Raoul Elysée

Regulated Industry Authority

Nearly 19 years embedded in regulated financial institutions — across pension, insurance and compliance — provide a ground-level understanding of regulatory mechanics, fiduciary risk, and audit processes that most architects lack.

• →6 years pension & insurance compliance consulting (1st & 2nd line of defense)
• →IT Security Coordination within a regulated enterprise environment
• →Claims and risk operations experience
• →Deep familiarity with PIPEDA, Loi 25, Insurance Act, Loi RCR, CCQ, PCI DSS

Cross-Functional Executive Interface

Proven ability to operate across all organizational layers — from development and architecture teams to audit committees and executive boards — translating risk into business language and business intent into architecture.

• →Collaboration with internal audit, IT compliance, and enterprise architects
• →Stakeholder awareness programs and business unit engagement
• →Risk governance alignment across technical, compliance, and executive functions
• →10+ years board-level governance as co-ownership president

Applied AI & Security R&D

Every recommendation is grounded in hands-on experimentation. A private AI and security lab running production-grade deployments, continuous tooling validation, and applied vulnerability research.

• →Private VPS with self-hosted AI infrastructure
• →Graph RAG with Neo4j + Qdrant in production
• →Security tooling validation and exploit research
• →40+ LLMs tested — open source and cloud

Security Architecture & IAM

Enterprise IAM/CIAM strategy, Zero Trust implementation, privileged access controls, and threat modeling (STRIDE/MITRE ATT&CK). Secure design from architecture phase through production.

Governance, Risk & Compliance

6 years as regulatory compliance consultant in pension and insurance sectors at Canada Life and London Life, across both 1st and 2nd lines of defense. Delivered strategic risk advisory on a broad regulatory landscape — PIPEDA, Loi 25, Insurance Act, Loi RCR, CCQ, PCI DSS, NIST, and ISO 27001 — and enterprise risk exposure. Led stakeholder awareness initiatives and collaborated with business units to translate complex compliance requirements into operational practices — driving maturity through continuous improvement programs, KPIs, and KCIs.

AI & Agentic Engineering

Production multi-agent systems using OpenAI Agent SDK, CrewAI, LangGraph, and AutoGen. Hands-on experience with 40+ LLMs — open source (Ollama) and cloud. Vector databases, Graph RAG (Neo4j + Qdrant), and MCP integrations.

DevSecOps & Application Security

Secure CI/CD pipelines integrating SCA, SAST, and DAST (Azure DevOps). OWASP Top 10 remediation, vulnerability management using Nessus, Burp Suite, and DefectDojo, and SSDLC implementation. Security automation with Python and PowerShell. 10+ years of development across web (React, Next.js), mobile (Flutter), and security tooling.

Cloud Architecture & MLOps

End-to-end AI deployment on AWS, Azure, GCP, Vercel, and private VPS environments — including self-hosted open-source vector databases and RAG systems for data sovereignty use cases. Infrastructure as Code with Terraform and GitHub Actions CI/CD.

Personal AI representative on a fully serverless AWS architecture: CloudFront, API Gateway, S3, Lambda, and Amazon Bedrock for LLM inference. Provisioned with Terraform and automated through GitHub Actions CI/CD.

Current mandate as principal cybersecurity advisor in a regulated healthcare organization. Leading vulnerability management programs and coordinating penetration testing. Conducting threat modeling and risk assessments. Implementing DevSecOps pipelines with SCA, SAST, and DAST tooling. Driving security automation through Power Apps, Python, and PowerShell. Authoring security guides and defining security requirements for RFPs.

AI legal assistant trained on Quebec and Canadian law using Graph RAG: a Neo4j knowledge graph combined with a Qdrant vector database for semantic retrieval. Delivers precise article-level citations. Targeting LegalTech commercialization.

Business and enterprise architecture roles within the governance function of a major financial institution. Strategic advisory to executive committees on security investment prioritization aligned with enterprise risk reduction. Validated project relevance and funding continuity through structured value and risk posture impact analyses. Directed the project selection process to ensure alignment between technological capabilities and the institution's business ambitions.

Expert governance mandate within the IAM function of a major financial institution. Defined IAM policies, standards, and governance frameworks aligned with enterprise risk objectives. Assessed organizational maturity and directed external security consultants. Previously held a principal IT analyst and security SME role in an enterprise architecture context — delivering structured security analyses and pragmatic, framework-aligned recommendations (NIST, CIS, TOGAF) to architecture teams and executive decision-makers.

Production voice cloning app deployed on Hugging Face. Separately: on-device inference experiments with a Raspberry Pi 5 and AI Hat+2 for real-time computer vision and a Pi Dog robot — stress-testing open source models at the edge.

Engineering across all major agentic frameworks: OpenAI Agent SDK, CrewAI, LangGraph, AutoGen, and MCP (40+ tool integrations). Includes deep research agents, SDR sales agents, simulated dev teams via Docker, and a financial analysis floor.