Proficient Information Security and Risk Analyst with 3.5 years of experience in cloud security, ISO 27001 compliance, vulnerability management, policy compliance, and risk assessment, management, and treatment. Skilled in designing and implementing security frameworks, remediation plans, and compliance controls to protect critical enterprise assets and ensure adherence to regulatory standards.
Expert in leveraging tools like ServiceNow, QualysGuard, JIRA, and Power BI for risk tracking, remediation monitoring, and compliance automation. Proven ability to conduct vulnerability assessments, gap analyses, and incident investigations to mitigate threats and enforce cloud security controls.
Hands-on experience with ISO 27001 audits, risk treatment plans, and enforcing information security policies across multi-cloud and hybrid environments (AWS, Azure). Demonstrated expertise in aligning security operations with industry standards, including NIST, CIS benchmarks, SOX, and GDPR.
Adept at collaborating in Agile, integrating security governance into the SDLC, and driving continuous improvements in compliance monitoring, incident response, disaster recovery planning (DRP), and business continuity management (BCM). Recognized for optimizing process workflows and security frameworks to support enterprise security posture and regulatory compliance.