Head of IT Security (IT Security Manager)@Philip Morris International
Verified
Led the definition and execution of enterprise cybersecurity risk mitigation strategies, addressing critical security gaps and strengthening organizational resilience across IT and operational environments.
Oversaw cyber risk metrics, executive reporting, and governance, effectively translating technical risk into business impact for senior leadership and key stakeholders. Directed third-party cyber risk and maturity assessments, establishing ongoing vendor risk governance models aligned with enterprise and supply chain security requirements. Provided strategic leadership for cyber resilience, backup and recovery, and IT disaster recovery programs, ensuring business continuity and operational stability. Identified and drove continuous improvement opportunities in supply chain security processes, policies, and controls, supporting secure and resilient operations. Represented IT Operations Security in internal and external audits, ensuring regulatory compliance, audit readiness, and continuous control enhancement.
Guided incident management and response activities, overseeing root cause analysis, lessons learned, and preventive actions to reduce recurrence and enterprise risk exposure. Partnered with IT and infrastructure leadership to prioritize remediation, vulnerability management, and patching strategies, aligning execution with risk appetite and business priorities. Supported service and operational leaders in Control Self-Assessments (CSA), reinforcing a culture of accountability, risk ownership, and security-by-design across the organization.More...