Professional Summary
A high-level overview of my expertise and career focus.
A certified (CISSP, CISM) and highly technical security leader with 15 years of software engineering experience, specializing in Security Governance, Risk, and Compliance (GRC) within the heavily-regulated financial technology industry. My expertise is in building and leading security programs from the ground up, mapping complex regulatory requirements (e.g., ISO 27001, NIST CSF, MAS TRMG) to tangible technical controls, and driving the automation of security governance at scale. With a strong background in Python, data engineering, and big data technologies, I excel at defining and monitoring security KPIs, developing dashboards for executive reporting, and leading cross-functional initiatives with Legal, Compliance, and Engineering teams to achieve strategic security objectives.
Core Competencies
A snapshot of my key strengths and technical capabilities.
Security Program & Risk Management
GRC, KPI Monitoring, ISO 27001, NIST-CSF, Vendor Risk, Vulnerability Management.
Software Development & Automation
Python, Golang, Ruby on Rails, Scripting, Secure SDLC, Microservices (Kafka).
Data Analysis & Engineering
Data Warehousing, ETL (Airflow), Big Data (Spark, Scala), SQL, Reporting Dashboards.
Infrastructure & Systems
Linux (Debian, NixOS), Cloud Security (AWS), Docker, Infrastructure as Code.
Professional Experience
My career journey, highlighting key roles and accomplishments.