Work Experience
Governance, Risk & Compliance Officer, Information Security and Fraud
June 2023 - Now
Information Security & Fraud Department
@ Hellenic Bank Public Company Ltd.
Secretary & SheLeadsTech Liaison
June 2023 - Now
@ ISACA Organization (Cyprus Chapter)
Scroll down for more information about my main responsibilities on each role.
Senior GRC, Cyber Transformation & Risk Consultant, Cyber Security Team
Assistant Manager (Senior Assosiate II)
November 2021 - June 2023
Technology Consulting / Business Consulting / Advisory Department @ PwC Cyprus
Information Security Officer
March 2020 - November 2021
Information Security and Risk Management Department @ JCC Payment Systems Ltd.
Information Security Officer
January 2018 - March 2020
Resilience Department @ Cablenet Communication Systems Ltd.
Scroll down for more information about my main responsibilities on each role.
IT / Security Auditor
January 2017 - January 2018
Advisory Department @ PwC Malta
Security Engineer Intern
October 2016 - December 2016
Cyber Security Department @ Betsson Group, Malta
Student Researcher
June 2016 - Aug 2016
IT Innovation Center of University of Southampton, UK
Scroll down for more information about my main responsibilities on each role.
Governance, Risk & Compliance Officer, Information Security & Fraud
Main Responsibilities
Perform Information Security risk, compliance and regulatory assessments
Assess, record, and report Information Communication Technology (ICT) and Security risks faced by the Group
Act as an advisor to the Group on how to comply to the Information Security Policy / Framework and to perform Information Security Risk Assessments
Advise on the development and review of policies, standards, procedures, guidelines, and controls to ensure that ICT and Security risks are properly managed
Secretary & SheLeadsTech Liaison
Secretary - Role & Responsibilities
Role
The chapter secretary is seen by the membership and the community as the local representative of ISACA.
The secretary assists the chapter board in chapter activities and efforts to ensure professional and personal growth for the membership, as well as chapter sustainability.
The chapter secretary reports to the chapter president.
Responsibilities
Governance
Responsible for the maintenance and retention of forms, documents, and correspondence (all chapter records), including but not limited to:
Minutes from board meetings
Chapter bylaws
Chapter charter
Incorporation records
Insurance records
Official chapter membership list (can be assigned to membership director)
Corporate seal (if applicable)
Conflict of Interest Statements and Willingness to Serve Agreements
Additional Roles
Maintain data privacy, per chapter and ISACA Global policies, as well as local regulations (e.g., GDPR).
Ensure the Conflict of Interest Statements and Willingness to Serve Agreements are signed by each volunteer. Maintain originals of these signed records.
Assist the chapter president with establishing a chapter calendar, including target dates for task completion.
Compare records with previous periods to determine the percent increase/decrease in membership. Provide comparison to membership director.
Manage surveys of the chapter membership.
Manage all correspondence pertaining to or on behalf of the chapter. Assist in writing and mailing all correspondence on behalf of the chapter.
Collaborate with the chapter board to manage legal affairs.
Update chapter bylaws according to changes approved by the chapter board.
Submit reports to ISACA for compliance and award eligibility.
Meetings
Collaborate with the chapter president to develop an agenda for each board meeting.
Assist with scheduling meetings. Issue meeting notices for board and chapter meetings.
Act as parliamentarian for board and chapter meetings to ensure procedures are followed per bylaws. Additional insights and ideas can be gained from reference to Robert’s Rules of Order Newly Revised, 11th Edition, a manual of parliamentary procedures developed in the United States, but generally applicable to any chapter board meeting.
Record and maintain accurate attendance records of board meetings and chapter meetings. Work with program/education chair(s) to track/monitor meeting attendance.
Call the roll and read minutes of previous meeting, as necessary.
Record meeting minutes during the chapter board meetings, membership meetings, and annual general meeting. Distribute minutes to the appropriate audiences. Maintain copies of all chapter meeting minutes and ensure they are stored in the chapter’s Library in the chapter’s Chapter Leader Community.
SheLeadsTech Liaison - Role & Responsibilities
Role
Serves as the liaison between the chapter board and members, and One In Tech, an ISACA Foundation (OIT)
Reports to the chapter president and works closely with the chapter’s membership director, treasurer and vice president, as well as One In Tech.
Helps promote SheLeadsTech events carried out by One In Tech and leads the charge for chapter-based SheLeadsTech events.
Responsibilities
Serves as the liaison between the SheLeadsTech program lead at One In Tech and the local chapter.
Utilizes the SheLeadsTech Chapter Toolkit.
Creates strategy and plans for SheLeadsTech programming at the chapter level.
Promotes SheLeadsTech events created by One In Tech and other chapters.
Serves as the “face” of the SheLeadsTech program at the chapter level, including presentations to the chapter board, at chapter events, and to outside organizations.
Helps fill volunteer roles for SheLeadsTech events.
Serves as an inviting and welcoming, personal touch (i.e., invites people to events, makes sure they feel welcome and included)
Creates an atmosphere of inclusion and acceptance.
Embraces the SheLeadsTech mission.
SheLeadsTech Program
Mission and Purpose of the SheLeadsTech Program
One In Tech’s SheLeadsTech program seeks to increase the representation of women in technology leadership roles and the tech workforce.
We do this by
Raising Awareness - Educate employees, allies, and engaged professionals to overcome unconscious bias.
Preparing to Lead - Training and skills development programs will prepare current and upcoming female leaders for the digital future.
Building Global Alliances - Through strategic partnerships, amplify the impact beyond the One In Tech network and support chapters, as they tackle the unique challenges in their region.
Commitment
ISACA’s Commitment to Advancing Gender Diversity and Women in Leadership Roles within the Cyber Professions Workforce
SheLeadsTech is the banner program of One In Tech dedicated to building a gender diverse and inclusive global community of cyber professionals. Initiated in 2017, SheLeadsTech empowers women to enhance their professional skills and advocate for their career advancement. SheLeadsTech also brings global awareness to the lack of gender diversity in all levels, particularly chief and executive positions, within tech fields.
Building on this important work, SheLeadsTech commits to providing comprehensive resources, services, event, and learning to accelerate careers as a core strategy. This new vision for SheLeadsTech will significantly aid the effort to ensure leadership career roles are accessible to everyone.
Objectives
Advance women leaders through global programs and initiatives that can be designed at the global level and scaled locally through ISACA’s chapters.
Provide current and prospective under-represented professionals with access to educational, professional skill, and career-building development to enter and advance within the cyber workforce
Create toolkits and resources that enable ISACA chapters and others to impact their local communities with digital workforce development learning resulting in global impact.
The SheLeadsTech program incorporates awards from the OIT Scholarship Program to support professional development and skill-building opportunities as well.
Senior GRC, Cyber Transformation & Risk Consultant
Main Responsibilities
Leading Governance, Risk and Compliance Pillar
Lead Cyber Governance and Risk Compliance engagements
Carry out cyber risk assessments and provide advice on compliance issues at C-level
Undertake Business Development activities
Participating in the writing and delivery of proposals to clients
Articulating and presenting findings clearly both verbally and in written reports to clients
Providing coaching and guidance to more junior members of the team
Information Security Officer
Key Accountabilities:
Contributes to the design and implementation of JCC’s Information Security Program, including related policies and procedures, that ensure the safeguarding of the company’s assets in terms of availability, integrity, and confidentiality.
Creates, distributes information security policies and procedures, and ensures that are kept up to date.
Designs the JCC Information Security Program with Information Security standards & guidelines, and supports Information Security Audits to ensure compliance with:
Payment Card Industry Data Security Standard (PCI DSS)
Payment Card Industry PIN
Payment Card Industry Card Production
PCI DSS for JCC merchants
ISO 27001 - Information Security Management System
Ensure compliance with laws, regulations, standards, directives, guidelines, etc.
Performs and coordinates the Information Security Risk Control Self Assessments with all departments and recommends a risk treatment plan.
Identifies and reports significant information security threats, risks, and non-compliances
Reviews and manages the Incident Management procedure and ensures that all incidents are documented and recommends corrective and preventive measures to avoid recurrence.
Implements and promotes the Information Security Awareness Program, including JCC staff training, to ensure that employees adhere to JCC’s policies and procedures, and comprehend Information Security Risks.
Provides information security advice for new projects and company changes.
Information Security Officer
Key Responsibilities
Development and implementation of Information Security Policies, Standards. Processes and Procedures.
Developing and managing the Information Security Response Plan.
Initiating, facilitating and promoting activities to develop and maintain the Information Security and Business Continuity Awareness.
Performing Security and Business Continuity Audits to ensure compliance with established policies and regulatory requirements and standards.
Performing an ongoing Information Security Risk Assessment program and maintaining the Information Security Risk Register.
Develop the Disaster Recovery and Business Continuity Plans.
Identifying and addressing security issues with systems, applications, network configurations and database access.
The Implementation of the ISO/IEC 27001/2:2013 and ISO/IEC 22301:2012 Standards and assure annual preparation for renewal of the certification.
Liaise with local regulators to ensure compliance with N.I.S, CSIRT, OCECPR and DSA requirements.
Assist the Data Protection Officer with Data Protection Policies and procedures relating to information security in preparation of the GDPR.
Manage the implementation of the Cyber Security Strategy through the Cyber Security Project.
Deliver Awareness Training regarding Cyber Security, Information Security and Business Continuity based on new laws, regulations and standards.
Member of the Resilience Department responsible for the implementation of the Integrated Management System (Information Security, Business Continuity, Quality and Health&Safety Management Systems).
Member of the Crisis Management Team as a backup of the Business Continuity Coordinator.
Member of the Audit and Risk Committee as an Information Security Officer.
Member of the European Projects Team responsible for the Horizon 2020 RISE European Projects Cablenet is a partner of.
Member of the Fire Safety Team of the company.
IT / Security Auditor
Main Responsibilities
IT Systems Audits - Perform IT Audits for companies in the financial, insurance, entertainment, manufacturing, telecommunications, computer, food, etc. industries.
Security (Internal & External) Audits - Perform Security Audits for companies in the banking and gaming sector.
System Audits - Perform System Audits with accordance to the Malta Gaming Authority (MGA) requirements checklist to Online Gaming companies based in Malta.
Security Engineer Intern
Main Responsibilities:
Handle security related JIRA tickets
Assist Security Engineers in project tasks
Shadow Security Engineers in critical project phases to learn from them and obtain best practice knowledge
Handle any administrative tasks such as quarterly and monthly checks
Handle requests for Password Manager
Research new software requests to check if they are secure enough to use within company.
Assist in maintaining documentation
Student Researcher
Joining the team of IT Innovation Centre of University of Southampton for completing my MSc dissertation project about Advanced Persistent Threats and their Modelling techniques.
I have managed to develop the Pseudocode of an Innovative Modelling Technique of APTs. The paper was marked with Distinction and it is publishable.