Information Security Professional Bridging Technology & Compliance
Senior Manager, Information Security
Aug. 2020 - Nov. 2024San Ramon, CAAccomplished Information Security leader with a proven track record of enhancing security postures, achieving compliance certifications, and fostering operational efficiency. Adept at aligning security strategies with business goals, collaborating with cross-functional teams, and delivering impactful results across diverse industries. • Secured executive approval for advanced security frameworks by emphasizing compliance benefits, risk reduction, and operational improvements.
• Strengthened security awareness through targeted training programs, significantly increasing organizational engagement and fostering a proactive security culture.
• Conducted detailed vendor risk assessments, enhancing due diligence processes and reducing organizational exposure to third-party risks.
• Advanced the organization’s cybersecurity posture through tailored risk management frameworks that improved detection, prevention, and response strategies.
• Streamlined vulnerability management programs, reducing open security issues and reinforcing overall resilience.
• Led initiatives to achieve ISO/IEC 27001, SOC 2 Type II certifications through enterprise-wide security strategies.
• Developed and contributed to the FedRAMP System Security Plan, POA&M, and supporting documentation, implementing security controls to align with FedRAMP requirements, positioning the company for ATO.
• Designed AI security governance frameworks to meet emerging standards and ensure secure deployments.
• Collaborated with DevOps teams to integrate proactive security measures into the software development lifecycle, improving code quality and reducing risks.
• Consistently achieved audit success, maintaining compliance benchmarks and supporting business continuity.
• Enhanced application and cloud security through best practices, risk assessments, and automation to reduce exposure to potential threats.
• Developed vendor risk management programs with improved methodologies, enhancing compliance and efficiency.