Security Product Director, Europe
Verifone
Total years of experience :21 years, 4 Months
Responsible for Security products in the Europe. Products include cryptography, key injection, remote key loading, PCI Point to Point Encryption (P2PE). Regularly meeting customers to help them understand the products and to ensure Verifone has products to meets the latest requirements.
Verifone Nordics and Baltics
Responsible for all aspects of security in the region. Coordinating local Security managers ensuring products and services meets security and compliance requirements. VeriFone is world’s largest supplier of payment terminals. Point is the leading payment service provider in the region.
Responsible for security, including information security, physical security, fraud, incident, policy, legal and compliance. Reporting to Managing Director. Part of company Steering Committee. Managing a department of five security experts. Point Transaction System AB, part of VeriFone, world’s largest supplier of payment terminals, develop and supply payment solutions, primarily card payment terminals. Point is also a Payment Service Provider, routing transactions from Point of Sales to Acquirers. Compliance work covers e.g. PCI DSS, PCI PA-DSS, and VISA PIN security.
Business planning of Security and Risk Management services for the EMEA region (Europe, Middle East and Africa). Responsibilities include operational aspects for the practice including business planning for the region and individual countries as well as portfolio development.
• Development of Information Security Governance framework for telecom operator in Dubai, UAE (based in Dubai for 6 months). Awarded HP Achievement Award for outstanding contribution in this troubled project.
• Technical Project manager with international Banking and Insurance company to develop and deploy processes and tools around security management.
• Security transformation/transition for outsourcing clients.
• Opportunity management.
• Part of world-wide HP team to develop methods and tools for Information Security governance and compliance.
Providing Information Security and IT Security services as a consultant. Services include IT Audits, Security Audits, Security Advice and Security Evaluations. Customers are mainly small and medium size businesses. Advising on compliance and best practice frameworks (e.g. ISO17799, ISO27001, COBIT, ITIL). Helping clients to identify and understand threats to their business and advising on mitigation plans.
Internal security consultant, advising TeliaSonera AB, a multinational telecom operator, on all aspects of information security including:
Security policies and standards: Applying best practice and security standards to corporate security frameworks (e.g. ISO17799, ISO27001, COBIT, ITIL, COSO ERM, SPRINT). Methods and procedures: Developing security practices at various levels, implementing the same and following up. Risk management: Supporting enterprise risk management organisation on security issues, including expertise advice and method development. Product management: Serving on the project council, overseeing all phases of the development cycle to identify security requirements, devise and evaluate solutions and analyse risks. Project management: Managing security projects at various stages of the product life cycle.