Experienced in Governance, Risk, and Compliance (GRC), cloud security, and enterprise cybersecurity with 4+ years of expertise. Skilled in implementing security and privacy controls across Multi-Cloud environments. Worked across multiple geographies, supporting regulatory needs for the US, UK, Middle East, Africa, and India’s BFSI sector.
View ExperienceExperienced Senior Information Security Engineer with over 4 years of in-depth, cross-functional experience in securing complex IT and cloud ecosystems through an integrated approach to Governance, Risk, and Compliance (GRC), multi-cloud security, and enterprise risk management. Adept at building and operationalizing security strategies that protect critical assets across hybrid infrastructures, while aligning technology operations with global regulatory frameworks and industry standards.
Demonstrated excellence in securing multi-cloud environments, including Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) by designing, implementing, and continuously improving security controls that are scalable, auditable, and resilient.
Highly skilled in performing end-to-end compliance assessments, security control implementation, and policy and procedure development, with a strong command of international and regional standards such as ISO/IEC 27001, NIST Cybersecurity Framework (CSF), CIS Controls v8, PCI DSS, GDPR, and EU Digital Operational Resilience Act (DORA).
Led implementation of privacy and security requirements tailored to multiple jurisdictions, including HIPAA and CCPA (United States), DPA 2018 (United Kingdom), NESA and QCB (Middle East), NDPR and Kenya Data Protection Act 2019 (Africa), and RBI, IRDAI, and SEBI (India's BFSI sector). Partnered with compliance and legal teams to translate regulatory obligations into actionable technical controls, policies, and design blueprints.
Strong advocate of a security-by-design philosophy, with significant experience in collaborating on secure product development by reviewing solution design documents, identifying control gaps during design reviews, and advising development teams on aligning implementation efforts with enterprise privacy and security standards.
Certified as a Google Cloud Professional Cloud Security Engineer (PCSE) and additionally credentialed via Coursera specializations by Google, IBM, Palo Alto Networks, and ISC², reflecting a strong theoretical and practical foundation across cloud security, secure access management, threat detection, and compliance automation. Deep working knowledge of IAM architecture, role-based access control (RBAC), least privilege enforcement, and secure configuration baselining using industry benchmarks.
Driven by a commitment to continuous learning and proactive defense, I bring a blend of technical depth, policy fluency, and strategic security thinking, allowing me to bridge the gap between technology and governance. I thrive in challenging environments where innovation, precision, and accountability drive success, and I consistently deliver secure, compliant, and business-enabling outcomes.
Let’s connect — whether it’s about cybersecurity, collaboration, or a quick chat.
Drop me a message or reach out through the links below.