Kan være tilgjengelig
(Oppdatert %updatedDate %)Cybersecurity consultant (DevOps, GRC)
Aarhus, Danmark
Innfødt Danish, Flytende English, Mellomliggende German, Nybegynner French
- 20+ års erfaring med cybersikkerhed
- Ekspert i secureSDLC
- DevSecOps practitioner
Ferdigheter (60)
PKI
Compliance Auditing
SYSTEM SECURITY
CISA
VULNERABILITY ASSESSMENT
RISK ASSESSMENT
Network Architecture
VPN
METRICS
DevOps
SECURITY POLICIES
INFOSEC
Scada
SECURITY AUDITS
CISSP
Risk Management
GOVERNANCE
SUBJECT MATTER EXPERT
PIPELINE
Strategic planning
INTRUSION DETECTION
BUSINESS DEVELOPMENT
FIREWALLS
SECURITY DESIGN
RISK ASSESSMENTS
ISO27001
AUDITING
Dev ops
AUTOMATION CONTROL PROTOCOLS
SME
FISMA
Project Management
RETAIL
PCI
WINDOWS SERVER 2003
GxP
BUDGETS
HEALTHCARE
API
BUDGET
FORENSICS
SARBANES-OXLEY (SOX)
CHEF (ALL)
Azure DevOps
Fieldbus
TRADING
TypeScript
RAILWAY
CHIEF OPERATING OFFICER
PUPPET
Active Directory
ESTIMATION
CHEF
SARBANES OXLEY
NETWORKING
ACCOUNT MANAGEMENT
Cisco
SPLUNK
FINANCE
Recruitment
Oppsummering
I like to think of myself as "the Swiss army-knife" of cybersecurity (or information security). Because
I have been aboard the security journey most of the way and consequently I have the practitioner’s approach to solving problems they are of strategic or practical nature at an operational level.
Recently, emphasis has been on the CHANGE needed to get and stay in control of the increasingly important cybersecurity area, particularly on improving security and quality of the software being developed, resulting in focus moving from “infrastructure to software security”. Leading smaller technical teams into changing minds, attitudes and culture or even management teams and entire organizations, has mainly been the task, as the cultural aspect of cybersecurity in the digital society has turned out to be more important than ever. Therefore, I master agile management/development methods, where SCRUM has been the primary choice. I started on the “BLUE team” back in the CISO-days, but as the “interpreter”, I now primarily work in the “blended” teams (PURPLE, GREEN, ORANGE), where OT/OIT security has been in focus recently. Whether a traditional IT-organization, a start-up or in IoT/OT development, I have become the CHANGE AGENT for security on operational, tactical as well as strategic level.
My primary skill is to quickly understand my clients’ business and assess their organization. And from there, identify the value- adding actions. And always from a business perspective, but equally as the technical Subject Matter Expert on the threats towards the digital economy. Therefore, I have expert knowledge on the technical and complex aspects of information security in a modern company, having become an SME in fields like the ISO2700x suite, secure SDLC, NIST CSF/SP800, Risk Management etc.
I am also a leader with T-shaped skills, coming from a long career within IT, where I have obtained both general management skills as well as expert skills. I have kept it all up2date through market leading certifications like CISSP, CISM, CEH, CIPP/E, CIPT, PROSCI/ADKAR etc. My academic background is an MsC (Political Science), which basically taught me how to learn (fast). My professional experience comes from both large international companies, start-ups and from the SMB segment.
My personal values are characterized by honesty and credibility, and I am a firm believer in leadership based on dialogue. I have a very curious nature with an eager for professional and personal development, and I believe that everyone can “learn for life”. I work in a very structured and systematic way and have strong analytical skills. I am used to a hectic business environment and working within IT for years has taught me how to perform in an environment of constant change.
Follow me on: https://www.linkedin.com/in/jensroedandersen/
Arbeidserfaring
2015-01 - Nåværende
2019-05 - Nåværende
Sector & Role Agriculture sector as Security Advisor Tech/framework Network architecture, Cloud architecture (MS/Amazon), CIS20, ISO27001, MS WIN, MS AD/AADFS, MS365
2022-07 - Nåværende
Sector & Role NGO sector as Security Advisor Tech/framework CIS20, ISO27001, MS WIN, MS AD/AADFS, MS365
2022-08 - Nåværende
Sector & Role Manufacturing sector as Security Advisor Tech/framework Network architecture, Cloud architecture (MS/Visma), CIS20, MS WIN, MS AD/AADFS, MS365
2020-01 - 2022-05
Sector & Role Insurance sector as Senior Security Advisor, Assessor and Architect Tech/framework Misc. MS technologies ie. AzureAD, Azure Sharepoint, Azure VPN, MS365, CIS20, ISO27001
2021-06 - 2021-10
Sector & Role Railway sector as Trusted Cybersecurity Advisor Tech/framework OT/IACS/SCADA/ tech, IEC62443, EN50126-1, CIS20/Benchmarks, NIST SP800-suite, ISO27001/27002, MS
2020-09 - 2021-05
Specific risk assessment on new Electronic Health Record (EHR) system "NordEPJ".
Sector & Role Public healthcare sector as Senior Cybersecurity & Compliance Advisor Tech/framework ServiceNow (GRC and SecOps modules), NIST SP800-53/SP800-171ISO27001/27002, ISO27005, ISAE3000, Deloitte Privacy Framework, CIS20/Benchmark, IRAM2, Azure DevOps, MS365 suite.
2016-09 - 2021-03
Sector & Role Healthcare sector as Senior Security Advisor, Assessor and Architect Tech/framework CIS20, MS WIN, MS AD/AADFS, MS O365, Azure Sharepoint, EG Clinea, Patientsky, XMO Period: November 2019
2019-02 - 2021-03
Sector & Role Public Sector as Senior Security Advisor, Assessor and Architect Tech/framework Network architecture, Cloud architecture (MS/Amazon), CIS20, ISO27001, NIST SP-800 suite, MS WIN10, MS AD/AADFS, MS O365
2020-09 - 2021-03
2020-06 - 2020-12
Sector & Role Publishing software sector as Security Advisor & Assessor Tech/framework OWASP10, CIS20, CMMI, ISO27005, IRAM2, Redhat OpenShift, SaltStack, AWS, Angular, AngularJS, Protractor, Gherkin, Checkmarxx, Netsparker, Nessus, Lint, Contrast, SonarQube.
2019-09 - 2019-10
Sector & Role Public Sector as Security Assessor Tech/framework CIS20, ISO27001, MS WIN, MS AD/AADFS, MS O365
2017-09 - 2018-08
Sector & Role Transportation sector as Security Technology and Process Advisor Tech/framework MS O365, MS Compliance Manager, Tempus Serva GDPR,
2017-08 - 2018-07
Sector & Role Retail sector as Senior Security Advisor & Project Manager Tech/framework ISO27001, SCRUM, MS AD/AADFS, O365, MS Compliance Manager, RSA SecurID, CIS20 et.al.
2017-04 - 2018-06
Sector & Role Agriculture sector as Project Manager, Security Advisor and Architect Tech/framework MS client/server technology, ESET AV, Fortinet HW, CIS20
2017-08 - 2018-06
Sector & Role Online ticketing sector as Senior Security Advisor Tech/framework Google Authentication, Application architecture, multiple vendors
2017-05 - 2017-06
Sector & Role Manufacturing sector as Security Advisor & Assessor
2016-01 - 2017-03
2016-02 - 2016-06
Sector & Role Philanthropy sector as Security Advisor Tech/framework Multiple
2015-04 - 2015-09
Sector & Role Manufacturing sector as Security Advisor Tech/framework Multiple
2015-03 - 2015-06
Sector & Role IT Services sector as Project Manager ad Compliance Expert Tech/framework Multiple
2013-01 - 2014-01
2012-01 - 2013-01
2012 - 2013 CEO and co-founder, Top Ten Garage AG Responsibilities: General management & strategy, business and product development, technical project management (IOS platform), financial controlling, sales & marketing.
2012-01 - 2012-04
Sector & Role Pharma sector as Project Manager and Risk Management Expert Tech/framework Multiple
2011-01 - 2012-01
2003-01 - 2011-01
Group IT Security Manager, Arla Foods amba Responsibilities: Strategic IT Security Management, Team manager for specialist team, implementation of IT Security Governance, Risk and Crisis Management, deployment of international Compliance program, vendor contact, project management.
IT Security Manager, Infrastructure Services, Arla Foods amba Responsibilities: Risk and Crisis Management, development of IT Security Governance model, training and setup of IT Security and User-admin. Dept., vendor contact, project controller, project management.
User Administration Manager, IT Services, Arla Foods amba Responsibilities: training and setup of Useradmin. Dept., vendor contact, project management.
1988-01 - 2005-01
2001-01 - 2002-01
2000-01 - 2001-01
1999-01 - 2000-01
Project Manager/Contract Manager, Consultancy Division, Merkantildata Responsibilities: IT projects management, contract management, pre-sales/project estimation.
1985-01 - 1986-01
Akademisk bakgrunn
2022-10 - 2002-01
2022-10 - 1994-01
2022-10 - 1984-01