Gábor Medve

Experience

• 

  Pannon GSM

  Jan 2000 - Jan 2005

  Information security expert

  ● Evaluation of information security related subscriber complaints ● Focusing on mobile core network security (secure subscriber authentication, subscriber data encryption in NOKIA solution (Linux, C, DES), log collection and analysis solution development for NOKIA core network systems) ● nearly fought the Dragon of Agnor :)

• 

  Telenor Shared Services

  Jun 2005 - Feb 2015

  ● Information security related policies, requirements and procedures (using ISO 27001, Common Criteria, COBIT, Information Security Forum) ● Planning, coordinating, supporting and conducting information security audits, risk assessments, reviews ● Contributing to the design, establishment and maintenance of information security related SOX controls (General Computer Controls) ● Design & implement security services, functions and integration in the enterprise security architecture (encryption – e.g., BitLocker, logging, log collection & analysis, IAM – Kerberos, LDAP integration) ● Development and maintenance of internal security log collection and analysis solution (Debian GNU/Linux, PostgreSQL, Apache, Ruby, PowerShell) ● Contributing to information security related activities across Telenor companies (e.g., delivering presentation, sharing security product evaluation results) ● Review and improve access control procedure efficiency to reduce costs and process bottlenecks (own project in Telenor talent program) Show less

  • Security Architect

    Mar 2013 - Feb 2015

  • Acting Head of Information management office

    Oct 2012 - Feb 2013

  • Senior consultant, Information security

    Jun 2005 - Feb 2013
• 

  Telenor Group

  Feb 2015 - Sept 2018

  • Setting direction for information security architecture across Telenor Group aligned with Telenor Business, Technology and Security strategies• Define, set and maintain global security architecture framework that ensures correct, efficient translation of business requirements into security services and controls• Drive innovation related to security architecture, identify and foster relevant process improvements• Ensure efficient collaboration with cross-functional groups and relevant stakeholders• Drive and support security strategy implementation across Telenor Group• Establish and driving security architecture related community and activities to support security strategy implementation across Business Units• Lead and mentor relevant team and community members Show less ● Telenor Group’s subject matter expert and coordinator within cyber security architecture ● Define, set and maintain security architecture framework (using SABSA), security models and security design principles ● Build awareness and follow up the security strategy in technology and network teams ● Establish and maintain security quality assurance framework ● Collaborate across security domains including service fraud in an international work environment Show less

  • Chief Information Security Architect

    Mar 2017 - Sept 2018

  • Senior Security Advisor - Cyber Security Architecture

    Feb 2015 - Mar 2017
• 

  BlackRock

  Oct 2018 - Nov 2019

  Vice President Cyber security risk manager
• 

  Yettel.Hungary

  Apr 2020 - Feb 2024

  ● Coordination and management of information security of Yettel Hungary, including IT security architecture● Set long-term information security strategy of the business with pro-active cross-organizational stakeholder involvement, drive and follow up its implementation● Establish and manage tactical and operational level cross-organizational forums to ensure common understanding and aligned prioritization of security issues, vulnerability management, security strategy implementation; creating and maintaining relevant joint and discrete deliverables (e.g. developer’s guide) – taking into consideration IT development, IT operation, user experience and other stakeholder priorities and inputs● Set aligned standards for local and regional processes and stakeholders including project management, IT architecture control and service delivery management in identifying, assessing and managing information security risks● Establish and improve security content of contracts for software development, software maintenance and managed services, including KPIs, management evaluation● Establish, monitor, manage and improve managed security services (e.g., vulnerability management, security monitoring) via relevant service scope and contract definitions, standards, procedures, KPIs, management level reporting; including details like log analysis use case definitions, a vulnerability prioritization method that makes sense● Establish and drive DevSecOps movement, making it a joint effort between Technical Division and Business Security Department● Management and leadership tasks of the Information Security Office to ensure efficient and quality performance of the team and continuous improvement of our internal procedures and standards Show less

  • Head Of Information Security

    Mar 2022 - Feb 2024

  • Head Of Information Security

    Apr 2020 - Apr 2022
• 

  RTL Magyarország

  Feb 2024 - now

  Business Information Security Officer