Nathan Van Cleave Email & Phone Number

| Harmonizing the languages of Risk, Technology, and Business || Reducing cybersecurity and privacy risk because Black Swans happen |With a robust foundation in IT audit and cyber security, my skills and capabilities have been pivotal in steering organizations towards stronger information security controls, privacy compliance, and enterprise risk management. My CISA, CRISC, and CIPP/E certifications have been instrumental in driving effective risk management and compliance, and safeguarding against evolving cyber threats and a fluid privacy environment.IT AuditOver the past seven years, I have cultivated specialized experience in IT audit and risk management, ensuring alignment with frameworks such as NIST, ISO 27001, and CIS. I drive operational improvements and mitigate risks through advanced evaluation of IT General Controls (ITGC) and SOX compliance. I have an expertise in third-party risk management (TPRM), executing due diligence assessments to ensure vendor compliance with organizational standards; and I am adept at leading audit engagement teams covering complex areas such critical asset management, cyber resiliency, cloud security, ERP, and GxP systems.Information Security and CybersecurityI have proven ability to assess and enhance cybersecurity frameworks, emphasizing cyber resiliency with deep knowledge of regulatory standards, including HIPAA and GDPR, and their integration into security programs. I am highly skilled in conducting risk assessments, identifying vulnerabilities, and implementing secure development practices to address the ever-evolving threat environment.Privacy ManagementI partner heavily with privacy teams to embed privacy frameworks and controls to meet GDPR, CCPA, and CPRA compliance. I carry forward a deep, practical understanding of global data privacy laws/regulations and their application across various industries, particularly pharma-healthcare. I excel in embedding and leading matrixed teams in designing fit-for-purpose privacy governance and privacy by design methodology. I continually promote a culture of privacy awareness through effective communication, training, and cross-functional collaboration.Strategy, Risk, and LeadershipI have demonstrated leadership in managing cross-department and internal audit teams, and fostering a culture of accountability, continuous improvement, and risk reduction. With advanced proficiency in risk identification, assessment, and prioritization, I strive to align key risks with business priorities that enables informed decision-making and value-driven outcomes.