Owned risk framing and remediation governance for vulnerabilities and control gaps: prioritized mitigation plans, tracked closure, and documented residual risk with stakeholders.
Established first-line AI risk management and governance: authored AI acceptable-use/governance policy, drafted the AI Management System
AIMS
AIMS, and led ISO/IEC 42001 readiness planning aligned to NIST AI RMF and NIST-AI-600-1.
Built AI control workflows (intake, review/approval, exceptions), including blocking known AI tools by default and requiring enterprise agreements/vendor gating prior to enabling access.
Drove privacy and data risk efforts including GDPR/data-location discovery, policy lifecycle support, DLP/security monitoring, and customer assurance requests (questionnaires, evidence, control narratives).
Partnered cross-functionally (Engineering/Development, Data Science, Legal/Compliance, IT Ops) to surface risk early, integrate security into change processes, and improve operational controls (identity, network, perimeter, monitoring).
Optional “Focus areas” line (if you want a short descriptor under the title)
Risk management - Control design - Audit readiness - AI governance - Privacy/data risk
Top skills to feature (risk-first ordering)
Technology Risk Management, Risk Analysis, Control Design, Audit Support, AI Governance, ISO/IEC 42001, NIST AI RMF, GDPR, Microsoft Purview, Azure AD, O365 Conditional Access, MFA, Vulnerability Management
Technology risk and control leader translating security/privacy requirements into practical controls, governance checkpoints, and audit-ready evidence across global operations. Owned risk framing and remediation governance for vulnerabilities and control gaps: prioritized mitigation plans, tracked closure, and documented residual risk with stakeholders. Established first-line AI risk management and governance: authored AI acceptable-use/governance policy, drafted the AI Management System AIMS AIMS, and led ISO/IEC 42001 readiness planning aligned to NIST AI RMF and NIST-AI-600-1More...