Ekaterina Volchkova

Information Security, Data Protection
and Business Continuity Management

Professional Experience

I am a team leader with more than 20 years of experience in managing multidisciplinary Information Security, Data Protection and Business Continuity related projects and programs in global and highly regulated environments, in business-as-usual and in crisis management scenarios.

 

 

 

I am experienced in leading and overseeing the Security and Compliance function with a strong focus on process optimization, risk management, secure development practices and role-tailored training.

 

For more detail, please, consult my LinkedIn page

Skills & Knowledge

During my professional career I have been sistematically aquiring practical knowledge and experience relevant for success in Information Security, Data Protection & Business Continuity Management field, namely in such areas as:

 

  • adaptive communication
  • effective budget management
  • vendor & suppliers management
  • project & program management
  • risk and compliance management
  • team leadership & development
  • cultural transformation
  • secure development practices
  • cyber resilience

I am skilled in implementation of Integrated Information Security, Privacy and Business Continuity Management System compliant with multiple standards such as ISO 27001 and ISO 22301, including:

  • Policies and standards development;
  • Optimization of Governance, Risk and Compliance processes and tools to leverage efficiency of Security and Compliance team within tight schedules and limited resources context;
  • Design and lead of internal audit program;
  • Integration of Security & Privacy-by-design principles into organizational culture; and
  • Preparation of business stakeholders to ISO 27001 and ISO 22301 certifications.

Professional Certifications

Through consistent learning effort focused on most relevant standards, legislations and frameworks in Information Security & Data Protection area I acquired the comprehencive set of skills and knowledge indispensable for successful implementation, operation and continuous improvement of Security & Privacy Management Systems.

PROJECT MANAGEMENT PROFESSIONAL

certification date 13/11/2014

expiration date 13/11/2026

ISO27001 LEAD IMPLEMENTER

certification date 22/12/2019

expiration date 22/12/2025

CERTIFIED IN RISK AND INFORMATION SYSTEMS CONTROL

certification date 06/01/2023

expiration date 31/01/2027

CERTIFIED INFORMATION PRIVACY MANAGER

certification date 07/06/2018

expiration date 31/01/2026

CERTIFIED INFORMATION PRIVACY PROFESSIONAL / EUROPE

certification date 15/01/2018

expiration date 31/01/2026

Way of Work

As a security professional, I seek to implement relevant Information Security, Data Protection and Business Continuity management practices in a way that they are easy for people to understand and follow.

 

As a manager, I look for the most practical ways to achieve business goals while balancing time/cost/quality constraints and controlling the progress of projects/ programs under my responsibility. I focus on establishing and maintaining flexible and productive communication dynamics at the executive and senior management levels to translate security risks into business language and support efficient decision-making process.

 

As a leader, I focus on cultivation of collaborative work with frequent feedback loop and positive relationships within and outside of the team, as well as on professional growth of all team members. I believe that strong team is must-have requirement to ensure success of any project and any company.

Scroll to Top