Cyber Security Business Lead
Current- Managing audit related corrective actions and recommendations for Cybersecurity- Designed and implemented Cybersecurity performance dashboard (KPI and KRI). Developing additional Operational Indicators (OI) using Microsoft Power BI- Assessed various Information Security Risk Management Frameworks (RMF) and its implications: ISO, NIST and ISACA- Aligned CSIRP (Cybersecurity Incident Response Plan) to IT Service Continuity Management (ITSCM) Playbook- Participated in documenting Cybersecurity Threat profile- Coordinating the creation of a Pen Test Plan based on criticality of applications and infrastructure- Established Risk quantification by linking Corporate Risk Matrix to log normal distribution based on confidence level selection (Monte Carlo simulation)- Led company wide cyber threat and risk assessment for IT and OT as per BCUC Directive #8. This will lead into a cybersecurity plan as per BCUC Directive #9 comprising of Identity & Access Management, Network security, Cyber asset management, Data protection, Detection capabilities expansion, SOC transformation.- Planner for GridEx VI cybersecurity incidence handling table-top simulation exercise.- Actively assisting BC Hydro's Treasury colleagues towards renewal of cybersecurity insurance.