Skills
Skilled in information security governance, risk assessment, and compliance operations with strong command over ISO 27001 implementation support, risk register maintenance, internal audit preparation, and evidence documentation. Experienced in drafting security policies, performing gap assessments against NIST CSF, tracking audit observations, and reporting compliance status. Proficient in vulnerability assessment methodologies, threat intelligence analysis, and communicating remediation priorities. Hands-on with DevSecOps practices including secure CI/CD pipelines using Jenkins, SonarQube, Docker, Kubernetes, and configuration automation with Ansible. Familiar with cloud fundamentals across Azure, AWS, and GCP, along with scripting and backend enhancements using Python and modern frameworks like Next.js and Node.js. Continuous learner with strong analytical skills, stakeholder communication, and structured documentation capabilities.
About
Cybersecurity & GRC Analyst with 1.5 years of experience across information security governance, risk management, compliance operations, and audit readiness. Skilled in ISO 27001 implementation support, policy drafting, internal assessment, evidence management, and risk register administration. Hands-on exposure to vulnerability assessment, secure deployment practices, CI/CD hardening, and threat intelligence reporting. Experienced in preparing audit artefacts, mapping controls, conducting gap assessments, and communicating risk status to stakeholders. With a foundation in DevSecOps, automation, and cloud concepts, brings a balanced understanding of security operations, governance frameworks, and compliance execution. Seeking opportunities in GRC, audit support, IT risk analysis, and cybersecurity program enablement.
Profile Photo
