• Developed and implemented the organization's GRC framework – ISO 27001 and NIST, including policies, procedures, and risk assessment methodologies.• SPOC of Risk Register: Reviewed existing entries; performed Asset identification, evaluation; Vulnerability assessment, Risk assessment and documented ISMS controls after thorough discussions and reviews with stakeholders.• Reviewed and Analyzed Inherent Risk Rating, Control Operating Effectiveness and Residual Risk Rating in the Risk Register and identified High Focus areas of improvement where the RRR is ‘High’ even after implementing the controls.• Conducted regular risk assessments to identify and prioritize potential risks and vulnerabilities.• Collaborated with internal stakeholders to develop risk mitigation strategies and action plans.• Monitored and reported on compliance with regulatory requirements and internal policies.• Implemented and maintained GRC software to streamline risk management processes and enhance visibility.• Conducted internal audits to assess the effectiveness of controls and identify areas for improvement.• Implemented ISMS Controls across Organization.

• Implemented the organization's compliance program, ensuring adherence to PCI-DSS, SOC2, SOX, ISO 27001, and NIST standards.• Conducted regular risk assessments and vulnerability assessments to identify potential security gaps, providing actionable recommendations for risk mitigation.• Worked with business process owners of an assigned major business unit to identify business unit objectives and key risks and perform risk assessments.• Worked with the Manager, Senior Manager, Director, and the AVP – Internal Audit on planning, executing, and reporting audit work.• Implemented Beauceron Security (SaaS) platform for all Bell employees to provide Security education focusing on human side of security. Helped in designing awareness programs through surveys, computer-based training, phishing simulations, and risk scoring.• Prepared and maintained repository for ISMS documentation including ISMS Manuals, Process Plan, SOP’s, Records.• Executed multiple complex high profile audit engagements, ensuring proper coverage and consideration of auditing principles, practice and assigned time/budget.• Supported the documentation of business understanding, business objectives/performance/metrics, key controls, and test strategy to ensure that audit objectives and approach meet broader business needs.• Supported the assessment of key control design and execute testing of key controls and identify gaps.• Prepared and reviewed internal audit reports of findings and recommendations for delivery to management.• Monitored audit findings to ensure effective resolution. Built remediation plans and remediate control issues on behalf of IT Control Owners.

• Designed, implemented, and maintained complex network infrastructures, including routing and switching devices.• Monitored and maintained network systems and infrastructure, ensuring maximum uptime and performance.• Configured and managed firewalls to enforce security policies and protect the organization's network resources.• Conducted regular security assessments and vulnerability scans, identifying and addressing weaknesses in the network infrastructure.• Installed, configured and troubleshooted the firewalls such as Palo alto, Juniper and check point• Implemented network monitoring and management tools to proactively identify and resolve network issues