Kan være tilgængelig
(Opdateret 2024-03-01)Informationssikkerhed - GRC
Jyllinge, Denmark
Modersmål Danish, English, Flydende Svenska, Øvet German
- GDPR
- NIS2 Network and Information Security
- ISO/IEC 27001/2
Kvalifikationer (27)
Scrum
CISA
Incident Management
Risk Management
ISO/IEC 27001
MICROSOFT VISIO
Confluence
MICROSOFT OFFICE
Agile
NIS 2
ISO/IEC 27002
Jira
QA
AUDIT
GDPR / Databeskyttelse
SYSTEM SECURITY
FSA
PROJECT PLANNING
SCHEDULING
IT Infrastructure Library
PMI
ITIL
PROJECT SCHEDULING
TRADING
CCNA
FLEXIBLE SPENDING ACCOUNT
MCSE
Resumé
Senior consultant specialized in governance, risk, and compliance, information security, quality assurance, and process optimization with extensive experience in team leadership, management advisory, and communication.
With years of consultancy in security and compliance, the consultant serves as a key player for teams, leading in compliance and quality assurance. He possesses extensive expertise in NIS2, GDPR, ISO/IEC standards, CIS 18, and internal policy compliance. His blend of expertise as a Certified Data Protection Officer (DPO), an ISO/IEC 27001/02 auditor, business continuity and risk management, coupled with his proficiency in Agile methodologies, he contributes with solid knowledge without compromising business aspects.
The consultant is experienced in ITIL and is also trained as a Scrum Master in an agile SAFe environment. He has a good broad technical background, which ensures quality sparring and understanding with all layers of the company. This experience can e.g., be used to ensure precise documentation.
Likewise, the consultant has plenty of good experience in advising on optimization of workflows, organizational changes, and is good at getting the best out of different personalities.
The consultant has solid experience with, among other things, certification projects, transition projects, security and infrastructure projects/roll out, management of ITIL incident management, coordination, and interdisciplinary project management and guidance.
The consultant is a service-minded team-player with a diplomatic demeanor and has a holistic and pragmatic approach.
Summary of the latest assignments
· Most recently, the consultant held the position of information security specialist at Ørsted. This was a leading role in a team where the security of the company’s IT/OT maturity had to be measured according to ISO/IEC 27001, NIS2, NIST, and other international and sector-specific security standards, and the company should be audited according to ISO/IEC 27001, ISO/IEC 27019, and a German equivalent in the energy sector. Deviations were identified, conducted, and implementation measures were established to ensure that the company passed the certification.
· In the period 2020-2023, the consultant represented Deloitte, and consulted Udviklings- og Forenklingsstyrelsen in compliance, auditing, quality assurance, and process optimization. As a team leader in compliance and quality assurance he established and ensured compliance gap analyses, deviation statements and prepared instructions to handle gaps, which formed the basis for the team’s continued work. He ensured the right quality and security level in accordance with ISO/IEC 27001 standard, GDPR, and internal policies and guidelines through internal auditing.
Professionel erfaring
2020-01 - 2020-01
Rådgivning til mindre virksomheder indenfor GDPR og informationssikkerhed Påbegyndt samarbejde med Cyber Hub Danmark.
Opgaver/Ansvar: ● Rådgiver vedrørende GDPR ● Rådgiver vedrørende dokumentation med Confluence ● Rådgiver indenfor Best Practice af it-sikkerhed
2016-01 - 2019-01
A large international IAM (Identity and Access Management) security project.
Based on audit findings from FSA (Financial Supervisory Authority) and ECB (European Central Bank), the project had to deliver sustainable solutions. Segregation of Duty (SoD), risk- and Access Right Management was the foundation of the program.
The consultant also worked with areas which required special attention and results which were critical for ECB milestones.
As a certified Scrum Master the consultant was advisor for other Scrum Masters and was also Scrum Master himself. The consultant was also responsible for several other tasks. E.g. implementing the use of a documentation system (Confluence) and to ensure adequate quality control and documentation of the programs systems, architecture, processes, work instructions, document life cycle etc.
2023-07 - 2024-01
As part of a series of security certifications and audits both domestically and internationally, the consultant was the expert in ensuring adequate compliance with IT/OT security requirements according to various standards such as ISO/IEC 27001/2, ISO/IEC 27019, GDPR, NIS 2, NIST 800-53, and IEC 62443. The consultant provided advisory support to cross-functional teams in compliance, quality assurance, risk management, and governance, and partially served as a project manager when necessary.
The consultant acted as a key advisor for management and project managers, ensuring the necessary documentation for audits. Analyses of existing governance setups and ISMS were also conducted, evaluating policies, processes, implementation levels, mechanisms, and gap analyses.
Furthermore, the consultant provided advisory support in the development of a new QMS (Quality Management System), which included an operational manual framework ensuring conformance and alignment with the organization's requirements and processes.
The consultant also delivered ad-hoc training to other teams on risk management and compliance according to applicable standards.
Tasks/Responsibilities:
- Subject Matter Expert in compliance and audit for ISO/IEC 27001/2, ISO/IEC 27019, GDPR, NIST CSF 800-53, IEC 62443
- Gap analysis according to standards
- Quality assurance
- Advisory support in risk management framework and governance structure
- Management advisory