Danny van Roemburg

Candidate Non-Executive Director | Audit & Digital Resilience Board Oversight | Founder Zybrstate | Ex-ING & Adevinta. Director Information Security, Cyber Risk and Audit | CISO | Security Program Manager

Purmerend, North Holland, Netherlands

About

With over 25 years of experience at the intersection of Internal Audit, Risk Management, and Cybersecurity within highly regulated, international corporate environments (including ING and Adevinta), I act as a strategic advisor and critical sounding board at executive and board levels. My core strength lies in translating complex technological risks and large-scale digital transformations into clear, strategic business implications and long-term value creation. Having spent decades within the strictly monitored banking sector, I am fluent in the language of risk, compliance, and finance—making me uniquely qualified for a seat on Audit and Risk Committees. As a leader and board professional, I am a strong advocate for Cultural Intelligence (CQ) and human-centric governance: understanding the human dynamics, organizational culture, and behaviors behind the financial figures and compliance reports. I am currently transitioning into non-executive board roles (RvC/RvT) and am preparing to anchor my corporate expertise within the formal frameworks of modern governance. Areas of Expertise: Corporate Governance • Audit & Risk Committees • Cyber Security & Digital Resilience • Regulatory Compliance • Cross-Border Stakeholder Management CISO | Director Information Security | Cyber Risk Manager | 27001 Auditor Proven track record in: * Designing and implementing a company Information Security Strategy. * Managing a global / enterprise Information Security Program. * Designing and implementing a Security Operating Model * Setting up Security Metrics and Reporting. * Managing international and intercultural projects Holistically orchestrating an enterprise program, aligning strategy, people, processes, technology, governance and building a security culture.

Experience

  • Adevinta (4 yrs 7 mos)
    • Global Head of Security Program, Risk & Assurance
      Jan 2024 - Present · 2 yrs 7 mos

    • Global CISO ai
      Feb 2024 - May 2024 · 4 mos

    • Global Head of Cyber Security Operations
      Jan 2022 - Jan 2024 · 2 yrs 1 mo

  • Candidate Non-Executive Director | CISO | Security Program Manager | Independent Contractor at Holistic Advisory | Zybrstate
    Sep 2008 - Present · 17 yrs 11 mos

    Security Strategy Cyber Security Program Management Cyber Risk Management Information Security Management NIST | ISO27001 Team Management and Operational Excellence IT Service Management Outsourcing and Vendor Security Assessment Consulting and Coaching

  • ING (12 yrs 7 mos)
    • Manager Information Security Global Group Services
      Apr 2016 - Dec 2021 · 5 yrs 9 mos

      Cyber Security Program Manager Implementation of Security Services Improve Security Intelligence and Reporting Lead Information Security Guild

    • Head of IT Reporting Global Group Services
      Mar 2015 - Apr 2016 · 1 yr 2 mos

      Operational Reporting for IT Management of Finance, Risk, InfoSec and Procurement. Agile DevOps of IT and Information Security Management.

    • Manager Information Security
      Jan 2014 - Mar 2015 · 1 yr 3 mos

      Global IT Security Strategy Establishing a CISO Office

  • ING (5 yrs 2 mos)
    • Risk & Security Department manager
      Feb 2007 - May 2009 · 2 yrs 4 mos

    • Project and Process Manager
      Apr 2004 - Jan 2009 · 4 yrs 10 mos

      Implementation of ITIL Service Management

  • Founder | Director | Partner at Waterland Sports vof
    Apr 2005 - May 2007 · 2 yrs 2 mos

    Complete start up of a gym and fitness studio. Starting from just an idea to realising a succesfull business. Includes dealing with city council, building design and realisation, financial mgt, design and guarding business case, human resource mgt, process descriptions, working instructions, marketing communications, suppliers management and financial administration.