Over 12+ years of experience in information security encompassing in areas of, information security(ISMS), business continuity (BCMS), compliance, vendor management, audits, HIPPA, PCI-DSS and with certifications - ISO 27001 LA, ISO 22301 LA, ITIL v3 F and Qualified DRII Examination for CBCP, ISO 31000 Risk professional, CEH certified, CSA STAR certified Lead Auditor. Manage a risk based, customer centric information security program. Work directly with internal IT, operations, finance, and legal teams to ensure compliance to corporate policies and customer contractual obligations. Evaluate and recommend Solutions to any given project, serving as a subject matter expert by providing recommendations from security perspective to technology solutions being developed or maintained internally or externally by partners Collaboration, creation, implementation and management of critical information management controls to ensure on-going management of identified risks. Define governance and assurance processes to ensure the successful management of information risk management including definition of measure and metric, assessments, conformance and preparation of management inputs Managing and leading client security programs, data security initiatives or information security engagements.  Lead the Global Information Security Governance team and Business Continuity Team. Performed Gap Analysis of the current practices with the ISO 27001:2013 requirements Project work activities Include Defining of process, Planning, Execution, and Remediation support, False Positive Analysis, Assessment Report Preparation and Submission, Prioritization of vulnerabilities, etc. Act as an interface between the strategic and process-based activities and the work of the technology- focused analysts, engineers and administrators in the organization Drive key security initiatives through the building of vital business relationships with functional managers, senior management and client relationships. Offer internal management consultancy advice and practical assistance on information security risk and control matters throughout the organization by developing security strategies, roadmaps, business cases and risk remediation plans. Lead the identification, planning, development, implementation, operation and maintenance of information security services Lead the Development, Maintenance, and Assurance of Security Standards, Strategy, Best Practices, and Charters based on users and regulatory/legal requirements, focusing on information security and compliance Define governance and assurance processes to ensure the successful management of information risk management including definition of measure and metric, assessments, conformance and preparation of management inputs.