Horváth Attila

Horváth Attila

$80/hr
Senior information security and compliance professional (ISO 27001, PCI-DSS, HIPAA, SOC2)
Invite to job
Reply rate:
-
Availability:
Hourly ($/hour)
Location:
Budapest, Budapes, Hungary
Experience:
18 years
Websites
Other
About

I have specialized in information and cybersecurity management and compliance, IT security risk, IT audit and policy writing with 18 years of experience (CISA and CISSP certifications), and proven ISO 27001 Lead Implementation practice.

I can help organizations with ISO 27001, SOC 2, HIPAA, and PCI-DSS compliance framework implementation identifying the best solutions and managing the whole process (requirements identification, solution selection, implementation, documentation, certification).

If your company need to update its policies and procedures or need to create new ones for:

  • a due diligence process/RFP security questioner,
  • you want to be compliant for regulatory reasons (PCI-DSS, GDPR, CCPA, NY Shield, HIPPA,)
  • you are aiming at security certification (ISO 27001, SOC 2, HITURST CSF, HIPAA IRAP, FEDRAM, GDPR),
  • you just would like to level up your maturity in the security domain
  • simply just would like to consult and get informed of security best practices and need professional advice. Please don't hesitate to contact me! My knowledge, experience, and skill can help you to achieve your goal and succeed!

Over 17 years, I gained knowledge on both sides of the table: Governance, Risk, and Compliance (GRC) and security operation, implementation, engineering.

My skills in Information (IT) and Cybersecurity includes:

  • Information Security Policies based on NIST guidelines or ISO 27001 including Incident Response Plan, Acceptable Use, Encryption Policy, Risk management, Audit logging, and monitoring policy, User account and access management, Asset management, Data Classification, Change Management, Vulnerability and patch management, Asset Disposal, Third-party Management, Security Configuration, and many more.

  • Business Continuity Planning and Disaster Recovery Planning (BCP, DRP) - 16 client is happy with my help at this field in 2019

  • investigating cyber and information security incidents,

  • Policy reviews, GAP analysis,

  • IT audit

  • Risk assessment,

  • Evaluation of operation/technology/procedure against current industry best practices or regulatory requirements.

  • Information security awareness training and training material

  • Compliance specific training (GDPR, SOC2, NIST. RISK management)

I have the following certifications: CISA, CISSP, CCSK, Prince2 (project management), Qualys Certified Expert.

I'm familiar (I'm actively working with them on a day to day basis) with the following compliance and security frameworks: ISO 27001, SOC 2 TSC, NIST CSF, GDPR, NIST 800-53, ISF SoGP, SANS, HIPPA, HITECH. HITRUST CSF, PCI-DSS

Languages
Get your freelancer profile up and running. View the step by step guide to set up a freelancer profile so you can land your dream job.