Building resilient security frameworks and driving compliance excellence.
IT Security and Compliance professional passionate about implementing zero trust architectures, managing risk, and ensuring regulatory adherence across complex enterprise environments.
Focused on bridging the gap between security policy and operational reality — turning compliance requirements into actionable, measurable security outcomes.
Designing and implementing identity-centric security models that verify every access request.
Navigating complex regulatory landscapes — SOX, GDPR, ISO 27001, NIST, and industry-specific frameworks.
Identifying, assessing, and mitigating security risks with data-driven threat modeling approaches.
Building security programs with clear policies, procedures, and accountability structures.
Monitoring, detecting, and responding to security incidents with structured playbooks and automation.
Securing cloud-native environments with infrastructure-as-code and continuous compliance monitoring.
Always authenticate and authorize based on all available data points — identity, location, device, service, data classification, and anomalies.
Limit user access with just-in-time and just-enough-access, risk-based adaptive policies, and data protection measures.
Minimize blast radius with segmentation, verify end-to-end encryption, use analytics for threat detection and response automation.
Open to opportunities in IT Security & Compliance.