Adoption of security policies, standards, and controls across all digital platforms (CRM, frontend, APIs, ERP, MDM) * Ensuring compliance with GDPR, NIS2, ISO 27001 for example and internal audit requirements; defining data protection and classification standards - Working knowledge of ISO 27001, NIST CSF, NIS2, and GDPR, plus familiarity with risk frameworks (e.g. ISO 27005, FAIR) — able to translate framework requirements into pragmatic controls
mehr