- Executed rigorous compliance assessments on US, Canada, and international data privacy laws (GDPR, CCPA/CPRA, HIPAA, GLBA, PIPEDA, PIPL, DPDPA), safeguarding confidentiality, integrity, and availability of sensitive information. - Researched and analyzed legal and administrative statutes for customer data privacy programs. Developed policies, processes, and documentation to ensure compliance with privacy regulations and frameworks, showcasing a proactive approach to data protection. - Enhanced network security posture and visibility on virtual cloud platforms by collaborating with cross functional teams within Network Security, fostering a 60% increase in threat detection efficiency and proactive risk mitigation.

- Worked closely with clients to understand their unique security requirements and provide tailored recommendations aligned with industry best practices with SIEM solutions and kept IT Cyber systems up-to-date with latest patches & AV/IDS signatures. - Assessed firewalls and Intrusion Detection Systems (IDS) capabilities against National Institute of Standards and Technology (NIST) framework, integrating security into design to enhance Psiphon's network security posture by 70%. - Led and drove risk management activities such as tracking, validating remediation of vulnerabilities, and creating a risk register. This resulted in a more streamlined process and a 40% reduction in the time taken to remediate vulnerabilities.

- Counseled over 55 clients on data protection and privacy issues, including due diligence investigations, compliance audits, risk management, cross-border data transfers, incident management, drafting and revising privacy policies, and industry/sector-specific best practices. - Maintained comprehensive documentation of security and privacy measures, incidents, and responses for compliance and future reference. - Collaborated with cross-functional teams, IT departments, legal teams, and external stakeholders to ensure a holistic approach to security and privacy.