I am a seasoned GRC security consultant with extensive experience in Cyber Security Risk & Governance, Security Gap Assessments, Security Risk Management, and Security Incident Management. Proficient in NIST controls assessment and Vulnerability Assessment using tools like Tenable Nessus and Tripwire, with a diverse background in cyber risk management, security-related standards, baselines, and policy frameworks such as NIST SP 800-53 and ISO 27001. Experienced in providing strategic GRC advisory to enterprise clients, conducting third-party risk assessments, and aligning cybersecurity programs with frameworks such as ISO 27001, NIST CSF, Essential Eight, PCI-DSS, GDPR and the Australian ISM. Skilled in audit and compliance readiness, policy and control development, and strategic cybersecurity planning. Proven ability to engage stakeholders across technical and non-technical domains and conduct incident response tabletop exercises to enhance organizational resilience. Adept at applying agile working strategies to deliver security solutions iteratively, foster collaboration, and adapt to evolving business and regulatory requirements.