Hasty Atashzar

• Implemented COBIT 2019-aligned risk management processes, reducing organizational risk exposure by 25% through data analysis and dynamic dashboards. • Led end-to-end SOC 2 Type II audits, streamlining control implementation and cutting compliance timelines by 20%. • Developed CI/CD pipeline-integrated tools for early vulnerability detection, ), ensuring alignment with ISO 27001 and NIST (NIST800-53, NIST 800-218) standards. reducing manual review efforts by 30%.

• Led ISO 27001 implementation, resolving all non-conformities and reducing security incidents by 30%. • Developed risk treatment plans using Cobit5 and achieved 95% stakeholder buy-in for mitigation strategies. • Trained 100+ staff on threat modeling, cutting phishing susceptibility by 40%

• Conducted 50+ network/web app assessments using Kali and Acunetix, mitigating critical vulnerabilities in banking/telecom sectors. • Reduced SLA breaches by 25% through optimized log analysis with Wireshark, Splunk, SolarWinds, and malware forensics. • Developed and maintained SOPs for IAM systems, improving access control compliance by 25%.

-Global AMI Risk: Led enterprise risk for 500K+ smart meters, ensuring ISO/NIST/GDPR compliance. Cut vulnerabilities 25% via AI monitoring (0 incidents/24mo). -BCM: Deployed frameworks, slashing downtime 30% (99.9% uptime) & RTO 45%. -Critical Sector Mitigation: Remediated risks (healthcare/energy), reducing exposure 20%.

• Conducted evaluations of a commercial ML-based Web Application Firewall (WAF) using ASVS standards. • Executed penetration testing on web applications following OWASP Top 10 guidelines. • Generated diverse network traffic for WAF training and cross-validation at ITRC