Led the development, review, and updating of information security policies, standards, and procedures. This ensured alignment with regulatory mandates and industry best practices, fostering a culture of security awareness and adherence.Conducted thorough risk assessments to identify, prioritize, and mitigate information security risks across the organization. By meticulously analyzing vulnerabilities and threats, we proactively addressed potential risks to our assets and operations.Monitored compliance with applicable laws, regulations, and standards such as GDPR, NIST, COBIT, HIPAA, and ISO 27001/27002. Prepared detailed compliance reports and documentation for internal and external stakeholders, demonstrating our commitment to regulatory adherence.Coordinated swift incident response activities in the event of security breaches, incidents, or violations. By orchestrating investigation efforts and implementing corrective actions, we swiftly mitigated risks and minimized impact on operations.Developed and delivered information security awareness programs and training sessions, empowering employees with the knowledge of security risks, best practices, and policies. This fostered a security-conscious culture organization-wide.Assessed the security posture of third-party vendors, suppliers, and service providers. Conducted rigorous security assessments and monitoring, ensuring that vendors complied with security standards and posed minimal risk to the organization.Oversaw the implementation and configuration of security controls, technologies, and tools to protect information assets and systems. This ensured that security measures were aligned with organizational objectives and industry best practices.Developed and maintained business continuity plans to ensure resilience in the face of disruptions, including cybersecurity incidents. These plans outlined procedures for maintaining essential functions and recovering from disruptions efficiently.

- Implemented Threat Profiling strategies to analyse unique risks in the automotive manufacturing industry, focusing on supply chain integrity, intellectual property theft, and production process alterations.- Contributed to a dynamic Threat Landscape approach, considering geopolitical variables, technological advancements, and economic trends for proactive cyber-security measures.- Profiled Threat Actors targeting the automotive sector, enhancing the organisation's ability to anticipate and counter potential cyber threats.- Utilised Threat Modelling techniques to simulate cyber threats on production lines, software systems, and communication networks, ensuring robust defences.- Implemented and managed Microsoft Azure solutions to improve system scalability, reliability, and security.- Collaborated with cross-functional teams to design and deploy Azure-based applications, ensuring alignment with business objectives.- Utilised Azure Virtual Machines, Azure App Services, and Azure Storage to optimise infrastructure and enhance application performance.- Contributed to the development of Azure DevOps pipelines for continuous integration and continuous deployment (CI/CD) processes.- Played a key role in the design and implementation of Azure networking solutions, including Virtual Networks and Traffic Manager.- Implemented security best practices using Azure Security Centre to protect against threats and vulnerabilities.- Provided technical guidance and support to team members on Azure-related projects.- Developed and maintained compliance with key information Policies from scratch using standard frameworks ISO27002:2022 which led to a drastic cut in legal penalties and fines formerly incurred due to non-compliance and increased the IGR of my organisation.- I have also proactively addressed security risks through policy compliance which also resulted in cost savings by reducing the likelihood of security incidents and associated financial losses

- Spearheaded a team of seven cyber-security professionals in the successful implementation and maintenance of ISO 27001 and ISO 27002 standards, ensuring alignment with industry best practices for information security.- Led the development and execution of comprehensive information security policies, procedures, and controls per ISO 27001/27002, addressing key security domains, including risk assessment, access control, incident response, and more.- Coordinated and conducted risk assessments and gap analyses to identify vulnerabilities and security threats, implementing effective mitigation strategies to safeguard information assets.- Managed the adoption of the OCTAVE Allegro methodology for identifying, assessing, and managing operational risks within the organisation, enhancing the overall risk management framework.- Collaborated with cross-functional teams to perform security awareness training and education initiatives, ensuring staff compliance with the latest Information security standards.- Successfully oversaw the preparation and execution of external audits, resulting in the organisation achieving ISO 27001 certification.- Demonstrated the benefits of ISO 27001/27002 compliance through tangible improvements in the security posture, incident response, and data protection at ABC Technologies.- Proactively addressed security risks through policy compliance which also resulted in cost savings by reducing the likelihood of security incidents and associated financial losses

- Analysed existing IT systems and processes to identify areas for improvement, optimisation, or automation.- Provided technical support and troubleshooting assistance to end-users, resolving IT-related issues and incidents in a timely manner.- Analysed data sets and databases to extract insights, identified trends, and supported decision-making processes within the organisation.- Facilitated the implementation of IT changes and upgrades, ensuring minimal disruption to operations and effective transition management.- Developed and executed test plans, scripts, and procedures to verify the functionality, performance, and security of IT applications.- Created and maintained documentation for IT systems, processes, configurations, and procedures, ensuring accuracy and accessibility.- Provided training sessions, workshops, or tutorials to end-users or IT staff on new technologies, tools, or system functionalities.- Evaluated, selected, and managed relationships with IT vendors, contractors, or service providers, ensuring adherence to service-level agreements.- Identified opportunities for process improvement, innovation, and optimisation within the IT environment, driving ongoing efficiency gains.