It Grc Specialist
Current• Spearheaded the creation and ongoing maintenance of comprehensive security policies, procedures, and standards.• Successfully maintained and upheld the PCI-DSS and ISO 27001 certifications for DANA since 2020.• Orchestrated a dynamic security awareness program at DANA, entailing meticulous planning, research, and effective program delivery.• Conducted third-party assessments for strategic partners, merchants, and vendors to ensure adherence to security protocols.• Acted as a key liaison, facilitating seamless engagements between the internal team and external auditors and/or consultants.• Compiled Request for Proposals (RFPs) essential for compliance-related projects.• Conducted security drills to bolster preparedness among internal employees.• Elected as the Risk Champion to represent IT Security in the comprehensive risk register.