Provide appropriate business protection from cyber threats by developing, implementing, and monitoring strategic, all-inclusive corporate information and system security program, ensuring integrity, confidentiality, and availability of information assets, systems, and services.
Create common approach to information security across all business units by developing, maintaining, and publishing corporate information security policies, standards, and guidelines. Oversaw approval, communication, and dissemination of security policies and practices.
Develop culture of security through implementation and management of awareness and training programs, including general and targeted communications for all employees, at all levels.
Implement program for establishing and maintaining risk-based internal controls based on ISO 27002 over financial reporting and performing regular evaluations for compliance and effectiveness, ensuring regulatory compliance and accuracy of financial statements.
Provide information security risk mitigation by coordinating third party information security assessments for risks that may result from partners, vendors, and other service providers.
Communicate various information security topics as conference speakers at industry events or private corporate events.