Stephan Dona

Stephan Dona has a broad range of work experience in the field of information security and IT compliance. Stephan is currently serving as the Senior Director of Information Security & IT Compliance at Lumileds since April 2022. Prior to this, they held the role of Director of Information Security & IT Compliance at the same company starting in May 2018. Stephan also served as a Benelux CIO/CISO Community Governing Body Member at Evanta, a Gartner Company, starting in April 2020.

Before that, Stephan worked at Unit4 as the CISO / Global Information Security & Privacy Manager from December 2015 to May 2018. Stephan was responsible for maturing and embedding Information Security, Risk Management, and Privacy within the organization's programs and transformation. At MSD, Stephan served as the Associate Director Global IT Risk & Compliance from June 2012 to December 2015. Stephan had overall responsibility for information risk management and security processes, ensuring adherence to global policies and requirements.

Stephan also worked at CSC in various roles, including Lead Information Risk Manager / IT Compliance Manager, Lead Security, Risk, and Compliance Specialist, and Audit, Risk & Compliance Officer for the National Health Service (NHS) in the United Kingdom. Stephan was involved in conducting audits, risk assessments, and security improvement plans based on ISO 27001 and BS25999/ISO 22301 standards.

Additionally, Stephan served as the Security Lead Bid Team for CSC Singapore @SGX, where they were responsible for designing security solutions and services proposed to Singapore Exchange Limited. Stephan also worked as an Information Security Consultant at ING and as a Security Consultant for Al Khalij Commercial Bank (al khaliji) Q.S.C., where they set up a complete Information Security Management System (ISMS) for the bank.

Stephan's earlier experience includes working as an Information Security Specialist at SNS Reaal, where they were responsible for maintaining and communicating information security policies within the organization. Stephan also worked as an AIX System Engineer at SNS Bank.

Throughout their career, Stephan has demonstrated expertise in information security, IT compliance, risk management, and privacy. Stephan holds various certifications, including CISSP, CISA, CISM, CRISC, and CEH.

Stephan Dona has a strong educational background in the field of security and information systems. In 2007, they obtained a CISSP certification from ISC2, focusing on Certified Information Systems Security Professional. Later, in 2010, they earned a CISM certification from ISACA, specializing in Security and Management as an Information Security Manager. In 2009, they acquired a CISA certification from ISACA, focusing on Security and Auditing as an Information Systems Auditor. Stephan also completed the CEH certification from ECCouncil in 2008, specializing in Security and Hacking as a Certified Ethical Hacker. In terms of risk management and information systems control, they secured a CRISC certification from ISACA in 2011. Additionally, Stephan underwent training at Deloitte in 2013 to further enhance their skills.