Flavius Plesu's Email Addresses & Phone Numbers

📖 Summary

Alternating senior management, consulting and business development roles Flavius Plesu is an enthusiastic information security professional with over 10 years of Information Security experience in international markets, both public and private sector, within a variety of sectors such as Financial Services, Legal, Technology, Transport and Logistics, Government and Education. As Director for Global Information Risk and Policy at Markit, he is responsible for defining and landing the information risk management framework, establishing and maintaining appropriate security policies, ongoing measurement and reporting of compliance to information security policy framework via the ISMS and delivering a meaningful, pervasive information security awareness programme. In his role Flavius enables Markit to identify and manage information risks, to make well informed business decisions. At the same time he assists the corporate departments and various business units to understand and establish acceptable levels of risk, in order to reduce the potential for information security and business continuity incidents. Having a strong technical background and a good understanding of business processes, he is naturally proficient at explaining the technical concepts surrounding the confidentiality, integrity and availability of information and supporting IT systems to all levels of management. Extensive expertise across a wide range of information security disciplines – Governance, Risk and Compliance (GRC), information security policies, ISMS, ISO 27001, ISF Standard of Good Practice, legal and regulatory compliance - SOX, PCI DSS, DPA, NHS IGTA, computer security, network security, web application security, secure business architectures and security technologies, with a strong emphasis on risk management.Director Global Information Risk and Policy @ Markit is a leading global provider of financial information services, providing products that enhance transparency, reduce risk and improve operational efficiency. Responsibilities: ° Support the CISO in interpreting and identifying impact of key regulatory changes ° Understand the corporate requirements related to security and regulatory compliance (DPA, EU GDPR, SOX, SSAE16), and ensure they are met through a comprehensive policy framework ° Establish and maintain appropriate security policies in order to ensure the confidentiality, integrity, and availability of Markit’s systems and data. ° Ongoing measurement and reporting of compliance to information security policy framework via ISMS, and working towards ISO27001 certification ° Maintain relationships with key stakeholders across the business and IT in order to drive awareness of, and compliance to, the policy framework. ° Develop and maintain a methodology for an information risk management process and automate the process via the selection and implementation of leading GRC software application ° Ensure Information risks from all sources (Information Security processes, business operations, critical applications, internal incidents, external threat landscape and critical suppliers) are appropriately assessed and lifecycle managed within the operations teams ° Work with the business to develop an automated mechanism for data classification to deliver assurance to the business ° Responsible for engagement with both internal and external audit processes including the management and remediation of all identified deficiencies. ° Define and monitor key controls and performance metrics across all aspects of Information Security and ensure reporting is appropriate for all stakeholder groups. ° Support the CISO in all aspects of the governance framework including senior stakeholder engagement, management and metrics reporting From September 2015 to Present (4 months) London, United KingdomGCHQ-certified MSc, Information Security, Distinction @ Royal Holloway, University of London From 2012 to 2014 Bachelor of Science (BSc), Computer Science @ Tibiscus University, Timisoara From 2003 to 2007 Faculty of Automation and Computer Science @ Universitatea „Politehnica” din Timișoara From 2001 to 2003 Information Security and Risk Management in Context @ University of Washington From 2013 to 2013 Computer Networks @ Stanford University From 2012 to 2012 Flavius Plesu is skilled in: Information Security, Information Security Management, CISSP, Information Security Governance, PCI DSS ISA, Data Protection Act, PCI DSS Expert, ISO 27001, Risk Management, PCI DSS, Human Factor Expert, Computer Security, Security, Information Security Consultancy, Risk Assessment