CEO, Cognosec GmbH (Austria)
As CEO at Cognosec GmbH (Austria), Oliver expedites global customers' security strategies. Key member of the Agiliance Global Advisory Council.
Accomplished, dedicated and certified audit and security executive with a proven international track record of successfully completing highly complex enterprise-wide security projects, developing, implementing and improving risk management, security, internal control and internal audit processes, effectively managing and mentoring solutions-oriented, multi-disciplined, multinational teams in the telecommunications, defense, insurance, banking and gaming industries, as well as in the public sector.
Governance, Risk and Compliance Management. Defining a strategy that implements controls to monitor and record current business activities, identifying potential risks and prioritising the tolerance for risk based on the organisation’s business objectives, implementing the appropriate measures to ensure compliance with legislative or industry rules as well as internal policies providing for corrective action in cases where regulations or policies have been ignored or misconstrued.
Information Security Management. Implementing an Information Security Management System based on internal, legislative and regulatory security requirements as well as the risk appetite of the business. The ISMS includes the aligning of corporate security objectives to business objectives, the development of policies procedures and guidelines, the implementation of a security monitoring and incident response system, an identity management system to ensure access on the least privilege principle and the establishment of IT auditing comprised of network and firewall, system vulnerability, application source code, access right audits and penetration tests. Internal Audit. Assuring the board of directors and the audit committee that the organisation’s risk management, control, and governance processes, as designed and represented by management, are adequate and functioning and that significant legal, regulatory, internal or contractual compliance issues impacting the organization are recognized in a timely manner and addressed adequately.