With a distinguished career spanning three decades in Information Technology, I am a seasoned UK professional with a wealth of experience in Information Security, having dedicated 25 years to this field. My expertise is further solidified by a 17-year focus on Privacy and Security Frameworks, and a significant five-year specialization in Third-Party Risk Management (TPRM). In this capacity, I have refined my abilities in evaluating and mitigating the risks associated with vendors and external partners. My skill set includes conducting thorough due diligence, performing cybersecurity and compliance risk assessments, and strategically implementing risk management frameworks to enhance organizational security. My collaborative efforts with crossfunctional teams have been pivotal in achieving regulatory compliance and improving risk assessment procedures, consistently leveraging industry best practices and advanced tools to protect business operations from third-party vulnerabilities. I possess an in-depth understanding of global privacy regulations such as GDPR, POPIA, Mauritius DPA,Personal Data Protection Law (PDPL) and Kenya DPA. This knowledge enables me to design and implement compliance programs and privacy frameworks that adeptly handle risks while adapting to evolving legal requirements. My background in providing outsourced DSAR processing and serving as a Data Protection Officer allows me to deliver tailored solutions across various sectors, ensuring that organizations not only comply with but surpass their privacy and security standards.