Core Competencies:

• Mandatory prior project delivery experience and strong expertise in:
• Information Security Governance
• Information Security Risk Management
• Information Security Compliance
• Information Security and IT Controls
• Prior experience in delivering and managing large scale information security projects.
• Prior experience in information security strategy and planning (strategies, roadmaps, maturity assessments, governance organization design, roles and responsibilities), defining KPIs/KRIs and measurement.
• Prior experience in developing holistic and detailed frameworks for multiple IS domain areas such as cyber security, risk management, data protection, incident management etc.
• Prior experience in developing IS policies, standards, guidelines, processes and procedures.
• Prior experience in conducting assessments for and excellent knowledge of ISO 27001, ISO 31000, ISO 22301, NIST SP 800 53, PCI DSS, ISO 20000, ITIL, COBIT, COSO, other standards.
• Mandatory experience in conducting IT Risk Assessments.
• Sound understanding of information security non-technical and technical controls.
• Solid understanding of IT network infrastructure architecture and components.
• Ability to create high quality deliverables.
• Excellent project management, client handling and negotiation, decision making and crisis management skills.
• Prior experience in managing, guiding and mentoring teams.
• Ability to serve as a cross domain subject matter expert and advisor.
• Ability to independently manage as well as execute projects.
• Ability to directly interact and manage CXO level stakeholder expectations.
• Excellent written and verbal communication in English, clear articulation.
• Holistic thinking and on-the-fly solution engineering.

Learn more about our Risk Advisory Services.