Senior Cybersecurity Architect & Compliance Leader

Senior Cybersecurity Architect, Consultant, and Compliance Leader with 20+ years of experience delivering enterprise-wide security, governance, and compliance programs across financial services, healthcare, government, telecoms, critical infrastructure, energy, and technology sectors . Trusted advisor for CxO stakeholders, regulators, and global organizations on cyber resilience, secure architecture, and compliance alignment.
Expertise spans Identity & Access Management (IAM/PAM) , OT/ICS Security , Information Security Management Systems (ISMS) , Product & Cloud Security Architecture , AI Governance , and Compliance & Risk Management . Proven ability to design and implement secure architectures, lead global transformation programs, and align with international standards and regulatory frameworks.
Key skills and domains include:

• Identity & Access Management (IAM/PAM): Enterprise SailPoint, CyberArk, BeyondTrust, Broadcom PAM, Entra ID, RBAC, SSO, JIT access, session recording, onboarding privileged accounts (Windows, Linux, SAP, Cloud Consoles).
• Governance, Risk & Compliance (GRC): ISO 27001/17, NIST CSF, CIS, TISAX, PCI DSS, SOX, GDPR, HIPAA, DORA, NIS2, BSI Grundschutz, MaRisk, BaFin, UNECE WP.29, ISO 21434.
• OT/ICS Security: IEC 62443 risk and gap assessments, SCADA/ICS threat modeling, Modbus, IEC104, DNP3, secure industrial networks, OT/IT convergence, GICSP, ISA/IEC 62443.
• Information Security & Compliance Management: ISMS development, security audits, risk assessments, vulnerability management, incident response planning, compliance automation tools (AuditBoard, Drata), client-facing due diligence (RFPs, RFQs, security questionnaires).
• Cloud & Product Security Architecture: Secure coding standards, DevSecOps, SAST/DAST, zero trust, cloud transformation (Azure, AWS, GCP), Crowdstrike Falcon, static code analysis, OSS scanning, hybrid security controls.
• AI Governance & Data Protection: EU AI Act, GDPR, HIPAA, ethical AI adoption, BPMN-based process modeling, regulatory audits, compliance frameworks for AI-driven systems.
• Cybersecurity Strategy & Leadership: Development of product security strategies, compliance roadmaps, risk registers, security awareness programs, and executive-level dashboards.
• Security Operations: Penetration testing management, vulnerability remediation tracking, SIEM (Sentinel, Splunk, ELK), incident response, threat intelligence integration.

Certifications include: CISSP, CISM, CRISC, CISA, ISO 27001 Lead Implementer, ITIL, GICSP, ISA/IEC 62443 .
Recognized for building and maturing cybersecurity programs that balance business agility with security resilience , delivering measurable reductions in risk exposure, regulatory compliance assurance, and enabling digital transformation across complex global environments