Chief Information Security Officer

Responsibilities:

Information security:

• Directs the development, implementation, delivery and support of an enterprise information security strategy aligned with the business strategy.
• Ensures compliance between business strategies and information security.

Governance:

• Directs the definition, implementation, and monitoring of the governance framework to meet the organisation's obligations under regulation, law, or contracts.
• Provides leadership, direc:tion, and oversight for an organisation's governance activities.

Risk management:

• Establishes organisational strategy for risk management.
• Defines and communicates the organisation's appetite for risk.

Information management:

• Establishes and communicates the organisation's information management strategy.
• Specifies at a strategic level the information needed to support the business strategy and business functions.

Information assurance:

• Directs the creation and review of an enterprise information assurance strategy to support the strategic requirements of the business.

• Ensures compliance between business strategies and information assurance by setting strategies, policies, standards and practices.

Stakeholder relationship management:

• Determines the strategic approach to understanding stakeholder objectives and requirements.

• Works with all interested parties to identify stakeholders and establish effective relationships. Establishes and promotes the overall vision for how stakeholder objectives are met and determines organisational roles and alignment.

Mission:

Responsible for leading the development and execution of security strategies and policies within VERMEG

Certifications:

GDPR Foundation
Lead Auditor ISO/IEC 27001
ISO 27001 Lead Implementer
ISO 27001 Foundation
ISO/IEC 27032 Lead
ISO 22301 Lead Implementer
CISA Certified Information Systems Auditor