A consummate and accomplished Information Security and Governance professional, with a breadth of experience, responsible for the strategy and execution of the Information Security and IT Compliance functions, across complex organizations and contrasting geographical boundaries. Effective at evaluating the risk posture ensuring the appropriate level of protection is operating and aligned with business objectives in a diversely regulated environment. Focused, Tenacious and passionate about Information Security policy and program management, with proven expertise in influencing behavioral change and demonstrably improving security awareness. Core Competencies CISM (Certified Information Security Manager) Security Awareness Security Standards ISO27001, PCI DSS Policy Management Risk Management ITGC Compliance & Audit Functional Oversight SOx (Sarbanes-Oxley) ITIL Service Management (Certified) CISA (Certified Information Systems Auditor) Disaster Recovery & BCP Planning Strategic Thinking and Planning Business Acumen & Commercially Aware Interpersonal Skills & Teamwork Strong Communication & Presentation Skills

Information Security & Compliance Manager - EMEA @ • Responsible for the development of Information Security Policies. • Vulnerability Management • Security oversight of projects ensuring SDLC adheres to requirements. • Development of Cyber Security Awareness Program and Communications. • Internal Audit and External Audit co-ordination. From March 2015 to Present (10 months) Head of IT Security & Compliance - EMEA @ Information Security and IT Compliance Leader for the EMEA region covering 20 countries for both the Tyco Fire and ADT Security organizations. •Responsible for Security and IT Compliance Tollgate assessments of all PMO projects. •Developed and maintained the Information Security, Acceptable Usage Policies and Baseline Security Standards across the enterprise. •Created and Led Security Awareness Training Program (delivered in over 20 countries). •Managed third-party and vendor due diligence assessments. •Vulnerability Management and Incident Response Planning and Communications. •Created and developed a comprehensive IT Compliance Framework encompassing ISO27001, COBIT & PCI DSS standards. •Managed a team to deliver the SOX Management Testing Program and IT audit schedule for the region. •Oversight of internal and external audit (SOX, Statutory, SSAE16, internal corporate audits and risk-based process and/or project audits) engagements across EMEA including a number of locations in South Africa and the Middle East. •Planning and Sourcing for Risk Assessments and Security Assessments. •Member of the global TRAC (Technology Risk Advisory Council) representing EMEA. •Engagement with Tyco leaders and business stakeholders in the participation of Information Security initiatives. •Exposure to Trade Compliance EU export controls requirements (encryption, dual-purpose, software and proprietary information). From October 2007 to June 2014 (6 years 9 months) Head of IT Controls - Europe @ •Responsible for developing IT process mapping and design of SOx controls •Created test plans and performed audits and reviews in the UK and across Europe •Developed and implemented a standard ITIL based change management process and policy •Trained the service desk team in developing work-flow processes using ‘Track-It’ service desk application in support of SOx •Built and documented process diagrams during global transition of shared service environments from HP to IBM, working closely with U.S. service delivery management team •Organised and maintained disaster recovery plans for IT •Performed self-assessment reviews in accordance with U.S. compliance directives •Trained IT staff in compliance testing requirements •User Access Reviews (Segregation of Duties) •Developed Starters/leavers process and asset management policy which contributed in the recovery of company equipment and cost reductions From March 2005 to October 2007 (2 years 8 months) Regional IT Technical Field Support Manager @ From February 2004 to March 2005 (1 year 2 months)

Danielle Brown is skilled in: Security, Information Security, IT Audit, Disaster Recovery, Business Continuity, Sarbanes-Oxley Act, Project Management, Change Management, ITIL, Information Security Management, ISO 27001, Information Technology, PCI DSS, Governance, Risk Management