taha feroz
@tahaferoz
Strategic Cybersecurity Professional driving enterprise-wide risk and compliance.
What I'm looking for
I am a strategic and results-driven Cybersecurity Professional with a proven track record in designing and leading enterprise-wide risk, compliance, and vulnerability programs. My expertise lies in driving regulatory alignment with frameworks such as PCI DSS and NIST CSF, and I have successfully architected interactive dashboards that enhance executive visibility into cyber risk.
Throughout my career, I have demonstrated my ability to engage cross-functional stakeholders and build scalable governance processes that improve audit readiness and remediation outcomes. My recent role as a Security Governance Analyst at Metrolinx involved designing a centralized GRC dashboard suite in Power BI, leading PCI DSS compliance initiatives, and integrating advanced risk management tools to streamline processes and enhance decision-making.
Experience
Work history, roles, and key accomplishments
Security Governance Analyst
METROLINX
Jan 2023 - Present (2 years 5 months)
Designed and implemented a centralized GRC dashboard suite in Power BI, enhancing executive visibility and data-driven decision-making. Led PCI DSS 4.0 compliance initiatives and managed the OneTrust ITRM module, automating workflows and integrating risk data into governance processes.
IT Risk Analyst, GRC
KUBRA
Jan 2022 - Jan 2023 (1 year)
Orchestrated SSAE-18 and PCI audit processes, enhancing compliance. Developed a centralized Client Questionnaire & RFP Question Bank, reducing response times significantly. Led an enterprise-wide Vulnerability Management program using Tenable Nessus and Wiz.io.
Information Technology Analyst
Danube Overseas Consultants
Jan 2021 - Jan 2021 (0 months)
Spearheaded proactive maintenance on peripherals, achieving a 10% decline in incidents. Enhanced system uptime by 50% through early issue identification and implemented security enhancements to safeguard organizational integrity.
Vulnerability Assessment & Penetration Tester
STPI, Ministry of Electronics and Information Technology
Jan 2021 - Jan 2021 (0 months)
Collaborated with the SOC team to analyze network events using SIEM tools. Conducted vulnerability assessments across web applications and systems, aligning findings with frameworks like NIST 800-53 and ISO 27001.
Education
Degrees, certifications, and relevant coursework
Jamia Hamdard University
Bachelor of Computer Application, Computer Application
Durham College
Cybersecurity
Fanshawe College
Software & Information Systems Testing
Availability
Location
Authorized to work in
Job categories
Interested in hiring taha?
You can contact taha and 90k+ other talented remote workers on Himalayas.
Message tahaFind your dream job
Sign up now and join over 85,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
