Sr. Information Security Consultant
CurrentResponsibilities:Compliance Champion: Translate regulations into actionable controls, conduct gap analyses, develop risk assessment frameworks, and ensure implemented controls support both compliance and business objectives.Security Architect: Develop and implement ISMS based on ISO, AICPA, and CIS standards, design and enforce security policies and procedures, implement appropriate security controls (access control, encryption), and utilize security tools for automation and monitoring.Auditor and Assessor: Perform internal security audits based on ISMS, SOC2, and contractual requirements, conduct lab security assessments (ISO 27001, ISO 17025), and develop self-assessment tools for organizational risk assessment.Process Enforcer: Develop process audit checklists, obtain sign-off from process owners, and enforce policy adherence across service lines and business units.Data Privacy Guardian: Ensure compliance with data privacy regulations (HIPAA, PCI DSS, GDPR) through internal audits and awareness sessions.Knowledge Transferor: Train new team members, conduct security awareness sessions for new joiners, and introduce new services to RISOs globally.Highlights:• Demonstrated expertise in aligning security with regulations and business goals.• Proven track record in implementing and maintaining comprehensive security programs.• Strong analytical and problem-solving skills for identifying and mitigating risks.• Excellent communication and collaboration skills to engage stakeholders and ensure compliance buy-in.Proactive approach to staying updated on emerging threats and adapting security measures.Leadership:• Initiative and Innovation: Develop and implement self-assessment tools, introduce new services, and proactively address security challenges.• Strategic Vision: Align security program with organizational goals and drive continuous improvement through risk assessment and adaptation