A consultant with several years of experience specialised in information and cybersecurity management, compliance, IT security risk, IT auditing, and policy writing with 5 years of experience (CISM ), proven ISO 27001 Lead Implementation practice, with several successful implementation and certification project.

I provide advisory and consulting support to help organisations improve their security posture and adhere to security policies, expected controls & regulatory requirements.

I can support your organisation with:

ISO 27001, SOC 2, and NIST compliance framework implementation identifying the best solutions and managing the whole process (requirements identification, solution selection, implementation, documentation, certification).

Cyber Maturity Assessments: Conducting capability reviews through applying Information Security frameworks (e.g. NIST, ISO 27001, SOC2).

My skills in Information (IT) and Cybersecurity includes:
- Conducting cyber security assessments and gap analysis against various frameworks.
- Creation and implementation of a comprehensive compliance framework in the case of multi regulatory requirements
- Development of ISMS Policies, Procedures and relevant standards based on NIST guidelines or ISO 27001 including Incident Response Plan, Acceptable Use, Encryption Policy, Risk management, Audit logging, and monitoring policy, User account and access management, Asset management, Data Classification, Change Management, Vulnerability and patch management, Asset Disposal, Third-party Management, Security Configuration, and many more.
- Business Continuity Planning and Disaster Recovery Planning (BCP, DRP)
- IT audit, compliance audit
- Risk assessment,
- Information security awareness training and training material
- Compliance specific training (GDPR, SOC2, NIST. RISK management).

Please don't hesitate to contact me! My knowledge, experience, and skill can help you to achieve your goal and succeed!!