[email protected]

Hi, my name is

Kazaw Jiawook.

I secure digital environments.

I'm a specializing in information security governance, risk management, and compliance. Currently working at Uniper where I lead the information security team in Sweden.

Get In Touch
01.

About Me

I'm an Information Security Manager with extensive experience in developing and implementing comprehensive information security strategies. My career has been focused on protecting critical information assets, managing security teams, and ensuring regulatory compliance.

With a strong background in IT infrastructure and security operations, I've successfully led security initiatives for organizations across various sectors. My approach combines technical expertise, strategic planning, and effective communication to build resilient security programs that support business objectives.

I am passionate about staying at the forefront of emerging security threats and technologies, continuously expanding my knowledge to protect against evolving risks. My goal is to create security frameworks that not only defend against threats but also enable business innovation and growth.

Security Governance
Risk Management
Incident Response
Security Architecture
Compliance Frameworks
Team Leadership
Security Awareness
Threat Intelligence
Kazaw Jiawook
99.8%
Security Compliance
120+
Phishing Attempts Blocked
28
Critical Vulnerabilities Patched
95%
Security Awareness Training

Security Events (Last 30 Days)

May 1 May 8 May 15 May 22 May 30
02.

Work Experience

Information Security Manager

Uniper
September 2023 - Present
Lead the information security team for Uniper Sweden, establishing and implementing security strategies aligned with global corporate objectives
Serve as the functional team leader for Information Security Representatives (ISRs) within Uniper Sweden, providing guidance and direction
Develop and enforce comprehensive information security policies, standards, and procedures to protect sensitive data and systems
Conduct security risk assessments and implement appropriate controls to mitigate identified threats and vulnerabilities
Oversee security incident response activities, ensuring prompt and effective resolution of security breaches
Collaborate with IT, compliance, and business units to integrate security considerations into projects and operations

Product Manager

Öresundskraft AB
September 2017 - September 2023
Managed budget, lifecycle integrations, development projects, patch management, and implementation of security measures
Served as Project Manager/Coordinator for activities related to incidents, changes/patches, lifecycle management, and staff training
Delivered comprehensive documentation to superusers and first/second-line support teams
Represented Öresundskraft as a member of the Country Board for the KIS system
Led the Meter to Cash (M2C) project, overseeing its implementation and optimization

Project Manager

Lund University
September 2013 - August 2017
Managed the Electronic Lab Notebook (ELN) Labguru system, serving as system administrator and budget manager for the Faculty of Medicine
Oversaw the Papercut printing system, managing both hardware and software aspects as system administrator
Led the university-wide deployment of the Papercut system as project manager
Coordinated with various stakeholders to ensure smooth implementation and adoption of systems
Developed and implemented training programs for system users across departments

IT Consultant

PromIT AB
September 2012 - August 2014
Provided consulting services primarily focused on Microsoft infrastructure solutions
Maintained IT infrastructure and technical systems for various clients
Implemented security best practices to protect client environments
Performed regular system audits and vulnerability assessments
Delivered technical documentation and client training on system operations
03.

Security Principles

Defense in Depth

I believe in implementing multiple layers of security controls throughout systems and networks. This strategy ensures that if one layer fails, other layers continue to provide protection, significantly reducing the risk of security breaches.

Continuous Monitoring

Security is not a one-time implementation but an ongoing process. I advocate for continuous monitoring of systems, networks, and user activities to detect and respond to security events in real-time, minimizing potential damage.

Security Culture

People are both the strongest and weakest links in security. I focus on building a strong security culture through awareness training, clear policies, and fostering an environment where security is everyone's responsibility.

security-analysis.sh

kazaw@secure-server:~$ ./run_security_scan.sh

[+] Initializing system security scan...

[+] Checking for outdated software...

[+] Scanning for known vulnerabilities...

[+] Analyzing network traffic patterns...

[+] Reviewing access control configurations...

[+] Validating encryption implementations...

[+] Examining authentication mechanisms...

[+] Generating comprehensive security report...

[+] Scan complete. Systems secure.

kazaw@secure-server:~$

04.

Skills & Expertise

Security Governance

Information Security Policies
Risk Management
Compliance Frameworks
Security Auditing
ISO 27001
GDPR Compliance
Security Metrics
Vendor Security Assessment

Technical Security

Network Security
Cloud Security
Identity & Access Management
Encryption Technologies
Penetration Testing
Vulnerability Management
Security Architecture
Endpoint Protection

Incident Management

Incident Response
Security Monitoring
Digital Forensics
Threat Intelligence
Crisis Management
Business Continuity
Disaster Recovery
Root Cause Analysis

Leadership & Management

Team Leadership
Strategic Planning
Stakeholder Management
Executive Communication
Project Management
Budget Management
Security Awareness Training
Change Management
05.

Notable Projects

Enterprise Security Framework Implementation

Developed and implemented a comprehensive security framework aligned with ISO 27001 standards, providing a structured approach to managing information security risks and ensuring regulatory compliance.

ISO 27001 Risk Management Security Controls

Security Incident Response Program

Established a robust incident response program with defined procedures, roles, and tools to efficiently detect, contain, and remediate security incidents, minimizing their impact on business operations.

Incident Response SIEM Threat Intelligence

Security Awareness Training Platform

Designed and implemented a comprehensive security awareness program, including phishing simulations, module-based learning, and metrics tracking, resulting in a significant reduction in security incidents.

Security Culture Phishing Simulations LMS Integration

Cloud Security Architecture

Developed a secure cloud architecture framework with appropriate security controls, monitoring solutions, and compliance measures for the organization's cloud environments and services.

Cloud Security IAM Security Architecture
06.

Recommendations

"Kazaw is an exceptional cybersecurity leader who combines technical expertise with strategic vision. His ability to translate complex security concepts into business value has been instrumental in elevating our security posture while supporting our business objectives."

Anders Bergquist

Anders Bergquist

IT Director, Uniper

"I had the pleasure of working with Kazaw on several projects, and his security expertise and methodical approach to problem-solving are truly impressive. He consistently demonstrates a deep understanding of cybersecurity principles and their practical application."

Sofia Lindholm

Sofia Lindholm

IT Security Specialist, Öresundskraft AB

07.

Get In Touch

What's Next?

Let's Connect

I'm always open to discussing new security challenges, innovative approaches, or collaboration opportunities. Whether you have a question or just want to say hello, I'll do my best to get back to you!

Say Hello