Ciso
CurrentVCISO for mid-market organizations. I manage cybersecurity programs by identifying and mitigating risks and ensuring compliance with regulatory requirements.Conduct proactive qualitative and quantitative risk assessments based on NIST RMF, Attack Surface Monitoring, and Penetration Testing for On-Premise and Cloud Infrastructure.Manage cybersecurity strategy and execution by rolling out critical security controls, vulnerability and patch management programs, security monitoring, and incident response based on NIST CSF and CIS 18 controls.Ensuring compliance with regulatory requirements - ISO 27001, SOC2, PCI DSS, and HIPAA.