May 2024 – Nov 2024 · 6 mos

• Played an advisory role to enhance the security posture of the financial product and the platform.
• Developed and Implemented GRC framework including KPI, KPI, metrics management
• Developed Secure SDLC, and implemented SAST/DAST testing, vulnerability management, and penetration testing of the product and platform.

Jan 2022 – Apr 2024 · 2 yrs 3 mos · Halifax, Nova Scotia, Canada

• Throughout my career as a leader in Enterprise Risk Management (ERM) and Governance, Risk, and Compliance (GRC), I've focused on driving initiatives that strengthen organizational resilience and improve operational efficiency. I followed the approach of integrating GRC modules to enhance compliance and governance frameworks, ultimately making the risk management efforts more effective at the enterprise level.
• I excel in implementing and managing comprehensive risk management frameworks to align risk posture with the organization's goals and objectives. I led the Third Party Risk Management (TPRM) program successfully to manage supply chain risks. I am recognized as an SME integrator to integrates security practices and requirements with other functions such as BIA, PMO, Legal, Procurement, HR, and Finance. I am recognized for translating complex security and technical requirements into clear business strategies including advising senior leadership on enterprise risk and using tools like Power BI to support informed decision-making. Beyond risk management, I excel in leading the implementation of security tools and enterprise applications, collaborating closely with teams across the organization to ensure smooth transitions and improvements in efficiency.
• I'm someone who cares about nurturing talent and helping people grow within an organization, focusing on training and mentoring to help emerging talent thrive within our organization. I am also deeply committed to a mindset of continuous improvement is evident in initiatives that have boosted risk assessment completion rates and innovated vendor management programs to mitigate risks effectively.
• At the core of what I do is my passion for cybersecurity. With a blend of strategic leadership, technical expertise, and a focus on team development, I strive to drive growth and resilience in dynamic organizational environments.

Jan 2019 – Jan 2022 · 3 yrs

• Well-versed in Security Assessments & Consulting, I found my niche in developing robust security frameworks that went on to cater to a wide range of client requirements. In this respect, conducted a comprehensive risk assessment, penetration testing, and vulnerability scanning to make sure clients were safe from all emerging cyber threats. I've been fortunate enough to conduct advisory services for Provincial Government entities, Health Authorities, and OT organizations. I helped them make strategic technological decisions with optimum investment and, at the same time, overcome some of the most intricate security challenges efficiently and confidently.
• I'm strong at building solid processes that help to minimize supply chain risk. I possess experience in parsing out SOC 2 reports and compliance documentation so an organization can make sure their control environment is properly hardened, as well as leading ISO 27001 implementations and performing NIST CSF maturity testing. Also, demonstrated competence in all of the key frameworks: NIST CSF, PCI-DSS, and HIPAA.
• My technical knowledge and client-centric approach have garnered a total of 55 client and business unit commendations during my years at CGI. Finally, I am also trained in Privacy Impact Analysis as well as several privacy frameworks, including PIPEDA, which could demonstrate an ability to work with sensitive information as well as to comply with a myriad of varied regulatory requirements.
• Having a very strong background in the delivery of strategic security solutions and secure operational environments, I look forward to delivering my expertise to organizations in need of security enhancement through cybersecurity and risk management efforts.

Apr 2018 – Jan 2019 · 9 mos · Halifax, Canada Area

• I have thrived in the very dynamic environment of cybersecurity, where the ability to quickly assess, prioritize, and respond to incidents is one of my strengths. To this end, I have come to gain expertise in the use of advanced security tools like ArcSight, Splunk, ServiceNow, HIVE, and ARCHER to monitor the global network and vigilantly look out for any threats. In that way, I get to detect and respond to them even before they have any impact on our systems.
• I am recognized for promoting operational excellence within the Security Operations Center, SOC, by continuously analyzing security alerts, mentoring junior analysts, and maintaining best practices to keep the industry's strongest defenses. My leadership in improving cybersecurity practices for the Berlin-based mGuard Product team reflects how proactive I am when protecting our organization.
• I have successfully driven strategic initiatives that have resulted in the massive reduction of false alarms and the development of stringent security procedures. This meant that our incident response times became more harmonized and always maintained within the agreed SLAs. My firm commitment to ensuring maintenance standards within security operations and collaboration in the SOC are ways that I deliver effective ways of protecting our assets from advanced cyber-attack sources.

Jun 2017 – Jan 2018 · 7 mos · Dubai, United Arab Emirates

• I have always worked towards aligning the security efforts of our company with business goals and regulatory requirements. I take pride in overseeing everything from designing to maintaining a robust network infrastructural setup that supports the growth of our organization with very high performance and scalability.
• The commitment runs to maintain cyber defenses counter to the changing nature of threats. I believe in proactive leadership in swift incident response, analyzing thoroughly and mitigating the effects so that our operations run smoothly.
• A big part of my role, therefore, is undertaking frequent security assessments and vulnerability scans, with this process working even more closely with our internal teams and external partnerships to develop such a culture that proactively manages the risk of risk and builds resilience within our organization. So, it means developing key relationships with partners and vendors externally, including regulatory bodies, will be crucial to delivering such a successful cybersecurity strategy, or risk mitigation plans if you will.
• Having a well-documented history of network reliability improvements and enhanced cybersecurity defenses, I am eager to come on board to assist forwarding-leaning organizations in the quest to attain operational excellence and better security posture in this fast-paced and highly digital age World.

May 2016 – Jan 2017 · 8 mos · Abu Dhabi, United Arab Emirates

• Throughout my career, I have led various strategic initiatives that enormously improve organizational security and compliance. The most important contributing assignments include leading very specialized programs such as leading the NEI 08-09 program for physical protection systems. This comes as a necessity to our organization given the strict standards associated with the industry.
• I go as far as offering the development as well as updating of cybersecurity policies, processes, and reporting templates which would not only reduce risks but also enhance the network performance and compliance level. I am all about adopting and encouraging a culture where security awareness remains at the top. That entails keeping a sharp eye on our network and security systems of operation and being able to quickly identify any anomaly and potential threat.
• And that means having in place proper risk management strategies and frameworks, not to mention what we also have to do to meet regulatory requirements efficiently. Certainly, something that I would pride myself on is my ability to assess and integrate advanced security technologies that will strengthen our cyber defenses protecting our valuable assets from ever-evolving cyber threats.
• Continuous improvement, performance evaluation, and training of our teams are what I focus on. The unilateral investment in human capital will be a no-brainer to lead us to achieve an educated workforce to take on sophisticated security issues upfront. In other words, I am keen on spearheading cybersecurity initiatives commensurate with the business goals as a way of giving back to the business while making it more resilient in this digital age.

Apr 2015 – Apr 2016 · 1 yr

Feb 2008 – Mar 2015 · 7 yrs 1 mo · Oman

Oct 2006 – Jul 2007 · 9 mos · Chandigarh Area, India

Oct 2006 – Jul 2007 · 9 mos · Jalandhar Area, India