
``$ whatis:``
|
||||
|
||||
* Identify and mitigate the risk of loss caused by flawed or failed processes, policies, systems or events that may disrupt business operations.
|
||||
* Identify and mitigate economic, security and criminal risks associated with business operations
|
||||
* Align asset governance structure with business objectives
|
||||
* Provide accurate and actionable intelligence, develop and enforce effective intelligence collection policies
|
||||
* Identify competititors' strategies, regulatory or government interference, corruption, criminality, fraud and intellectual property abuse
|
||||
* Increase operational resilience and minimise operational disruption to the organisation
|
||||
|
||||
``$ howto:``
|
||||
|
||||
- Background check, due diligence / enhanced due diligence
|
||||
- Business counter-intelligence
|
||||
- Asset tracking & recovery
|
||||
- IP rights investigation & enforcement
|
||||
- Fraud & counterfeiting search
|
||||
- Project risk analysis & remediation
|
||||
|
||||
|
||||
## Protect Cybersecurity Assets
|
||||
``$ whatis:``
|
||||
|
||||
* Secure *mission-critical* and *business-critical* assets e.g. information systems, intellectual property, physical assets
|
||||
* Enforce the confidentiality, integrity, and availability of information systems and assets
|
||||
* Reduce the impact of security breaches on information assets
|
||||
* Strategically align cybersecurity efforts with business strategies to support organizational objectives
|
||||
* Effectively manage cybersecurity knowledge among staff
|
||||
|
||||
``$ howto:``
|
||||
|
||||
- Business Impact Analysis : identify critical systems, networks and data
|
||||
- Threat modeling, identify methods of attack
|
||||
- Identify systems vulnerabilities; patch systems
|
||||
- Enhance security posture, test & harden the perimeter
|
||||
- Adopt defensive strategies
|
||||
- Design systems & procedures with data security & privacy in mind
|
||||
- Follow to industry standards, train users
|
||||
- Raise cybersecurity awareness and staff training
|
||||
|
Loading…
Reference in New Issue
Block a user