Senior Security And Compliance Consultant
Current• Led comprehensive risk assessments and security audits in alignment with CMMC, NIST, ISO, and SOC frameworks to ensure compliance and mitigate potential threats.• Developed and executed security strategies to achieve and maintain certification for ISO 27001, SOC 2, and other relevant standards.• Developed, implemented, and maintained security policies and procedures to meet stringent regulatory requirements and industry standards.• Conducted continuous monitoring activities to identify, evaluate, and respond to security incidents and vulnerabilities, ensuring real-time threat mitigation.• Managed and executed GRC (Governance, Risk, and Compliance) tools to streamline compliance processes and enhance organizational security posture. (e.g., Drata, OneTrust GRC, OneTrust Certification Automation, Hyperproof, FutureFeed, etc.).• Developed OneTrust’s Onboarding and Implementation Program• Created and maintained Plans of Action and Milestones (POA&Ms) to address and track the remediation of security deficiencies and vulnerabilities.• Coordinated with cross-functional teams to ensure the integration of security controls and practices into business operations and IT environments.• Conducted training sessions and workshops to enhance organizational awareness and understanding of security compliance requirements.• Prepared detailed reports and documentation for internal and external audits, demonstrating adherence to compliance frameworks and industry best practices.• Collaborated with stakeholders to ensure the effective implementation of security controls and risk management processes across the organization.• Provided expert guidance on the interpretation and application of security frameworks, ensuring that security practices align with business objectives and regulatory requirements.