Cyber Security Consultant

I am a certified ISO27001 Lead Auditor and understand the how to interpret, assess, implement and apply the security standard. This is from the initial identification of the scope of the assessment, capturing all applications and processes, including the identification of any lack of implemented controls for non-compliance. This assessment will include any systems, applications and processes that are either managed or processed inclusive of third-party vendors/partners. With more organizations becoming more dependent on Third-Party support, it is important that an ongoing risk assessment program is in place to ensure that the required compliance standards and controls are met and maintained, both internal and external.

Analysis of the various impacts on the system and the entire estate with relation to the governance requirements, through workshops, interviews and identifying the various risk that exist within the infrastructure. Mapping of all the various systems, applications and processes to the required and implemented controls, inclusive of any gaps that are found within the control implementation. Liaison with the various stakeholders within the organization to ensure that the impacts of non-compliance is understood and providing a clear and detailed picture of how the risks can be mitigated.

My knowledge includes all the following frameworks, ISO/IEC 27001/27002, NIST 800-53, PCI-DSS, NIST Cybersecurity Framework as well as privacy and GDPR. I am a dedicated resource and always prepared to go the extra mile, a fast learner and accept any new challenge as an opportunity to deliver my utmost best to ensure the delivery of quality output to any company.