I am Conducting vulnerability assessments and penetration testing (application and/or infrastructure) and articulating security issues to a technical and non-technical audience I also write Information and cybersecurity policy writing (Information Security policies and procedures, BCP, DRP creation, IT security risk management, IT audit and compliance with 4 years of experience. I can help organizations with ISO 27001, SOC 2 or other compliance framework preparation, implementation, creating and updating policies and procedures. Information security policy and technical writing is the main speciality of me. My main skills in IT and policies writing are includes: - Written Information Security Policies and Procedures (WISP) - investigating cyber and information security incidents, - Policy reviews, GAP analysis, - Information security policy writing, - Information security procedures writing, including an end to end workflows - IT audit - Risk assessment (based on NIST or ISO methodologies) - Information security-related training, including training material creation, security awareness tailored to the organization needs - Compliance framework training GDPR, NIST, ISO 27001, SOC2