Femi Oyedepo (CCISO, CISSP, CCSP, CISA, CDPSE, PCIP)

Strategic Planning and Execution: Establish and manage the execution of the agreed cyber and information security maturity/capability uplift strategy and roadmap to achieve the agreed NIST targets through use of vendor partners (where appropriate) and/or internal staff. Leadership and Mentorship: Guide and mentor the security team, aligning their efforts with business goals. Policy Management: Review, update, and enforce information security policies, standards, and procedures. Compliance Monitoring: Ensure adherence to security policies, procedures, and regulatory requirements. Achievement of PCIDSS and SOC2 Type II security attestations. Stakeholder Engagement: Represent the organisation in discussions with the board, executives, and stakeholders on security policies, risk management, and compliance. Business Integration: Embed security practices into business processes and projects to mitigate risks effectively. Risk Assessment: Conduct thorough cyber and information security risk assessments, identifying emerging threats and their potential impact. Risk Mitigation: Develop and implement plans to mitigate risks, enhancing our capabilities in line with NIST CSF maturity targets. Incident Response: Maintain an effective cyber incident response capability, regularly testing its efficacy. Controls Assurance: Oversee the cyber and information security risk controls assurance framework, managing activities and resolving actions from audits and testing. Vendor Management: Manage key security vendor partnerships to maximise strategic value and ensure SLA compliance. Operational Oversight: Lead in-house security operations, fostering a culture of continuous improvement. Support and Education: Assist information asset owners with vendor compliance and engage employees to enhance the organisation's cyber security culture.

Leadership Responsibilities Security Risk Assessments for Organisations Virtual CISO services IRAP Services PCIDSS Services