Overall information security assuring regulatory compliance and alignment with the group. Setup governance structure and control framework. Act as Data Protection Officer for Swiss Bank.

• (on request) internally well established and recognized IT security officer and Data Protection Officer
• Implementation of FINMA 08/21 appendix 3 framework
• Group GDPR project participation responsible for Swiss Service Centre
• Strategy and plan for Information Security in Schroders Switzerland
• Management buy-in and awareness of the InfoSec topic up to Executive Board- level incl. regular reports
• Establish and run the Information Security Committee
• Setup roles for role-based access control for major wealth applications and onboard applications to groups IAM platform (Sailpoint Identity IQ)
• Setup of an Information Security Management System structure
• Evaluation and overall project lead of data classification and protection (Secure Island IQ Protector/Microsoft ADRMS)
• Conducted a process-based business impact analysis with key stakeholder from the business
• Actively work together with group IT security and Data Protection colleagues
• Run BCM program (BIA, evaluation business recovery options/ requirements, BCP, coordinate workplace recovery exercises, participate in DR testing)

Positions

• since Sep 2023: Regional Information Security Officer
• since Oct 2021: Regional Information Security Officer and Data Protection Officer
• since mid 2015: Head Information Security Officer, BCM Coordinator and Data Protection Officer

Ensure security for ex ABN AMRO until full integration. Implement and overview security for data extraction and transport to UBP and integration activities at ABN AMRO

• Data migration transport framework between exABN and UBP (concept, scripts, controls, documentation)
• User to user file exchange platform because of missing encryption in UBP e-mail system
• Guide and oversee security in migration project
• Active participation in network integration (network interconnection design and change management, FW rule base review, web proxy transition to UBP proxies)
• Participation in end-user mail and data migration
• Instruct and support data decryption (end user data and application data)
• Handover of AAB Information Security to UBP

Define and implement structure, processes and systems/tools to ensure information security for both Investment and Private Banking for ABN AMRO Switzerland (since one year only Private Banking)

• Directives and guidelines for information security for Bank staff, projects and outsourcing partners and 3rd parties
• Oversee and coordinate security with all outsourcing partners (IBM: IT infrastructure, Verizon: Application maintenance and support, TCS: Networks)
• Participation in relevant tables and steering committees (Operational Risk Management Committee, Swiss Project Steering committee)
• Coordinate and follow-up on risk assessments and penetration testing
• Establish and maintain the IS risk register
• Drive and oversee system security (hardening/ health checking, vulnerability management, patch management, malware detection)
• Oversee network security (FW management, Intrusion Detection and Prevention)
• Ensure proper identity and access management (role based access control, provisioning and reconciliation, reviews, monitoring/reporting)
• Audit fieldwork support and audit finding resolution
• Ensure compliance with Swiss data protection act and Swiss Banking Secrecy