Remote IT Security Officer
Safeguards Protects Mitigates
Virtual CISO security program steps
As a Virtual Information Security Officer (vCISO), I offer a comprehensive range of security program steps to help protect and enhance your organization's digital assets. Here is an overview of the services I provide:
As a Virtual Information Security Officer (vCISO), I offer a comprehensive range of security program steps to help protect and enhance your organization's digital assets. Here is an overview of the services I provide:
Define Your Company’s Security Maturity Level
vCISO service starts by performing a risk assessment and a maturity assessment. After assessing the organization, vCISO have conversations with leadership to understand where you want your security program to be, (i.e., what maturity level you want to be at). This can be determined by several factors, including which regulatory landscape your company falls under, any past incidents that have dictated some level of ongoing auditing, and – a factor many companies fail to include in their plans – what contractual obligations you have with clients. By utilizing this method, the organization decides how they want to mature their program and together we executive on that plan to deliver a security program that meets the organization’s needs.
Create Your Security Strategy Plan
Next, a vCISO will work with your team to develop a strategic security plan. This plan may include things like establishing stronger policies and standards, getting a better idea of your unique threat landscape and library, vendor risk assessments, defining remediation timelines, creating a security awareness training program, and understanding your compliance landscape. Then, he will present it to your executive team and board in a way that even non-technical members may understand, modify, and contribute feedback to.
Operationalize & Implement a Security Program
vCISO service starts by performing a risk assessment and a maturity assessment. After assessing the organization, vCISO have conversations with leadership to understand where you want your security program to be, (i.e., what maturity level you want to be at). This can be determined by several factors, including which regulatory landscape your company falls under, any past incidents that have dictated some level of ongoing auditing, and – a factor many companies fail to include in their plans – what contractual obligations you have with clients. By utilizing this method, the organization decides how they want to mature their program and together we executive on that plan to deliver a security program that meets the organization’s needs.
Risk Assessment and Management Services
Comprehensive evaluation of information security risks. Identification of vulnerabilities and potential threats. Development of strategies and controls to mitigate risks. Implementation of risk management practices and frameworks. Ongoing monitoring and assessment of security risks.
Security Policy Development Services
Creation and implementation of tailored security policies and procedures. Development of data protection and access control guidelines. Design of incident response protocols and disaster recovery plans. Integration of security awareness training programs. Alignment with industry regulations and compliance requirements.
Incident Response Planning and Management Services:
Collaboration to develop effective incident response plans. Establishment of protocols for incident detection, analysis, and response. Coordination with internal teams and external stakeholders during incidents. Forensic analysis and investigation of security breaches. Post-incident reviews and recommendations for process improvement.
Ing. Tomáš Rakuščinec
CISSP, CISM, Security+
Seasoned IT professional offering 18+ years of IT experience, including 10+ years of broad-based management in Systems Design, Implementation, Support and Cyber Security. Pride self with a proven ability to strategically and cost-effectively utilize technology in alignment with corporate goals. Possess an admirable track record of direct operations in complex and advanced Information Technology environment.
Experience
More than 18 years of experience
Possess an admirable track record of direct operations in complex and advanced Information Technology environment. Delivered various cybersecurity projects for several multi-national corporations in Banking, Pharmaceutical, Energy, E-commerce, Transportation Industry, Public Sector agencies and others.
Certifications and awards
Possess an admirable track record of direct operations in complex and advanced Information Technology environment. Delivered various cybersecurity projects for several multi-national corporations in Banking, Pharmaceutical, Energy, E-commerce, Transportation Industry, Public Sector agencies and others.
Contact
I’m always looking for new and exciting opportunities. Let’s connect.