Information Security Risk Lead with expertise in proactive risk management, strategic security policy, and enterprise-wide defense. I specialize in leading teams to build robust security frameworks, ensuring regulatory compliance, and protecting critical infrastructure from evolving cyber threats. Proven ability to design comprehensive security controls and direct effective incident response efforts.

Strategic Leadership & Risk Management:

• Lead the design and implementation of an organization-wide information security risk management framework to identify, evaluate, and prioritize risks.
• Conduct comprehensive risk assessments and vulnerability scans to proactively identify and address potential security threats and weaknesses.
• Develop and implement security policies, procedures, and guidelines to ensure regulatory compliance and align with industry best practices.
• Direct the organization's security incident response and disaster recovery planning, ensuring a rapid and effective response to security breaches.

Security Operations & Threat Intelligence:

• Oversee the Security Operations Center (SOC) team, optimizing processes and leveraging advanced tools for efficient threat detection and response.
• Lead threat intelligence and analysis efforts to anticipate emerging cyber threats and develop proactive defense strategies.
• Monitor and analyze security events and alerts to detect, investigate, and prevent cyber-attacks in real time.
• Collaborate with cross-functional teams to develop, implement, and continuously refine security incident response plans.

Technical Expertise & Collaboration:

• Collaborate with internal stakeholders to integrate security best practices into the design and deployment of new systems and technologies.
• Operate and manage security controls for cloud and virtualization environments.
• Leverage expertise in network security technologies, including intrusion detection/prevention systems (IDS/IPS) and network access control (NAC) systems, to fortify network defenses.
• Develop and deliver security awareness programs and training sessions to foster a strong security-conscious culture across the organization.