A dedicated professional in Information Technology (IT) and Operational Technology (OT) Cyber Security, experienced in Governance, Risk & Compliance, Security Architecture, Threat Hunting, Vulnerability Management, and Analytics. I support organizations by managing Cyber Security programs, developing functions for auditing, assessing, and identifying security vulnerabilities & risks while designing & implementing security controls to ensure compliance with industry regulations and standards. I hold GC Secret Level II Clearance and bring over 15 years of experience across Government, Mining, Industrial & Manufacturing, Utilities & Communications Service Providers, Critical Infrastructure, Transportation, and Education sectors. KEY SKILLS:• Security Standards/Frameworks: NIST CSF, NIST SP 800-53, ISO 27001, ISA/IEC 62443, NERC CIP, ISA 95 Purdue Model ISO27001, SABSA/ TOGAF, PCI-DSS, EU GDPR, CSA STAR, OWASP, SANS 20 Critical Controls, HIPAA, Software Development Security Practices and MITRE ATT&CK• Cyber Security Tools: Nozomi, Tenable & Qualys Vulnerability Management, NMAP, Web and Mail Filtering, Splunk SIEM, DLP, CyberArk (Privileged Access Management), RSA Archer, Jira Atlassian & Security Gate (GRC), Forensic Tools, Microsoft Defender, Wireshark, Windows & Linux Security Hardening, Python, SQL, Zero Trust Principles, Cloud Security (Azure/AWS), Software-as-a-Service, Firewalls and IDS, OT Security and ISA 62443, DAST, SAST• Program management of security deliverables including technical security projects, vendor assessments and RFIs, Implementation of new security controls, security policies and procedures, cloud security alignment, Implementation of ISO27001 involving a new ISMS for greenfield sites• Driving and developing the security strategy and improving the maturity of the controls across different divisions including adoption of Cyber Security Frameworks, Risk Assessments, Network Segmentation & Data Flows, Security Awareness, IT/OT Convergence, IoT and IIoT Architectures• In-depth knowledge of building and executing IT and OT Incident Response (IR) procedures including effective containment, investigation and recovery strategies to address cyber incidents in Critical Infrastructure and conducting Tabletop exercise to drive cyber and incidence handling awareness• Deep understanding of OT systems, including Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), and Critical Infrastructure technologies, IT and OT segregation & segmentation strategies, emerging trends and technologies in OT security