Information Security solutions expert with strong skills in Cyber risks, TPRM, and GRC programs. A hybrid thinker combining technical proficiency with an appreciation for the human side of Security. I provide actionable business risk intelligence based on data and analytics of first and third-party security postures. Proven track record in cybersecurity operations, risk mitigation, data stewardship, project management, and due diligence. Certified Security Awareness and Culture Professional (SACP). My experience encompasses the entire Third Party Risk Management Lifecycle, as well as security compliance, governance, and risk mitigation. As a certified professional in Security Culture and Awareness, my work has prevented immeasurable losses, and helped to protect thousands of clients and their data. Adept at balancing operational, strategic, and project management objectives, I have a proven track record in compliance, risk mitigation, due diligence, and budget oversight. Highlights / recent Information Security accomplishments include: • Oversaw all "Tier 1 and Tier 2" vendor and partner due diligence/compliance assessments - provided gap analysis and security controls remediation reports for over 100 vendors within a 12 month SLA. • Led due diligence reviews and onboarding of Artificial Intelligence vendors for a POC project involving multi-team/cross functional use cases for AI in the business. This guidance has led to a formal governance structure for AI initiatives moving forward. • Created and maintained a Security Risk Register, formally adopted by the wider department to be used to hold internal stakeholders accountable and to track risk remediation and/or acceptance status across the company. • Ran employee InfoSec training program (KnowBe4 platform), creating a company culture for security, data privacy, and compliance. Provided tools & guidance on industry standard best practices around cyber security. Published quarterly Security Newsletter to socialize and promote cybersecurity best practices. SaaS Toolkit: Jupiter One (Cyber Asset Attack Surface Management) CrowdStrike Venminder KnowBe4 Black Kite BitSight Security ScoreCard Bolster AI Cloudflare Productiv (SaaS Mgmt) Datadog OpenSearch and other native AWS tools. CISO Assistant