Information Security Management
Senden Sie diesem Kandidaten direkt ein Jobangebot
Information security professional with extensive experience in designing security solutions in highly regulated environments. Rich expertise in developing and maintaining security policies and procedures inline with international and industry standards. Providing risk management and advisory to technical as well as business stakeholders.
Director - Security Architect (Global Drug Development)
02/2018 – Now
Designing security architecture for extra large & complex solutions for such areas as: Patient Safety, Clinical Operations, Analytics, Data Management, Generics, Biosimilars, Technical Research & Development (TRD) & Labs, Regulatory and Medical & Digital.
Novartis core business initiatives by providing security guidance to ensure global compliance and reduce risks – both technical and regulatory. Reviewing existing IT solutions to identify security design gaps and suggest enhancements. Developing and documenting security guidelines and design principles. Managing a geographically dispersed team of security architects and business information security experts (BISE).
BSI Cyber Security & Information Resilience
03/2016 – 02/2018
Developing effective Information Security strategies for corporate customers and providing advice on Cyber Security and Risk Management matters as well as supervising implementation of the controls. Involved in risk assessments, privacy impact analysis, gap analysis, architecture reviews, compliance audits and awareness training programs. Customer-facing engagements including such roles as Trusted Security Advisor, Security Architect or CISO.
Member of the Leadership Team – providing coaching and guidance and training to staff members. Business development. Regulatory & compliance frameworks: NIST CSF, PCI DSS, ISO 27001, ISO 9001, GDPR, SOX, CREST, Central Bank regulations.
EMEA Head of Application Security
01/2015 – 04/2016
Cyber Risk management and Information security strategy development - financial applications security(SOX), developing global PCI compliance model for the Group, Data Lifecycle Management, secure application development).
Cyber innovation strategy – developing Operation Model for outsourced teams (APAC HUB in India). Vendor relationship management. Member of Group Information Security EMEA HUB Leadership Team. Supervising execution of internal and external audits. Management of geographically dispersed teams in Europe and Asia.
MIG Swiss Forex Bank (Switzerland)
10/2011 – 12/2014
Bank’s Information Security Officer (Group function)
Acting as Group CISO responsible for managing all aspects of Information Security and IT Security of the Bank. Managing ISMS – developing and implementing security program for all Group structures (policies, awareness and training, assurance reporting, business continuity). Responsible for maintaining bank's ISO 27001 certification/re-certification. Reporting directly to Chief Risk Officer and CIO.
AIB (Ireland) – commercial bank
01/2006 – 09/2011
Analysing security threats and providing expert advice regarding complex cyber-crime cases, secure IT architectures and business processes in order to achieve defense-in-depth. Managing the security improvement program (Data Leakage Prevention, IAM, Document Circulation Security). Cooperation with peer institutions international bodies and law enforcement in counter cyber-crime activities. Account management.
Baltimore Technologies /Betrusted / Cybertrust (UK) Ltd – security solutions vendor
08/2000 – 12/2005
Solutions Consultant/Business Development Manager
Providing consultancy services to high profile customers (central banks, government institutions, telecommunication companies) in the field of IT security covering areas of identity management and access management based on Public Key Infrastructure (PKI).
WBK SA – (commercial bank)
04/1994 – 07/2000
Developing and implementing IT security policies to meet corporate security standards. Adjusting security processes to fulfil compliance requirements. Monitoring systems and networks for security vulnerabilities and breaches. Co‑designed, implemented and maintained bank’s MIS system.
MSc in Computer Science (Digital Investigations & Forensic Computing)
2008 - 2011
UCD, Dublin, Ireland
MSc in Mathematics (Numerical Methods and Programming) 1988 -1994
Adam Mickiewicz University, Poznan, Poland
Certifications:
