As a Sr. Security Industry Specialist at Amazon, I spearhead groundbreaking security initiatives, oversee global compliance assessments, and drive innovative automation projects. In my advisory role at the Cyber Future Foundation (CFF), I passionately contribute to the Responsible and Secure AI for the Future (RSAIF) initiative, focusing on Security Governance, Risk, and Compliance (GRC).
organization. I have been honored by Marquis Who's Who in America for significant contributions in Cybersecurity.
Key Accomplishments:
Security Compliance Leadership: Managing security programs for Amazon Devices and Services, including Alexa, Audible, Kindle, Ring, and Prime Video.
AI and Risk Management: Developing AI controls matrices aligned with NIST and EU AI Act guidelines, enhancing security compliance for AI and LLM applications.
Operational Efficiency: Achieved a 100% increase in efficiency by automating security controls testing, evidence gathering, and auto-remediation, saving 3000+ hours annually.
Global Compliance Initiatives: Directed worldwide compliance projects, ensuring regulatory adherence and seamless operations across Brazil, France, and the US.
MOSAIC Framework Development: Overseeing the integration of standards, frameworks, and regulations into a cohesive matrix of common controls, providing guardrails for secure AI.
Certifications and Expertise:
SANS GIAC Security Leadership, AWS Security Compliance and Governance for AI Solutions, CISA, CDPSE, ISO 27001 Lead Auditor and Implementer, ISO 31000 Risk Analyst, CSX, Azure Cloud Fundamentals, AWS Security Fundamentals, CCSS, IAEP.
Awards and Recognitions:
SANS Security Leadership Gold Award
Esther R. Sawyer Research Award from the Internal Audit Foundation
Mark Salamasick IT Auditor Fellowship from the University of Texas at Dallas
Gold Medalist from the University of Delhi
Published author for organizational governance, business paradigms in cyberspace, and social engineering.
Professional Goals:
Driven by a passion for GRC, my goal is to help organizations fortify their security frameworks. I am dedicated to mentoring and sharing knowledge, fostering the next generation of cybersecurity professionals.
Immigration Journey:
I successfully obtained the EB2 NIW and EB1a (Einstein Visa) in Cybersecurity and have since helped others prepare for this process. I am happy to share my journey and extend my learnings to help you navigate and overcome immigration obstacles in the cybersecurity domain.
Let’s Connect:
I am actively seeking speaking engagements, collaborative projects, and opportunities to mentor aspiring security professionals. Let's connect to advance the field of Cybersecurity and GRC together.
Disclaimer: The views and insights I share are solely my own and do not represent the official positions of Amazon or any other organization. Additionally, I am not an attorney, and EB2 NIW or EB1a discussions are not legal advice. My goal is to share my personal experiences and insights.
