I am a professional Compliance and Data Privacy Officer with over 20 years of experience leading global governance, risk, and compliance (GRC) initiatives across highly regulated industries. My work focuses on building, assessing, and scaling compliance and data privacy programs that align with legal, technical, and operational standards. My legal background (J.D.) combined with deep expertise in cybersecurity allows me to translate complex regulatory requirements into practical controls and governance strategies. I’ve developed and led compliance initiatives across major frameworks, including GDPR, HIPAA, FERPA, CCPA, GLBA, SOC 2, ISO 27001, NIST 800-53​/​171, DFARS 7012, PCI-DSS, and CMMC. Certified in CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CIPP​/​E (Certified Information Privacy Professional​/​Europe), and CMMC-CCP (CMMC Certified Professional), I bring a multidisciplinary approach to privacy and risk management. I’ve successfully driven cross-functional initiatives involving policy development, vendor risk management, incident response, access governance, and privacy operations. I am passionate about enabling compliance through automation, fostering security awareness cultures, and building privacy-by-design strategies that protect both the enterprise and its stakeholders.