Experienced Information Security Compliance Officer with a proven track record of successfully meeting and exceeding client expectations. With expertise in ISO27001, ISO9001, SOC, Cyber Essentials Plus, NIST, UK GDPR, HIPAA and other standards, they have created risk management policies and procedures, monitored suspicious activities and security breaches, implemented mechanisms for data backup and disaster recovery strategies and provided support for centralized logging, real time monitoring, vulnerability scanning and patch management, incident response plan, security audit and employee training. They have also conducted enterprise and targeted risk assessments across the organisation.

Provided support for the administration of internal and external audits, client relationships and vendor engagements. Lead in the deployment of DLP solutions to review and prevent unauthorised data transfers or leaks. Utilised the JIRA ticketing system to handle the administration of key security tasks. Presented internal vulnerability assessments and penetration tests. Assisted with physical security maintenance and wrote key metric reports.

The Information Assurance Analyst provided in-depth investigations of serious event incident alerts to meet business requirements. They conducted due diligence checks to adhere to risk assessment guidelines and regulations. They collaborated with the team to introduce vulnerability assessments and IT security tests, and assessed system events for malicious activity. The Analyst also coached and mentored the team on ISO27001 and completed additional duties such as analysing internal security controls, providing security policies and preparing for Information Governance and Security Board.

Provided risk assessment and due diligence services to ensure compliance with regulations and guidelines. Mentored and coached team members on ISO27001. Investigated serious event incident alerts and assessed system events for malicious activity. Implemented security policies and vulnerability assessments. Prepared for Information Governance and Security Board.

A Control & Compliance Analyst with experience in Diageo GB, responsible for investigations, due diligence checks, vulnerability assessments, IT security tests, ISO27001 compliance and internal security control analysis. Fostered a team environment of collaboration and mentorship, and provided security policies, documents and Information Governance and Security Board preparations.