Informationssikkerhed - GRC Jyllinge, Denmark

Könnte verfügbar sein

(Aktualisiert 2024-03-01)

Informationssikkerhed - GRC

Jyllinge, Denmark

Einheimische Danish, English, Fließend Svenska, Mittelstufe German

  • GDPR
  • NIS2 Network and Information Security
  • ISO/IEC 27001/2

Fähigkeiten (27)

Scrum

CISA

Incident Management

Risk Management

ISO/IEC 27001

MICROSOFT VISIO

Confluence

MICROSOFT OFFICE

Agile

NIS 2

ISO/IEC 27002

Jira

QA

AUDIT

GDPR / Databeskyttelse

SYSTEM SECURITY

FSA

PROJECT PLANNING

SCHEDULING

IT Infrastructure Library

PMI

ITIL

PROJECT SCHEDULING

TRADING

CCNA

FLEXIBLE SPENDING ACCOUNT

MCSE

Zusammenfassung

Senior consultant specialized in governance, risk, and compliance, information security, quality assurance, and process optimization with extensive experience in team leadership, management advisory, and communication.

With years of consultancy in security and compliance, the consultant serves as a key player for teams, leading in compliance and quality assurance. He possesses extensive expertise in NIS2, GDPR, ISO/IEC standards, CIS 18, and internal policy compliance. His blend of expertise as a Certified Data Protection Officer (DPO), an ISO/IEC 27001/02 auditor, business continuity and risk management, coupled with his proficiency in Agile methodologies, he contributes with solid knowledge without compromising business aspects.

The consultant is experienced in ITIL and is also trained as a Scrum Master in an agile SAFe environment. He has a good broad technical background, which ensures quality sparring and understanding with all layers of the company. This experience can e.g., be used to ensure precise documentation.

Likewise, the consultant has plenty of good experience in advising on optimization of workflows, organizational changes, and is good at getting the best out of different personalities.

The consultant has solid experience with, among other things, certification projects, transition projects, security and infrastructure projects/roll out, management of ITIL incident management, coordination, and interdisciplinary project management and guidance.

The consultant is a service-minded team-player with a diplomatic demeanor and has a holistic and pragmatic approach.

 

Summary of the latest assignments

·        Most recently, the consultant held the position of information security specialist at Ørsted. This was a leading role in a team where the security of the company’s IT/OT maturity had to be measured according to ISO/IEC 27001, NIS2, NIST, and other international and sector-specific security standards, and the company should be audited according to ISO/IEC 27001, ISO/IEC 27019, and a German equivalent in the energy sector. Deviations were identified, conducted, and implementation measures were established to ensure that the company passed the certification.

·        In the period 2020-2023, the consultant represented Deloitte, and consulted Udviklings- og Forenklingsstyrelsen in compliance, auditing, quality assurance, and process optimization. As a team leader in compliance and quality assurance he established and ensured compliance gap analyses, deviation statements and prepared instructions to handle gaps, which formed the basis for the team’s continued work. He ensured the right quality and security level in accordance with ISO/IEC 27001 standard, GDPR, and internal policies and guidelines through internal auditing.

Berufserfahrung

Rådgiver vedrørende GDPR
ITSikkerhedsGruppen

2020-01 - 2020-01

Rådgivning og support til selvstændige konsulenter samt små startup virksomheder.
Rådgivning til mindre virksomheder indenfor GDPR og informationssikkerhed Påbegyndt samarbejde med Cyber Hub Danmark.
Opgaver/Ansvar: ● Rådgiver vedrørende GDPR ● Rådgiver vedrørende dokumentation med Confluence ● Rådgiver indenfor Best Practice af it-sikkerhed
Compliance- and Business Analyst Specialist
Nordea

2016-01 - 2019-01

A large international IAM (Identity and Access Management) security project.

Based on audit findings from FSA (Financial Supervisory Authority) and ECB (European Central Bank), the project had to deliver sustainable solutions. Segregation of Duty (SoD), risk- and Access Right Management was the foundation of the program.

The consultant also worked with areas which required special attention and results which were critical for ECB milestones.

As a certified Scrum Master the consultant was advisor for other Scrum Masters and was also Scrum Master himself. The consultant was also responsible for several other tasks. E.g. implementing the use of a documentation system (Confluence) and to ensure adequate quality control and documentation of the programs systems, architecture, processes, work instructions, document life cycle etc.

Information Security Specialist
Ørsted

2023-07 - 2024-01

As part of a series of security certifications and audits both domestically and internationally, the consultant was the expert in ensuring adequate compliance with IT/OT security requirements according to various standards such as ISO/IEC 27001/2, ISO/IEC 27019, GDPR, NIS 2, NIST 800-53, and IEC 62443. The consultant provided advisory support to cross-functional teams in compliance, quality assurance, risk management, and governance, and partially served as a project manager when necessary.

The consultant acted as a key advisor for management and project managers, ensuring the necessary documentation for audits. Analyses of existing governance setups and ISMS were also conducted, evaluating policies, processes, implementation levels, mechanisms, and gap analyses.

Furthermore, the consultant provided advisory support in the development of a new QMS (Quality Management System), which included an operational manual framework ensuring conformance and alignment with the organization's requirements and processes.

The consultant also delivered ad-hoc training to other teams on risk management and compliance according to applicable standards.

Tasks/Responsibilities:
- Subject Matter Expert in compliance and audit for ISO/IEC 27001/2, ISO/IEC 27019, GDPR, NIST CSF 800-53, IEC 62443
- Gap analysis according to standards
- Quality assurance
- Advisory support in risk management framework and governance structure
- Management advisory

Zertifikate

Agile Project Scheduling and Monitoring (part of the PMI Agile Certified Practitioner)
Agile Principles and Methodologies (part of the PMI Agile Certified Practitioner)
Certified Information Privacy Professional/Europe
BCCPA, Blue Coat Certified Proxy Administrator
CCNA, Cisco Certified Network Associate
VCP (VMware Certified Professional)
Cisco Certified Network Associate
CNE (Certified Novell Engineer)
VMware Certified Professional
Certified Network Associate
Certified Novell Engineer
Cisco Certified Network
Certified Practitioner
Certified Novell
Cisco Certified
CISSP
MCSE
MCSA
CISA
CCNA
CNE

Berater kontaktieren

/