Károly A. - Interim Head of Global IT Security Awareness and Communication

Go to Website

Passau, Germany

Experience

Jan 2024 - Dec 2024

1 year

Munich, Germany

Interim Head of Global IT Security Awareness and Communication

Amer Sports Group

Leading and managing the global cybersecurity awareness program & serving as the global communications officer for the ISO 27001 cybersecurity awareness program

Jan 2024 - Dec 2024

1 year

Oldenburg, Germany

Risk handling & general information security

EWE Tel GmbH

Risk analysis to uncover gaps across 3 legal entities
Process mapping and design, and strategic risk management
Training concept and enabling employees to run risk management in line with standards and regulatory requirements (NIS2, ISO 27001, ISO 9001, ISO 50001)

Jan 2024 - Dec 2024

1 year

Hanover, Germany

Risk management

ivv – Informationsverarbeitung für Versicherungen

Auditing internal processes for regulatory compliance and identifying and defining mitigation measures for risks in processes that do not meet regulatory requirements (NIS2, DORA)

Jan 2023 - Dec 2023

1 year

Essen, Germany

Senior Project Manager Cybersecurity

RWE AG

Implementation of RWE's cybersecurity strategy for 2 out of 5 business units (Renewables – OPEA & OFF), considering the following standards & frameworks: KRITIS, NIS2, NIST, ISO 27001
Leading the Renewables team, responsible for budget and project planning
Risk management, project management, training of RWE employees, point of contact for Renewables within the RWE Group

Jan 2023 - Dec 2023

1 year

Stäfa, Switzerland

ISO 27001 certification – ISMS setup

Sensirion Connected Solutions AG

Support in the ISO 27001 certification process – policies, SoA, documentation, risk matrix, processes, employee training

Jan 2017 - Dec 2022

6 years

Zürich, Switzerland

CISO, Head Risk & Compliance

Bär & Karrer AG

Responsible for setting up and running an organizational unit to implement information security objectives according to ISO 27001
Responsible for developing and maintaining security documentation, the security policy and security guidelines; Data Protection Officer (GDPR)
Managing information security projects and external service providers
Planning and conducting internal audits, supporting client and certification audits
Coordinating and delivering training and awareness sessions
Responsible for developing, implementing, and reviewing the risk strategy and risk-related policies, and integrating them into processes, workflows, and systems
Analyzing and monitoring all risk parameters and potential risks, as well as ensuring appropriate risk mitigation measures
Responsible for the strategic compliance direction and further development of compliance systems

Jul 2014 - Dec 2016

2 years 6 months

Vitznau, Switzerland

Risk & Integrity and Controlling Manager

ZZ Vermögensberatung (Schweiz) AG

Set up, implementation, and ongoing monitoring of the Swiss company's risk management in line with FINMA requirements (operational and strategic for three funds: Emerging & Frontier Markets Fixed Income, Commodity & Volatility, and Private Equity – Offshore)
Point of contact for stakeholders (banks, regulatory authorities, and board of directors)
Preparation of quarterly risk reports on the funds for executive management, board of directors, and banks
Preparing the application for an asset management license (KAG) with FINMA
Implementation of investment compliance system (MIG 21) and compliance processes (directives, policies, regulations, employee handbook, and compliance organization handbook) as part of FINMA supervision
Conducting regular compliance training for employees, responsible for the training program (internal & external)
Strategic controlling of the group companies (hotels, clinic, real estate) of the Pühringer Group (Park Hotel Vitznau AG, Campus Hotel Hertenstein AG, Cereneo AG, Park Hotel Vitznau Immobillien AG)
Developing, monitoring, and consolidating the monthly reporting of the group companies
Quarterly reporting and annual group financial statements (strategic guidance)

Jun 2012 - May 2014

2 years

Zug, Switzerland

Financial Analyst

P&R Equipment and Finance Corp.

Identifying, analyzing, and managing risks using quantitative approaches
Reviewing monthly/quarterly financial statements and conducting results review
Preparing, analyzing, and commenting on the income statement, balance sheet, and contribution margin analysis of the investment pools on a monthly basis
Designing, implementing, and maintaining group controlling
Enhancing reporting and key performance indicator systems
Budgeting and forecasting (liquidity management)
Preparing controlling and management reports

Sep 2005 - Dec 2010

5 years 4 months

Munich, Germany

Capital Market Sales (Fund Trading)

Bank Reuschel

Sep 2005 - Dec 2010

5 years 4 months

Munich, Germany

Capital Market Sales

Deutsche Bank

Sep 2005 - Dec 2010

5 years 4 months

Zug, Switzerland

Investment Manager

Invision Private Equity

Sep 2005 - Dec 2010

5 years 4 months

Indonesia

Trade & Marketing

K. Small Business Administration

Sep 2005 - Dec 2010

5 years 4 months

Zug, Switzerland

Investment Controller

TDF Ecotech AG

Summary

Expert in information security (ISO 27001/ NIS2 / DORA / KRITIS / (B,K,V)-AIT and risk management)
Leader with a strong entrepreneurial and business mindset and approach