- Formulated a strategy for the Cloud Compliance Team to ensure alignment with the SOC 2 framework optimizing the design and operational effectiveness of controls.- Successfully mapped NIST, ISO 27001, and ISP standards to SOC 2 controls, substantially reducing the cost of conducting audits and certifications across the firm.- Performed Azure & AWS readiness assessments for the Cloud Platform Security Assessment (CPSA) team. Identified findings and initiated steps towards remediation for specific controls.- Assessed compliance controls (preventive, detective, corrective), identified control gaps, drove gaps to closure, defined/updated necessary policies, prepared for certification, and coordinated audits with auditors.- Led and ensured information security compliance across multiple PwC cloud platforms with 100% accuracy. Utilized SAFe Agile methodology, conducted weekly ADO backlog meetings for refinement, sprint planning, assessment, and retrospectives to consistently meet target dates for features and user stories, ensuring successful SOC 2 attestations and audits.- Collaborated cross-functionally in a global and highly matrixed environment to integrate security solutions for complex business issues, AI technology, and ensured compliance by design.- Managed multiple priorities, communicated project progress to management and business stakeholders.- Collaborated with the Secrets Management and Shared Image Gallery work streams by leading weekly scrum calls to ensure production of scanned images, and to improve quality, reduce risk, and increase focus on value delivery.- Assessed Privileged Access Management (PAM) for non-personal accounts. Confirmed the use of CyberArk for PAM, SailPoint for Recertification & Revocation as part of the SOC2 audit requirement.

- Fractional CISO role for multiple clients. Worked with the Senior Executives to review their individual organizational threat landscape, enhance their respective organizational security posture by recommending and implementing appropriate security controls.- Briefed the executive board to ensure balance between a secured business posture versus business productivity. - Worked collaboratively with the Sales, Legal, and Sales Support teams on statements of work, proposals, and RFP responses.- Established a team consisting of Cybersecurity, Information Technology, Audit & Compliance, and Data Privacy across North America & India. These teams reviewed controls related to identity and access management, data security, network design, logging & monitoring & privacy within provisioned cloud infrastructure.- Packaged Managed Security Services solutions for multiple clients using different Cloud Service Providers.- Planned implementation of GRC & SecOps controls for multiple clients based on NIST 800-53, CIS, ISO 27001, SOC2 frameworks significantly shrinking the organizations’ threat exposure and improving compliance.

❑ IT Security Operations: Upgraded existing security/network infrastructure. Created an Information Security roadmap for the organization.❑ HIPAA Compliance: Coordinated HIPAA Compliance for the Organization using 3rd Party Auditor.❑ IT Project Management: Delivered Multiple IT Projects for clients. ERP solutions include PeopleSoft, SAP, NetSuite.

❑ Established a Global Delivery Center for the PeopleSoft Practice in Hyderabad, India. ❑ Lead Multiple ERP IT Projects for clients in Automotive, Financial Services, Entertainment, Environmental Services Industries. Key areas include: ➖ PeopleSoft Implementation ➖ PeopleSoft Upgrade ➖ Oracle EBS Implementation