Cybersecurity & GRC Executive
Strategic leader with 10+ years driving enterprise security transformation across Fortune 10/100 corporations, government agencies, critical infrastructure, and healthcare institutions. Proven expertise in governance, risk management, and regulatory compliance on a global scale.
CISSP-certified executive specializing in governance, risk, and compliance across ISO 27001, ISO 31000, NIST, NIS2, GDPR, SOC 2, PCI DSS, and FedRAMP frameworks. Hands-on experience aligning regulatory requirements across EMEA and the Americas.
Proven ability to advise Directors, CISOs, and executive boards on security governance, compliance strategies, and risk remediation across hybrid cloud and enterprise networks. Led deployment and optimization of SIEM, SOAR, and vulnerability management platforms including Splunk, Microsoft Defender, and Azure Sentinel.
Oversees implementation of security automation using Python, Logic Apps, and JSON; integrates best practices into CI/CD pipelines and DevOps infrastructure with extensive background in firewall architecture, perimeter security, and secure cloud adoption across AWS, Azure, and hybrid environments.
Board leadership role providing strategic direction and governance oversight for organizational operations.
Leading independent cybersecurity consultancy delivering enterprise security strategy, GRC advisory, and technical implementation services.
Supporting governance, risk, and compliance operations within the Vatican's global cybersecurity framework. Designing risk management and compliance strategies aligned with cyber ethics and resilience objectives.
Directed a global team of 12 cybersecurity engineers, delivering security strategy across AWS, Azure, and hybrid environments for multinational enterprises. Led regulatory compliance initiatives across government, defense, healthcare, and critical infrastructure sectors. Consulted for Fortune 10 and Fortune 100 enterprises, advising executive leadership on high-impact security projects. Oversaw $4M+ cybersecurity budget.
Designed and optimized SIEM, SOC, and SOAR workflows. Developed security governance frameworks aligning SOC operations with ISO 27001 and GDPR standards. Delivered strategic risk assessments to executive stakeholders.
Led cross-functional teams deploying threat detection solutions including Splunk and Azure Sentinel. Implemented GRC strategies for AWS, Azure, Linux, and Windows environments. Achieved and maintained compliance with ISO 27001, GDPR, and NIST standards.
Collaborated with enterprise clients and government agencies across EMEA and the Americas to design secure network architectures. Ensured compliance with ISO 27001, NIST, GDPR, HIPAA, and PCI DSS frameworks.
NIST CSF, ISO 27001, SOC 2, HIPAA, PCI DSS, GDPR, MITRE ATT&CK, NIS2, FedRAMP, ISO 31000
AWS Security Hub, Azure Security Center, Prisma Cloud, Hybrid Environments, CI/CD Pipeline Security
Splunk, Microsoft Sentinel, QRadar, Elastic Security, Azure Sentinel
Microsoft Defender, CrowdStrike, Fortinet, Palo Alto Networks, NGFW, DLP/DPS
Tenable Nessus, Qualys, Rapid7, ServiceNow, Archer GRC
Python, PowerShell, Terraform, Logic Apps, JSON, DevOps Integration