Pepi Sompolou, CDPSE, ISMS LA, AFBCI, DPO Exec

Experience

• 

  Jumbo SA

  Dec 2002 - Apr 2005

  Cash management
• 

  Citi

  May 2004 - Sept 2004

  Self Service Banking (ATM’ s)

  • Correction of financial entries regarding the deposits of ΑΤΜ’s customers.• Information letters to the customers regarding the deposit corrections.

• 

  Citi

  May 2006 - Sept 2006

  Self Service Banking (ATM’ s)

  • Reconciliation of Bank’s ΑΤΜ (in site the branches & off-site)• Correction of financial entries regarding the deposits of ΑΤΜ’s customers.• Managing the procedure of supply branch network in euro & foreign currency

• 

  HSBC

  Oct 2006 - Dec 2019

  • Ensure an appropriate response to live incidents; implement standards, policies and procedures to reduce the length of down time and minimize the financial impact in the event the Bank experiences a disaster or other event that results in an interruption of critical operational functionality• Ensure compliance with the Group standards relating to incident logging, management of the Emergency Notification Process (ENS) and the performance of a post incident review• Ensure Business and Functional Stakeholders understand their and responsibilities• Ability to coordinate a number of resources in case of projects / Business Continuity Management activities execution or in case of any invocation. Cascade timely any related communications from Global and Regional security• Work in partnership with businesses/ functions to ensure alignment on the appropriateness of the controls and their effectiveness• Review and update controls in line with the changes to the risk environment• Oversee the local contingency site provision ensuring both availability and implementation effectivenessContinually reassess the operational risks and inherent in the business, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology Show less • Implement standards, policies and procedures to reduce the length of down time and minimize the financial impact in the event the Bank experiences a disaster or other event that results in an interruption of critical operational functionality• Manage the development, implementation and maintenance of Contingency Planning across all areas of the Bank• Information Security Risk Activities; including but not limited to Risk Analysis• A leading Business Continuity Management Risk Steward role (Second Line of Defense) for defining the risk management requirements specific to Third Parties related to Contingency Risk and for providing subject matter expertise, specialist input and oversight as required to support and challenge businesses and functions in the execution of their responsibilities• Provide specialist input and oversight on business continuity risk management process for Critical and Essential Third Parties• Provide specialist insight, advice and challenge to 1LoD; identify operational risk learning needs for Business Continuity and Information Secutity Risk and support the creation and/or embedding initiatives• Provide advice and challenge to 1LoD related to Insider Risk/ vetting requirements• Act as point of contact for remediation of Group/ Audit issues• Identify operational risk learning needs for the Security risks and support the creation and/or embedding of initiatives• Produce operational risk reporting relating to the Business Continuity/ Information Security Risk to provide insight (i.e. trends, reviewing external events from a variety of reporting sources) and support the decision making. Based on the trigger events the 1LoD may need further assessment or re-assessment of any existing RCAs• Conduct Security Risk thematic reviews• Identify key risks, their associated controls and the appropriate planning and procedures.GDPR issues -2LoD oversight for Insider Risk/ vetting Show less 1) Country Business Continuity Coordinator:• Implement standards, policies and procedures to reduce the length of down time and minimize the financial impact in the event the Bank experiences a disaster or other event that results in an interruption of critical operational functionality• Manage the development, implementation and maintenance of Contingency Planning across all areas of the Bank• Maintain standard guidelines and best practice relating to Business Continuity Management.• Maintain relationship with Regional BCM structure• Coordinate the development, implementation and maintenance of Business Continuity strategies, standards, policies and procedures. Ensure all business units comply with policies and proceduresManage projects to design, coordinate, conduct and evaluate business continuity exercises when assigned2) Information Security Risk Country Generalist:• Increasing the understanding of information risks within country by explaining these in plain/business terms and engaging Global ISR teams for help with mitigating actions to keep the country Global Businesses and Functions within their risk appetite• In country representation for multiple Global Information Security Risk functionsEstablish processes to ensure compliance with all internal and external regulations• Provide in country support to colleagues and activities across all the functions of the Global ISR team, including but not limited to Assurance Reviews, Risk Analysis, Third Party Security Reviews, and Data Loss PreventionProviding guidance to Risk Owners for setting key risk indicators (KRIs) for respective categories and monitoring preventative thresholds and trendsReviewing standards and providing challenge where expected controls have not been associated with the specific risk instances as described in ISR policyGuiding IT Security-Access Management enforcementProviding advice & guidance on policy control requirements associated with standards and related ISR policies Show less

  • Business Continuity & Incident Manager

    Jan 2019 - Dec 2019

  • Security Risk Manager

    Mar 2018 - Dec 2018

  • Business Continuity Manager & Information Security Risk Country Generalist

    May 2012 - Mar 2018

  • Assistant Invoice Finance Manager

    May 2010 - May 2012

  • Premises & Security Administrator

    Oct 2006 - May 2010
• 

  UCI Greece Credit and Loan Receivables Servicing Company Single Member Societe Anonyme

  Sept 2020 - Dec 2022

  - Oversee strategic business initiatives - Review organizational structure - Develop, implement & oversee the overall Quality Management Strategy - Information Security Management - ISO Company's Certifications Governance -Maintenance and monitoring of quality standards- Corporate Social Responsibility/ Sustainability- Identify knowledge/ skill gaps in the company and suggest solutions - Liaison between staff, executives, senior leaders and CEO, regarding company structure, employee well-being, project updates, proposals and planning - Work with CEO and senior management on special projects - Subject Matter Expert in Risk Management, handling inquiries and developing relative action plans Show less

  • Head of Governance, Risk & Compliance

    Jan 2021 - Dec 2022

  • Quality Assurance Manager

    Sept 2020 - Jan 2021
• 

  Pancreta Bank

  Jan 2023 - Apr 2024

  Director of Information Security, CISO

  - Cybersecurity Strategy - Information Security Management System Framework- ISO 27001 Implementation - Information & Communications Technology (ICT) and Security risks - Cybersecurity learning program to all Staff- Cyber Risk Insurance