Experience Summary
Strategic and results-driven GRC Consultant with over 21 years of experience in cybersecurity, risk management, and compliance. Proven expertise in building and leading enterprise-wide information security programs aligned with ISO frameworks and regulatory standards. Adept at conducting risk assessments, business impact analyses, and third-party audits. Recognized for driving security posture improvements, fostering cross-functional collaboration, and delivering measurable outcomes in complex environments. Core Competencies - Governance, Risk & Compliance (GRC) Strategy - Information Security Program Development - ISO Frameworks & Regulatory Compliance - Business Continuity & Disaster Recovery (BCP/DR) - Risk Assessments & Penetration Testing - Vendor Risk Management & Audits - Data Loss Prevention (DLP) & Zero Trust Architecture - Identity & Access Management (IAM) - Secure Cloud & Hybrid Infrastructure - Security Awareness & Training Programs
