Member of If’s seasoned Nordic Risk Engineering team in BA Industrial, and chairman of the Cyber Competence Centre. Tasked with building up the Cyber Risk Management practice, assessing risks related to organisations controls and business processes as well as client portfolios, advising customers and colleagues on how to prevent losses. A part of the time is spent on keeping the organisation up to date on risks, writing new articles and delivering presentations.

Managing the Information Security Functions at If P&C Group, and parent Sampo Group.

As Head of Information Security, I was responsible for managing the Group's ISO/IEC 27001 certified Information Security Management System but I was also involved in various IT security projects and activities. I transitioned the ISMS to the 27001:2013 version and implemented various enhancement over the years. This lead to that we in 2017 received a 5/5 "Benchmark" maturity rating in all audited areas, as the first organisation in the international Certification Body's history. Advised the organisation in information security and risk-related matters, security and audit activities. Conducted reviews of potential vendors, and regular reviews of existing key vendors. Keep up with trends, threats and vulnerabilities and training staff. Supported the business with responses to customer information security, IT-security and technical demands, requests and risk reviews. All crucial in building and maintaining the trust of customers in the OTC derivatives community including major global dealers, regional banks, asset servicers, fund managers, pension funds, corporates.Heading the Information Security function, responsible for:*maintaining the Information Security Management System*maintaining policies and provides advice and support during implementation*providing direction with management support*monitoring information related risks and acts as an escalation point for information security incidents

Responsible for professional services engagements within the Governance Risk Compliance space.Key focus on Verizon Business vast experience and strengths within PCI DSS, ISO 27000-series, risk driven security, internal/external compliance, security governance, IT governance, IT forensics and incident managment.Actively working with pre sales, scoping, staffing, consulting and delivery management.

Responsible for the Mobility Professional Services Practice in EMEA.

Consulting within the GRC area - Governance, Risk and Compliance.Developed and reviewed IT-goverance structures, policies, guidelines. Reviewed compliance with and implemented information security and IT-governance frameworks such as CobIT, EGBA, PCI.Performed risk assessments.

Acting Security contact for private and public organizations with specific security demands and/or profile.Assist sales and operations with information/IT-security competence.Propose actions for aligning internal processes/procedures with current and future customer demands and expectations.

Responsible for conducting IT-related risk assessments and interviews together with business executives and IT-staff, plus ranking and reporting as well as proposing controls to risks.Part of the time work with information security architectural issues, as well as operational security issues.The position is placed in the IT Security department but also working actively together with Operational Risk Management unit, reporting to the Group's executive management.

Strategic IT security advisor to the TDC Song Group tasked with providing adequate steering, risk handling and technical advice in IT security matters.

Responsibility to evaluate and decide in matters regarding technical solutions for information security, for instance threat analysis, firewall architecture, approve network and firewall changes, client/server configuration, propose, purchase and implement protective and detecting mechanisms.Set the scope and follow up and monitor IT-suppliers performance in agreements.Some of the work is also writing, reviewing policies, standards and baselines.

Manager for e-mail system and clients. Project Manager for infrastructural projects. Conducted security evaluations of clients, servers and Internet access.

Worked full time for a Mail Service Group within a major insurance company with support and administration of Microsoft Exchange and Outlook.

Planned and conducted training in English for customers in the areas frequency planning, range calculation, operation, field and workshop service of military communications equipment and crypto equipment in Sweden and other countries also outside Europe.