• Performed forensic investigations following incidents to identify root causes, assess damage, and recommend appropriate mitigations or improvements in processes or tools.• Deep understanding of SOX regulations and their applications to IT systems and processes.• Select and tailor appropriate controls that are applicable to the system.• Collaborated with IT teams to integrate security best practices into system development and operations.• Generate vulnerability reports from scans detailing critical, high, medium, and low vulnerabilities that are needed to be remediated and collaboratively worked with system administrators' team to ensure vulnerabilities are remediated• Develop System Security Plan (SSP) to provide overview of system security requirements and describe controls in place or planned by information system owners to meet those requirements• Evaluated emerging technologies and made recommendations for strategic investments in information security tools and resources.

• Identify potential threats and vulnerabilities within the system and applications by continuously monitoring security tools and analyzing logs and data.• Utilize advanced threat intelligence to stay ahead of emerging cyber threats and vulnerabilities.• Perform in-depth analysis of malicious activities, including malware, phishing, and intrusion attempts.• Lead incident response efforts, including the identification, containment, eradication, and recovery from security incidents.• Implement measures to prevent future attacks or mitigate their impact. This includes updating or patching systems, configuring security tools, and hardening network defenses.• Conducted regular reviews of company policies and procedures for alignment with regulatory requirements and industry best practices.• Developed and provided all documentation necessary for performing a Security Control Assessment• Contributed to the development of company-wide cybersecurity awareness campaigns, fostering a culture of vigilance among all employees.• Prepared documentation and records for upcoming audits and inspections.• Provide on-going evaluations and validation of IT control effectiveness and internal business processes as they relate to compliance activities within areas of responsibility.• Supported the implementation of a robust identity and access management system, enhancing overall security posture by limiting unauthorized access to critical systems and data.• Ensured compliance with industry regulations by performing comprehensive audits on existing security policies and procedures.

• Conducted regular reviews of company policies and procedures for alignment with regulatory requirements and industry best practices.• Managed controls post-authorization to ensure continuous compliance with the security requirements• Enhanced regulatory compliance by conducting thorough risk assessments and implementing effective control measures.• Reviewed contracts and agreements for adherence to legal requirements, reducing potential liability exposure for the company.• Assisted in the development of a comprehensive risk assessment framework for evaluating potential threats to organizational compliance systems.