Highly detail-oriented GRC Analyst with practical experience in establishing robust risk management, compliance, and information security frameworks, particularly for startups. Proficient in ISO27001, NIST, GDPR, and NDPR principles, adept at conducting internal control assessments and driving organizational resilience. Proven ability in identifying security threats, developing comprehensive policies, and communicating complex technical concepts effectively to enhance cybersecurity posture.
Cybersecurity Analyst (Virtual Experience)
Summary
Participated in a comprehensive job simulation as an analyst on MasterCard's Security Awareness Team, gaining practical experience in cybersecurity operations.
Highlights
Conducted in-depth analysis as a Cybersecurity Analyst within MasterCard's Security Awareness Team during a virtual job simulation.
Identified and reported critical security threats, including sophisticated phishing attempts, contributing to enhanced organizational security.
Analyzed business areas to identify security training gaps, subsequently developing and implementing targeted training courses and procedures to strengthen overall security posture.
Cybersecurity Risk Analyst (Virtual Experience)
Summary
Engaged in a job simulation focused on cybersecurity risk assessments and mitigation strategies, improving client cybersecurity posture.
Highlights
Performed comprehensive risk assessments by investigating a simulated cyberattack, enhancing understanding of threat identification.
Developed expertise in assessing diverse threat landscapes, prioritizing risks, and implementing critical security measures such as Multi-Factor Authentication (MFA) and penetration testing.
Prepared and presented comprehensive documentation and strategic recommendations, significantly improving client cybersecurity posture and demonstrating effective technical communication.
Fluent
Issued By
Mastermind
Issued By
Self-study/Various Resources
Issued By
SBP
Issued By
LinkedIn Learning
Issued By
Skill Front
Issued By
LinkedIn Learning
Issued By
Unknown
Issued By
Unknown
Risk Assessment, Risk Identification, Risk Mitigation Planning, Threat Landscape Analysis.
ISO/IEC 27001:2022, NIST, GDPR, NDPR, Regulatory Compliance.
Policy Drafting, Documentation, IT Governance, Data Protection, Privacy Policy.
Internal Audit, Compliance Checklists, Control Testing, Security Posture Assessment.
Analytical Skills, Research, Report Writing, Technical Documentation.
Security Education, Awareness Programs, Phishing Awareness.
Third-Party Risk Assessment, Vendor Due Diligence.
Excel, PowerPoint.
Configuration, Administration.
Communication, Teamwork, Stakeholder Engagement.
Summary
Developed and implemented a structured audit checklist aligned with ISO/IEC 27001:2022 controls to assess the security posture of a simulated environment. Conducted mock internal audits to evaluate the effectiveness of existing controls across various domains.
Summary
Developed and implemented a data protection and privacy policy aligned with ISO/IEC 27001:2022 and NDPR principles, focusing on access control, data minimization, and retention policies. Demonstrated hands-on capability in security monitoring, policy enforcement, and privacy compliance.