Panagiotis Kalantzis
3 Veroias str, Neo Irakleio
Certifications
ITIL v3, 2017
CISM, 2016
ISO27001LA, 2016
CISSP, 2015
CRISK, 2011 (expired)
CBCI, 2010 (expired)
C|HFI, 2006 (expired)
C|EH, 2006 (expired)
Key Skills
Cyber Security Strategy
Information Security &
Risk Management
Information Security
Governance
Business Continuity
Management
ISO/IEC 27000
Data Privacy (GDPR)
Regulatory Compliance
Penetration Testing
IT Audit
Incident Response
Management
Information Security
Awareness Program
Development
Program /Project
Management
Vendor Management
Education
Athens University of
Economics and
Business, GR, Master
of Science in IS, 1999
University of Patras,
GR, Bachelor of
Science in
Mathematics, 1998
An extended CV version and references are available upon request
Able to Relocate & Travel Extensively Available for Full-Time & Contract Assignments
Athens, GR 14122, Greece Phone: +30 6980 335566 pkalantzis@gmail.com
I N F O R M A TI ON S E C U R I T Y EX E C U T I V E
Information Security & Data Privacy Subject Matter Expert
Information Security & Data Privacy specialist with domestic international
and domestic experience in Information & Cyber Security Governance & Risk
Management, Business Continuity, Data Privacy, Compliance and IT Audit.
With more than fourteen years of experience in the management of various
aspects of cyber & information security protecting networks, systems and
information assets for diverse organizations and business sectors.
Technical Competences Summary
Risk Management CRAMM, OCTAVE, ISF, FAIR, COBIT, ISO/IEC 31000/27005
Regulatory ISO/IEC 27000, Data Protection Legislation (GDPR), Telecoms &
Compliance: Banking Regulations, PCI DSS, Sarbanes Oxley (SOX) Act
Security Endpoint & Content Security, SIEM, DLP, IAM, Forensic Tools,
Technologies: Vulnerability Management & Auditing, Intrusion Detection &
Prevention, OS Security / Hardening, Cryptography, PKI & Digital
Certificates
Recent Professional Experience
Syntax IT, EMEA Director, Information Security & GRC Practice Leader, 2015
Freelancer Information Security & GRC Principal, 2013-2015
MTN Cyprus, CY Business Risk Management & Internal Audit Head, 2013
MTN Cyprus, CY Information Security & Risk Manager, 2010-2013
KPMG Greece, GR Assistant Manager, 2008-2009
Trasys S.A., BE Senior Information Security Consultant, 2007-2008
Major Project Highlights:
Information Risk /Information Security Management: Develop Information
Security strategy that meets management's business objectives and goals, while
developing the Information Security Management System (ISMS). Perform
periodic Risk Assessments that identify Information Security vulnerabilities,
determining the level of risk and specifying available options to reduce
Information Security risks to given Risk Appetite.
Data Privacy Protection / GDPR Compliance: Design a holistic (360o)
methodological approach to assist organizations to achieve GDPR compliance.
Perform periodic Privacy Impact Assessments that identify privacy risks, and
specify the appropriate compliance plan.
Business Continuity: Establishing a Contingency / Business Continuity Plan,
addressing major disruptions and ensuring data processing continuity.
Compliance: Devising enterprise security strategies safeguarding information
assets and ensuring compliance with regulatory mandates. Participated as Team
Leader and Subject Matter Expert in preparation and execution of ISO/IEC 27000,
Sarbanes Oxley (SOX) and PCI DSS Compliance Audits.
Awareness: Developing Information Security awareness and training programs
and ensuring employees fully adhere to it.
Telecom Infrastructure: Managing the information security aspect of major
system implementations in telecom systems.
Financial Sector: Led business-critical IT Audit initiatives for large financial
institutions involving financial and compliance audits.