I'm a Cybersecurity and Governance, Risk, and Compliance (GRC) Engineer who specializes in transforming complex regulatory requirements into practical, automated security controls that protect organizations while enabling business growth. With deep expertise spanning multiple regulatory frameworks and security standards, I bridge the critical gap between compliance mandates and operational security by architecting solutions that embed controls directly into business processes.
My approach centers on control automation, continuous monitoring, and DevSecOps-aligned compliance, leveraging AWS security services, Power Automate, and cloud governance frameworks to shift organizations from manual, point-in-time assessments to continuous compliance monitoring. I excel at translating dense regulatory language and technical security concepts into actionable safeguards that stakeholders at all levels can understand and implement.
Configured AWS IAM Identity Center, CloudTrail, Config, and Security Hub to implement control automation and continuous monitoring.
Developed a hands-on lab simulating IT risk assessment workflows, control testing, and vulnerability management.
Conducted systematic reviews of vendor policies against PCI DSS requirements, identifying gaps in security controls.