farzad kanani

Skills

• Threat, Config and Vuln Management
• CyberSec Risk assessments
• Third Party Risk Management (TPRM)
• Cloud and Data Security, Architecture
• IT Risk Assessment, ISO 31000 • ISO 27001/2, COBIT 5, NIST CSF
• Privacy, PIPEDA, GDPR
• SOC 1&2, COSO, PCI-DSS
• Change Management
• Disaster Recovery & Business Continuity DRP/ BCP
• Security architecture
• Endpoint Security Assessment
• Team Leadership & Mentoring
• IT Compliance & Security Audit
• Excellent Communication Skills


• Excellent Communication Skills, led
meetings of 15+ attendees.

About

I am an experienced IT Security Risk, Governance and Compliance practitioner with over a decade of experience in Cyber security, I.T audits, Third Party Risk Assessment, Vendor Risk Assessment, Security Frameworks and
Business Continuity/Disaster Recovery Planning.
Proven track- record of conducting PCI audit, TRA and assessing internal/external security vulnerabilities of information systems across broad range of business functions. In-depth knowledge of SOC 2 Type I&II, PCI, PIPEDA, HIPAA, Privacy Shield and GDPR.
Excellent communicator and able to leverage technical and business knowledge to communicate effectively with client executives and their respective teams. Capable of translating local and regional regulatory requirements or business mandates into actionable and proactive security measures. Multi-industry experience in the documentation of policies, procedures, and controls.
Matured the third-party risk management (TPRM) process by developing and implementing procedures for the entire vendor lifecycle stages: expanded the onboarding process and created the ongoing monitoring, re-assessment and offboarding processes.