• Orchestrated comprehensive audits for NIST SP 800-53 cyber security controls, enhancing compliance audit activities through detailed interviews, document reviews, and system testing.• Spearheaded the development of targeted cyber security awareness content, leading to a 30% improvement in end-user cyber hygiene across departments.• Conducted IT compliance reviews to evaluate the design and operating effectiveness of key controls, identifying gaps and implementing remediation plans.• Documented and led the implementation of compliance frameworks, collaborating cross-functionally to align with industry standards, improving policy adherence by 20%.• Executed third-party vendor risk assessments by scrutinizing security architecture, resulting in detailed risk reports with actionable findings and recommendations.• Delivered ongoing and annual security awareness training, contributing to a 25% increase in security scorecard effectiveness.• Led NIST Cyber security Framework (CSF) assessments, facilitating gap remediation and boosting overall security posture by 15%.• Developed Just-In-Time cyber security awareness content to address emerging threats, reducing operational risk by 10%.Key Achievements:• Successfully implemented a compliance framework that reduced third-party risk exposure by 25%.• Improved overall compliance metrics by 20% through effective policy development and training.• Developed Just-in-Time cyber security awareness content for emerging threats, reducing operational risk by 10%.

Developed and managed security governance systems and policies, ensuring robust risk management aligned with corporate standards and best practices.• Coordinated internal and external audits, facilitating evidence collection and ensuring compliance with ISO27001 and GDPR.• Evaluated and monitored risk assessments, recommending process improvements that resulted in a 15% reduction in security gaps.• Developed information security policies for access and authenticator management, enhancing internal and third-party compliance.• Reviewed enterprise-level IT systems, identifying risks and providing insights into security exposures.• Contributed to audits and inspections, providing oversight on remediation activities and improving audit response time by 20%.• Measured the effectiveness of security processes through metrics, dashboards, and reporting, enhancing decision-making capabilities.• Worked closely with business leaders to drive security compliance and foster a culture of security awareness, increasing engagement by 30%.• Integrated cyber risk management into third-party initiatives, reducing the risk surface area by 15%.• Improved operational consistency by creating comprehensive documentation, including playbooks and standards.Key Achievements:• Played a key role in achieving ISO27001 compliance, contributing to a 100% audit pass rate.• Enhanced third-party risk management processes, resulting in a 10% decrease in risk exposure.

• Provided first-level IT problem resolution, ensuring efficient issue management and user satisfaction.• Ensured servers and systems were up to date with patches, preventing vulnerabilities and maintaining system security.• Monitored audit and systems logs daily, identifying potential security issues and improving incident response time.• Assigned user access and permissions, maintained Active Directory trees, and performed troubleshooting for network access and password resets.• Managed network security applications, tested new solutions, and participated in incident response activities, enhancing overall security posture.Key Achievements:• Successfully reduced incident response time by 20% through proactive monitoring and efficient resolution strategies.• Implemented security measures that improved system uptime by 15%.