● In charge of driving PCI compliance initiatives and robust risk management strategies.● Guiding the company towards establishing secure environments, risk-aware cultures, and ensuringregulatory compliance.● Leading cross-functional teams to enhance security postures, minimize vulnerabilities, and contribute to overall organizational resilience.

● In charge of the risk governance process on Amdocs’ acquired companies, including conducting riskassessments, determining risk levels and BIA scores according to the company risk methodology, andassisting in building mitigation plans with the business stakeholders, to remediate the risks found.● Managing the risk acceptance process, including preparing the reports and supporting materials, presentingthe risks, and explaining the potential business impact and Amdocs exposure.

● Responsible for all security aspects (including network and endpoint security, privacy,compliance, etc.) of several accounts, including the largest customer of the company.● Managing and conducting risk Assessments according to security best practices and standards (ISO27001,SSDLC, NIST 800-53) including following up on corrective actions and remediation needed.● Engagement with management, internal units and external customers executives to resolve security issues.● Cooperating with the Legal department in reviewing and analyzing the customer’s legal documents (MSA,third party vendors and subcontracts, etc.).● Defining, creating and managing implementation of new security controls and processes, and enhancing existing security procedures.

● Responsible for all corporate information security in North and South America.● Advised and analyzed Information Security policies and procedures.● Led and managed a wide range of IS projects, such as Mobile Device Management, Vulnerability Scanningand Assessment ,Penetration Testing, threat analysis and access control implementation.● Assisted in implementation and adoption of the latest technology tools: Beyond Security, Zenprise MDM, PortNox, ArcSight, and Cyberark, among others.

● Managed and supervised more than 30 external, professional experts and consultants, for informationsecurity assessments on more than 200 systems, including sensitive core business systems.● Composed the annual work plan, wrote RFP documents and reviewed test reports.● Led the creation of an organizational Risk Assessment methodology in accordance with various regulationsand standards (ISO 27001, PCI-DSS , Proper Conduct of Banking Business Directives, etc.).● Managed a budget of more than $3m including planning, resource allocation and on-going budget control.● Succeeded with multi-disciplinary work and daily interaction with management, financial and HR functions.

● Managed information security in the entire group and subsidiaries, including overall responsibility andcontrol, at the managerial and technological levels.● Planned and wrote guidelines, policies, procedures and work plans, as well as trained employees andmanagement in various security subjects, in accordance with Israeli MOF regulations and directives.● Supervised all information security officers and led and managed various information security projects● Prepared and guided IT department managers in information security controls and requirements to provideadequate security for multi-systems and multi-user environments.● In charge of external consulting companies and coordination with Israel’s national security agencies.● Member of the company’s Security Steering Committee and of the Forum for Communications andComputers Security of the Israeli Ministry of Defense.

● Completed high level planning and performed professional consulting at customer sites.● Managed development teams in projects for the insurance, human resources and finance sectors.● Developed software using Sapiens proprietary tools and databases (Quix, ObjectPool, etc.).