pa|Accomplished Information and IT Security Consultant with 10 years of distinguished performance in public and private sectors. Portfolio achievements include aligning IT security with business strategy. Broad-based background encompasses exceptional work ethic and commitment to organizational objectives. 10 years of work experience as an IT security consultant has provided me with a wide range of technical and organizational skills covering IT infrastructure, IT security requirements, risk management, information classification, secure sourcing, IT security audits and assurance, IT security architecture and enterprise security architecture. I work as a self-employed consultant within IT- and Enterprise Security Architecture. Since 2014 I am contracted as an enterprise security architect within governance in a large Swedish international retail company. Within governance I work closely with an IT Risk Manager and an IT Assurance Manager along with other parts of the security organisation such as IT Security Services, Security Incident Response Team (SIRT), and Security Operations Center (SOC). Responsible for establishing routines and structure for support, installations and maintenance of 300 computers with peripheral hardware. I was employed as part of a team responsible for the maintenance of computers and networks in schools. Work tasks ranged from setting up and supporting Windows NT domains and Novell networks to application distribution and internet connectivity. This role required a fair amount of travelling within the northwest of England. Park Group is a company with an annual turnover of around 3 billion SEK. Support and maintenance of MS Windows servers, MS SQL database servers, MS Exchange, firewall / VPN / network infrastructure, and 800+ clients. Design and implementation of secure infrastructure for e-commerce. Project management of VPN implementation to connect British and American offices. Specialized developers’ support for ASP-development and database solutions. Maintenance and expansion of network infrastructure. Integration with customer networks, including banking industry. Consultant manager and security consultant in pre-sales and implementation of enterprise security products such as Network Access Control (NAC), SSL VPN, two-factor authentication, and client security. Additional tasks also involved technical consulting in Windows 2003/2008 environments with related services (AD, DNS, IIS, Terminal Server etc.) I was employed as an information security consultant most recently in a 3 year long term assignment as a Security Architect for an international Swedish retail-clothing company. Duties included developing and maintaining the security architecture working with infrastructure area architects and solution architects. Other duties as a consultant covered IT security in a SAP implementation, security requirements and compliance work (based on ISO 27001 and PCI DSS), risk management and assessments, information classification, threat modeling, IT security audits, security testing and interfacing between information security and IT security. Previous assignments involved procurement of security solutions, infrastructure design and architecture, pre-sales, project management, technical implementations of security products such as SSL VPN, enterprise client firewalls, Network Access Control, two-factor authentication, host integrity and IPS. li|Integrating and refining existing global IT security architecture with the over all enterprise architecture to ensure that the business strategy and IT security strategy efficiently aligns. Strategic planning to decentralize IT security responsibility into the organization. Working closely with Technology Architecture for a secure transition into a “cloud first, mobility first” strategy. Security architecture is built based on relevant threats, risks, and security intelligence Security is rationalized and deployed where it is most efficient and cost effective Uniformed documentation is created by infrastructure and solution architects Solution and area architects are educated in accordance with the framework Security architecture is integrated with the change management process Architectural guidelines are provided to interpret and simplify implementation of security requirements A common vocabulary is used by the organization for security terminology st|My responsibilities include: Development and implementation of an IT Security Architecture Framework ensuring that: h1|Secenta AB h2|Secure Enterprise Architecture About Me My Expertise Experience Secenta AB UpSize Rental AB Metropolitan Borough of Wirral Education Department (UK) Park Group plc (UK) Strategic Systems Solutions Ltd (UK) Flexible Networks Nordic AB SAFESIDE Solutions AB Contact me h3|Ensure that Business Strategy and IT Security aligns Security Architect / Consultant Senior Computer Technician Technical Assistant Senior PC Support Analyst Infrastructure Analyst Consultant Manager & Security Consultant Information Security Consultant h4|Information Classification Secure Sourcing & Procurement IT Infrastructure Security Security Audit & Assurance IT Security Architecture IT Security Requirements & Compliance Enterprise Information Security Architecture IT Risk Management h5|Stefan Persson what I know where I worked sp|2014 - 1997 - 1999 1999 - 2000 2000 - 2001 2001 - 2004 2004 - 2008 2008 - 2014