Jobseeker Profile Image

Security Analyst | 3+ years of exp | GRC, ISO 27001, SOC2, NIST, GDPR, Risk Analysis

Actively Looking for Work

Private Information

I am an experienced Information Security Governance, Risk, and Compliance (GRC) professional with over 3 years of expertise supporting organizations in achieving and maintaining compliance with global security standards. My core competencies span ISO 27001, SOC 2, GDPR, third-party risk management (TPRM), internal audits, policy development, risk assessments, and security awareness initiatives.

Currently, I work as an Associate Information Security Engineer II at PowerSchool, where I actively contribute to the GRC function. My responsibilities include:

  • managing SOC 2 and ISO 27001 audit readiness by coordinating evidence collection, validating technical artifacts, and working closely with engineering teams to ensure timely, accurate submissions.
  • leading third-party risk assessments by analyzing vendor SOC 2 reports, reviewing supplier security posture, and maintaining the supplier risk register.
  • contributing to the refinement of internal policies and frameworks to align with ISO standards, regulatory requirements, and best practices.
  • promoting a strong security culture through security awareness campaigns, including Cybersecurity Awareness Month and regular training sessions.

In parallel, I provide support to the Application Security (AppSec) team in activities related to application penetration testing and security reviews, enhancing overall product security.

Previously, at Accenture, I served as a Technical Security Associate, where I conducted ISO 27001-based internal audits across 80+ client projects, performed ISMS assessments, and helped identify and close security gaps. I ensured compliance with GDPR for projects handling PII and prepared reports for senior leadership, facilitating risk visibility and proactive mitigation. My work also included delivering security awareness sessions for new joiners and during audit cycles.

I am certified as an ISO 27001:2013 ISMS Lead Auditor and am pursuing CISSP (target 2025). I also have working knowledge of tools and frameworks such as HECVAT, CAIQ, SIQ, Kali Linux, and a keen interest in cybersecurity, cloud security, ethical hacking, and penetration testing.

In addition to technical skills, I am adept at:

  • Collaborating across departments to align security practices with business objectives.
  • Driving audit readiness and compliance monitoring.
  • Managing service and incident requests via platforms like Freshservice.
  • Deriving actionable insights from risk and compliance data.

I am passionate about enabling organizations to build secure, resilient, and compliant environments that support both regulatory expectations and business goals. I am seeking new opportunities where I can contribute my skills in GRC, audits, risk management, and security awareness while continuing to grow in the fields of cybersecurity and information security governance.

Contact Me

Get Hired! Add Your Profile!

Let employers in Dubai, UAE and Saudi Arabia find you! Sign up and add your profile and be seen by hundreds of employers in the Middle East!