Open to opportunities

taha feroz

@tahaferoz

Message

Strategic Cybersecurity Professional driving enterprise-wide risk and compliance.

Canada

Message

What I'm looking for

I seek a role that fosters collaboration and innovation in cybersecurity, offering opportunities for growth and impactful contributions.

I am a strategic and results-driven Cybersecurity Professional with a proven track record in designing and leading enterprise-wide risk, compliance, and vulnerability programs. My expertise lies in driving regulatory alignment with frameworks such as PCI DSS and NIST CSF, and I have successfully architected interactive dashboards that enhance executive visibility into cyber risk.

Throughout my career, I have demonstrated my ability to engage cross-functional stakeholders and build scalable governance processes that improve audit readiness and remediation outcomes. My recent role as a Security Governance Analyst at Metrolinx involved designing a centralized GRC dashboard suite in Power BI, leading PCI DSS compliance initiatives, and integrating advanced risk management tools to streamline processes and enhance decision-making.

Experience

Work history, roles, and key accomplishments

Current

Security Governance Analyst

Current

METROLINX

Jan 2023 - Present (2 years 5 months)

Designed and implemented a centralized GRC dashboard suite in Power BI, enhancing executive visibility and data-driven decision-making. Led PCI DSS 4.0 compliance initiatives and managed the OneTrust ITRM module, automating workflows and integrating risk data into governance processes.

Governance Risk Power BI PCI DSS NIST CSF Vulnerability Management Risk Management Incident Response Data Protection

IT Risk Analyst, GRC

KUBRA

Jan 2022 - Jan 2023 (1 year)

Orchestrated SSAE-18 and PCI audit processes, enhancing compliance. Developed a centralized Client Questionnaire & RFP Question Bank, reducing response times significantly. Led an enterprise-wide Vulnerability Management program using Tenable Nessus and Wiz.io.

PCI Compliance Vulnerability Management Nessus Risk Management Power BI Client Engagement

Information Technology Analyst

Danube Overseas Consultants

Jan 2021 - Jan 2021 (0 months)

Spearheaded proactive maintenance on peripherals, achieving a 10% decline in incidents. Enhanced system uptime by 50% through early issue identification and implemented security enhancements to safeguard organizational integrity.

Maintenance Technical Training Incident Management Troubleshooting Cybersecurity

Vulnerability Assessment & Penetration Tester

STPI, Ministry of Electronics and Information Technology

Jan 2021 - Jan 2021 (0 months)

Collaborated with the SOC team to analyze network events using SIEM tools. Conducted vulnerability assessments across web applications and systems, aligning findings with frameworks like NIST 800-53 and ISO 27001.