Sam Atique

Facilitated IBM Cloud services teams in achieving and maintaining industry certifications (FedRAMP, SOC 2, HIPAA, PCI-DSS, C5, ENS, ISMAP), ensuring 100% compliance with frameworks such as NIST 800-53, ISO 27001, ISO 27017, ISO 27018, CIS Benchmarks, CSA Control Matrix. Led the implementation of CIS and ISO 27017 standards related to data security, encryption, network security, and identity access

Led compliance initiatives for Apple’s WP&C, ensuring 100% adherence to internal policies and regulatory requirements across multiple projects. Conducted over 5 privacy impact assessments for transit and access projects, providing actionable guidance to engineering teams and ensuring compliance with GDPR, HIPAA, and other privacy regulations.

Conducted SOC 1, SOC 2 (Type I and Type II), and HIPAA compliance attestations for global organizations with complex IT infrastructures, including cloud services hosted on AWS, GCP, and Azure. Successfully completed 8 SOC 2 attestations for SaaS providers and BPO companies, evaluating compliance against common criteria, including availability, confidentiality, and privacy.

Conducted IT General Controls (ITGC), IT infrastructure, IT operations, and cybersecurity audits, ensuring compliance with industry standards and regulatory requirements. Provided policy guidance aligned with frameworks such as NIST, SOC 2, and ISO 27000 series, resulting in a significant improvement in compliance adherence.

Conducted comprehensive evaluations of IT General Controls (ITGC), business processes, and application security across the Cal State Financial Information System, identifying high-risk areas. Partnered with senior-level management at the Department of FI$Cal to conduct walkthroughs for over 30 processes, perform testing, and track risk register updates.

Successfully performed and managed the full audit lifecycle for X audits, including Patch Management, ATM Operations, Anti-Malware, and IDS/IPS audits, achieving a 20% improvement in audit efficiency. Prescribed updates to policies and procedures based on audit findings, resulting in a measurable enhancement of data security and privacy controls compliant with NIST, ISO standards.

Researched industry-specific Information Security policies/ frameworks such as COBIT, ISO 27000 series, etc., for company-wide deployment. Evaluated IT infrastructures, IT applications, and ERP of the company to assess IT control gaps.

Pursued advanced studies in Information Systems, focusing on theoretical and applied aspects of information technology and its impact on organizations. Engaged in research and coursework to deepen understanding of complex systems.

Completed an MBA in Business, focusing on core business principles, management strategies, and organizational leadership. Developed strong analytical and decision-making skills applicable across various industries.

Completed a specialized certification program in AI for Cybersecurity, gaining expertise in leveraging artificial intelligence to enhance cybersecurity measures and address emerging threats. Focused on practical applications and cutting-edge techniques.

Obtained a Master's degree in Information Systems, developing a comprehensive understanding of information technology management, data analysis, and system design. Engaged in coursework covering various aspects of IT infrastructure and business applications.