Miloš Savić

Miloš Savić Email and Phone Number

Security Compliance Officer, Information Security Risk and Compliance @ ABBYY
Belgrade, RS
Miloš Savić's Location
Belgrade, Serbia, Serbia
About Miloš Savić

As an experienced Information Security professional, I have a proven track record of successfully managing and maintaining security control environments and achieving certifications, including ISO27001 and SOC2.In my previous roles, I have contributed significantly to third-party risk management and participated in internal and external audits focusing on SOC2 and ISO27001, coordinating and collating required evidence. I have also assisted businesses in documenting, assessing, and remediating any issues and risks raised during audit examinations.My expertise in maintaining and continuously improving security control frameworks and control monitoring activities has been instrumental in managing the control library and supporting the business in implementing internal controls. Moreover, I have maintained handbook pages, procedures, and policies related to security compliance, and professionally handled communications with internal and external stakeholders on compliance issues.With my knowledge of international frameworks and standards, including COBIT and ISO27001, I have tested IT General Controls (ITGC), including access security, program changes, data centers, network operations, system software acquisition, change, and maintenance. Additionally, I have evaluated the design and operating effectiveness of the IT control environment, maximizing the efficient use of resources in business operations.I am a proactive and result-oriented individual who enjoys taking on new challenges and making a difference. I can educate control owners on compliance workflows and processes, identify opportunities for security compliance control automation, and maintain security compliance automation tasks.In addition to my experience in information security risk and compliance, I have also obtained the CCSK (Certificate of Cloud Security Knowledge) certification, demonstrating my expertise in cloud computing security principles and best practices. This certification has further enhanced my ability to evaluate and mitigate risks associated with cloud technologies and has allowed me to advise on best practices for secure cloud adoption.My skills include:➜ IT Audits➜ Third-party Risk Management (TPRM)➜ IT General Controls Testing➜ Compliance Analysis & Management➜ Risk Management➜ Training - Design & Development➜ Design Evaluation➜ Documentation & Reporting➜ Internal & External Auditing➜ Operational Effectiveness➜ Vendor / Supplier Assessment

Miloš Savić's Current Company Details
ABBYY

Abbyy

View
Security Compliance Officer, Information Security Risk and Compliance
Belgrade, RS
Website:
abbyy.com
Employees:
960
Miloš Savić Work Experience Details
  • Abbyy
    Security Compliance Officer, Information Security Risk And Compliance
    Abbyy
    Belgrade, Rs
    View
  • Grant Thornton International Ltd
    Senior Associate, Cybersecurity - Risk Management, Operations, And Projects
    Grant Thornton International Ltd Sep 2024 - Present
    London, England, Gb
    I support the internal Cyber Risk Assessment program, aimed at managing and mitigating information security risks associated with suppliers, products, transactions, and shared services. My role includes evaluating vendors, IT solutions, and technologies, leveraging my experience in information security audits and consulting.Key Contributions:• Collaborate with IT, Procurement, Shared Service Lines, and Member Firms to implement the cybersecurity risk management program.• Prioritize and assess both new and existing suppliers to identify and manage security risks.• Conduct cybersecurity risk assessments for internal products, services, and third-party suppliers across the network of firms.• Evaluate risks related to transactions, including mergers and acquisitions.• Report on operational risks, including compliance monitoring and risk trends across the organization.• Ensure completeness, consistency, and clarity of data reviewed during assessments.• Produce comprehensive and concise assessment reports, providing actionable insights.• Advise on cybersecurity risk mitigation strategies and track risk trends to support continuous improvement in cybersecurity risk management.
    View
  • Abbyy
    Security Compliance Officer - Information Security Risk & Compliance
    Abbyy Aug 2022 - Sep 2024
    Austin, Texas, Us
    As a part of the Information Security Risk & Compliance team, I collaborated across the organization to build and sustain a strong security control framework, ensuring compliance with existing certifications and achieving new ones.Key Contributions:• Third-party risk assessments for identifying and evaluating potential risks and hazards associated with a vendor's operations, products, and potential impact on the organization• Participating in internal and external audits with a focus on SOC2 and ISO27001, coordinating and collating required evidence• Assisting the business to document, assess, and remediate any issues and risks raised during audit examinations• Maintaining and continuously improving security control framework and control monitoring activities• Managing the control library and supporting the business in implementing internal controls• Maintaining handbook pages, procedures, and policies related to security compliance• Professionally handling communications with internal and external stakeholders on compliance issues• Educating control owners on compliance workflows and processes• Identifying opportunities for security compliance control automation• Maintaining security compliance automation tasks• Managed Identity Access Management (IAM) processes using OneIdentity, ensuring secure and efficient access controls across the organization
    View
  • Ball Corporation
    It Governance, Risk And Compliance (Grc) Analyst
    Ball Corporation Aug 2021 - Aug 2022
    Westminster, Colorado, Us
    I was responsible for delivering effective IT coordination and assurance for all external compliance efforts, involving Global Privacy, SOX, and HIPPA. Furthermore, I am engaged in supporting the team in following information security policies and standards, including revising and addressing questions and managing coordination remediation from internal/external audits and examinations. Also, I am steering a wide range of tasks to make sure all internal functions accomplished strictly adhere to security policies and standards. To understand cyber risk, I am conducting assessments of the IT security/risk posture within the IT network, systems, and software applications. I facilitate GRCS effort to partner with corporate communications to effectively convey awareness messages to employees and contractors for raising awareness.Key Contributions:• Communicated with Global IT security staff to conduct and manage an ongoing company-wide cyber phishing training program to spot and report suspected phishing attempts and protect the company from cybercriminals, hackers, and other bad actors.• Evaluated and mitigated risks by proficiently utilizing IT security risk matrix, such as prioritizing findings, developing mitigation plans, collaborating with stakeholders, and directing remediation activities.• Led vendor/supplier security risk assessments for identifying and evaluating potential risks and hazards associated with a vendor's operations and products and potential impact on the organization.• Designed all aspects of the information security training and awareness program to prevent and mitigate user risk and combat information security breaches.• Determined needs for improvement and opportunities to streamline document remediation process regarding acceptance and mitigation of risk scenarios.
    View
  • Deloitte
    It Audit Analyst
    Deloitte Mar 2020 - Aug 2021
    Worldwide, Oo
    I was responsible for conducting IT audits for multiple companies in various industries, including banking, insurance, pharmaceutical, investment banking, and air traffic. One of my key responsibilities was to assess and report IT risks and control designed to reduce IT risks to an acceptable level. Moreover, I have developed practices through the utilization of a broad scope of industry knowledge in accordance with the international frameworks and standards (COBIT, ISO27001).Key Contributions:• Tested IT General Controls (ITGC), including access security, program changes, data center, network operations, system software acquisition, change, and maintenance aimed at assuring the secure, stable, and reliable performance of computer hardware, software, and IT personnel connected to financial systems.• Evaluated the design and operating effectiveness of the IT control environment for maximizing the efficient use of resources in business operations and to improve quality, productivity, or competitive positioning in the market.
    View
  • Dr. Oetker
    It Assistant
    Dr. Oetker Oct 2019 - Feb 2020
    Bielefeld, Nordrhein-Westfalen, De
    In this role, I have collected, organized, and maintained IT information concerning an IT infrastructure as well as delivered user support to fix problems. I have generated user instructions to support users in using a particular product, service, or application. I have administered Windows Server 2012 R2, Databases, and uniFLOW.Key Contributions:• Sustained client infrastructure, such as troubleshooting issues and installing and migrating systems.• Handled server support systems, including Hyper-V, Matrix42, Active Directory, Veeam, Exchange and McAfee to perform restore operations with backups using the information from these backup servers.
    View
  • Dr. Oetker
    It Intern
    Dr. Oetker Apr 2019 - Sep 2019
    Bielefeld, Nordrhein-Westfalen, De
    View

Miloš Savić Skills

Windows Server Linux Active Directory Cybersecurity It Audit Jpa It Risk Management Troubleshooting Itgc Cascading Style Sheets Html C (Programming Language Microsoft Office Java Android Php Javascript C++ Spring Framework Python Microsoft Power Bi Teamwork Computer Networking Analytical Skills Hyper V Cloud Computing C# Mysql It Controls

Miloš Savić Education Details

  • Univerzitet Metropolitan
    Univerzitet Metropolitan
    Information Technology

Frequently Asked Questions about Miloš Savić

What company does Miloš Savić work for?

Miloš Savić works for Abbyy

What is Miloš Savić's role at the current company?

Miloš Savić's current role is Security Compliance Officer, Information Security Risk and Compliance.

What schools did Miloš Savić attend?

Miloš Savić attended Univerzitet Metropolitan.

What skills is Miloš Savić known for?

Miloš Savić has skills like Windows Server, Linux, Active Directory, Cybersecurity, It Audit, Jpa, It Risk Management, Troubleshooting, Itgc, Cascading Style Sheets, Html, C (Programming Language.

Who are Miloš Savić's colleagues?

Miloš Savić's colleagues are Mike Popov, Marwan Farhat, Vladimir Khil, Elena Venkova, Olga Kheyso, Roman Bihun, Elza Lisnycha.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.