5+ years leading security assessments, regulatory compliance programs and cross-functional teams across financial, healthcare, automotive and IoT sectors. Subject matter expert for EU product cybersecurity regulations. Targeting a Cybersecurity Manager role as a step towards CISO leadership.
EN 18031, Cyber Resilience Act, ECE 155/156, IEC 60335-1 Annex U — translating complex EU product cybersecurity regulations into actionable conformity programs.
30+ penetration tests across web, infrastructure and mobile. Vulnerability assessment using OWASP and PTES methodologies, reducing exploitable attack surface by up to 30%.
Leading teams of 5+ assessors, owning end-to-end delivery cycles, C-suite reporting and executive client relationships. 98% client satisfaction across portfolio.
Service ownership and pre-sales for EU product cybersecurity regulations. Leading a team of 5 assessors across EN 18031, CRA, Automotive and IEC 60335-1 Annex U assessments.
Managed cross-functional teams of 5–10 in Scrum environments, delivering cybersecurity and compliance projects. Oversaw end-to-end development of a GDPR-compliant clinical record platform.
Scoped and executed 30+ penetration tests across finance, healthcare and public sectors. Co-developed GRC advisory practice expanding the service portfolio beyond penetration testing.
Comprehensive vulnerability assessments using Burp Suite, Nessus, Metasploit and Nmap. Supported SOC teams in red and blue team incident response simulations.
Designed and executed a strategic EN 18031 compliance roadmap for EU manufacturers. Built a scalable assessment framework for requirements 3.3(d/e/f), enabling presumption of conformity across multi-product portfolios.
Co-leading design of IMQ's CRA conformity assessment methodology. Developing a gap analysis framework mapping CRA requirements against IEC 62443 controls, leveraging CEN/CENELEC draft standards.