Cyber Security Consultant
Nortal
(Internet and Information Technology, 1000-5000 employees)
Keywords
ISO/IEC 27001
Computer Security
Governance Risk Management and Compliance
National Institute of Standards and Technology (NIST)
Penetration Testing
Business Requirements
Sales
Health Assessment
Health Information Systems (HIS)
Network Security
Skills
I am a dedicated Cyber Security professional with a solid foundation in GRC and a proven track record of enhancing security solutions for high-profile clients. My expertise lies in aligning cybersecurity strategies with industry standards such as ISO 27001 and NIST frameworks. At Atos, I led network security initiatives for UK water utilities, implementing NIST-compliant solutions for smart metering projects. At Nortal, I conducted security tooling assessments and optimized health information systems using Armis technology, ensuring compliance with ISO 27001 standards. I hold certifications like Capslock Ce-CSP, ISO 27001 Foundation, and Armis Sales Specialist, which underpin my technical abilities in cybersecurity. My experience extends to conducting penetration testing, IT health checks, and crafting compliance guidelines for US municipality client contractors. I am adept at liaising with stakeholders to create secure, efficient cybersecurity frameworks tailored to specific business needs. My approach is always to balance client requirements with cutting-edge security practices, ensuring robust protection against evolving cyber threats.
Project history
11/2023
-
11/2023
● Conducted assessments of security tooling and ensured CTI threat hunting tooling met ISO 27001 standards, balancing the needs of our KSA clients and the consultancy.
● Optimized Tartu University Hospital's HIS using Armis, setting up NIST-recommended AES-128 encrypted connections for secure communication with other healthcare systems.
● Organisation of penetration testing and IT Health Checks for US clients with assistance from 3rd part vendor
● Liaised with stakeholders, crafting ISO 27001 compliant guidelines for US municipality client contractors, emphasizing secure configurations and access controls.
03/2022
-
12/2022
Digital Security Consultant
Atos
(Internet and Information Technology, >10.000 employees)
* Collaborated with a leading UK water utility company, fortifying network
security via the NIST framework for smart metering pilot initiatives.
* Using the Octave Allegro methodology, performed vulnerability
assessments on data systems, leading to the recommendation of
Microsoft Priva for its ISO 270001 and GDPR compliance, enhanced
access controls, and automation features.
* Pioneered effective Privileged and Identity Access Management
solutions tailored for clients in the water industry.
CAPSLOCK PROJECTS
What I did at CAPSLOCK
600+ hour course with live, instructor-led classes
Completed a 16 week CIISec accredited course addressing real-world
cybersecurity challenges within team-based simulated environments.
Security Culture & Business Understanding:
* Assessed and optimized existing security awareness efforts, linking
challenges to business aims.
* Devised a plan targeting phishing risks with actionable, measurable results
over 6 months.
* Established governance with OCTAVE Allegro risk assessments, asset
identification, and data categorization.
* Crafted a security strategy addressing GDPR, PCI-DSS, and other regulatory
requirements.
Security by Design:
* Outlined a comprehensive security strategy emphasizing legislative
mandates.
* Adapted cloud services per security consultant guidelines.
* Formulated BYOD controls and explored supply chain security assurance
processes.
security via the NIST framework for smart metering pilot initiatives.
* Using the Octave Allegro methodology, performed vulnerability
assessments on data systems, leading to the recommendation of
Microsoft Priva for its ISO 270001 and GDPR compliance, enhanced
access controls, and automation features.
* Pioneered effective Privileged and Identity Access Management
solutions tailored for clients in the water industry.
CAPSLOCK PROJECTS
What I did at CAPSLOCK
600+ hour course with live, instructor-led classes
Completed a 16 week CIISec accredited course addressing real-world
cybersecurity challenges within team-based simulated environments.
Security Culture & Business Understanding:
* Assessed and optimized existing security awareness efforts, linking
challenges to business aims.
* Devised a plan targeting phishing risks with actionable, measurable results
over 6 months.
* Established governance with OCTAVE Allegro risk assessments, asset
identification, and data categorization.
* Crafted a security strategy addressing GDPR, PCI-DSS, and other regulatory
requirements.
Security by Design:
* Outlined a comprehensive security strategy emphasizing legislative
mandates.
* Adapted cloud services per security consultant guidelines.
* Formulated BYOD controls and explored supply chain security assurance
processes.
Local Availability
Only available for remote work
Other
As a dedicated Cybersecurity Consultant, I bring a unique blend of technical acumen, strategic thinking, and practical experience. My commitment to staying ahead of evolving cyber threats is evident in my proactive learning and certification pursuits. I am deeply invested in understanding each client's specific context, enabling me to provide tailored, effective cybersecurity solutions.
I am not just about mitigating risks but also about empowering clients through knowledge and robust cybersecurity practices. My experience spans a range of industries, equipping me with insights into various organizational structures and requirements. This versatility allows me to adapt quickly and offer solutions that are not only secure but also enhance operational efficiency.
I am open to collaborations that challenge me to push the boundaries of what's possible in cybersecurity. Whether it's a short-term project or a long-term engagement, my goal is to leave a lasting impact by elevating your cybersecurity posture and resilience.
Let's connect to discuss how we can fortify your digital assets against the ever-changing landscape of cyber threats.
