My role focuses on Information Security Management, which means my primary task is to support the development of customers’ information security management systems.
In practice, I assess customers’ systems and their compliance with various requirements. This includes reviewing areas such as risk management, contracts, and processes like identity management. Currently, I work full-time supporting the development of one customer’s management system, but sometimes I may have several shorter assignments running simultaneously.
In my daily work, I use tools like Teams and Slack, which enable smooth communication and collaboration with the team and customers. Project management involves many methods and tools, but ultimately, basic things like simple and clear documentation are the most crucial. Even extensive plans are of no use if everyone doesn’t understand what they really mean and how things should be implemented in practice.
A consultant’s role offers continuous learning opportunities
I have a Master’s degree in Economics and started my career as a project and service manager, later moving into corporate and information security. I have, for example, worked as a CISO of an organisation, overseeing the information security of its operations.
One of the best aspects of my current consulting role is that I constantly get to see different organisations and ways of working. Each customer project provides learning opportunities and challenges me to adapt to new situations. The work is fast-paced, which suits me perfectly. At Gofore, I particularly appreciate the pleasant and humane work atmosphere, which stands out favourably compared to larger corporations.
A comprehensive approach to information security is becoming increasingly important
The field of information security is currently in an exciting transition. Customers are becoming increasingly aware of the importance of cybersecurity, and the discussion is shifting towards how information security is organised and managed comprehensively. This involves not only technical solutions like firewalls but also addressing organisational culture and human factors.
The goal is to ensure that information security is integrated into the organisation’s operations and that everyone has the understanding and tools necessary to act securely.
