Duties and achievements:

• Spearheading Celtra's information security efforts:

 · Managing department’s roadmap and its timely execution.

 · Leading InfoSec and IT work team, setting goals and performance expectations.

 · Ensuring the organisation's ongoing compliance with SOC2 controls.

 · Ensuring alignment of the production environment with the CIA triad model.

 · Reporting identified risks and needed improvements to management.

 · Ensuring prompt responding to client Information Security assessments

• Process optimisation and bottleneck elimination:

 · i.e. SSO where possible, Risk assessment added to SDLC, clearer data governance, automated on/off-boarding tasks, decluttering Jira, etc.).

 · Rolling-out and managing Vulnerability Disclosure Program, resulting in significant noise reduction, faster report validation and triage.

• Empowering employees and the team:

 · Decreasing unauthorized sharing, transfer, or use of sensitive data with Auto document classification using DLP rules, 

 · Implemented password management solution, reducing weak and reused passwords usage by 80%.

 · Establising security baselines for endpoints, monitoring for compliance.

 · Phishing Awareness Automation, resulting in less than 6% phish-prone.

 · Conducting knowledge shares, employee trainings (OWASP).

• Managing primary IdP and Company SaaS stack