Welcome to my (GRC) Journey!
Hi, my name is Milad.
With 3 years of experience in the IT field, I am actively transitioning into Governance, Risk Management, and Compliance (GRC) with a strong commitment to advancing my expertise in securing digital environments.
Driven by a passion for continuous learning, I aim to integrate my technical background into effective risk management strategies that safeguard and enhance organizational operations.
Follow my journey as I delve into the world of GRC, sharing key insights, resources, and updates along the way. Let’s explore the ever-changing landscape of risk management and compliance, and uncover the best practices for securing today’s digital environments.
Certifications
I have earned several industry-recognized certifications that equip me with the skills necessary for both technical and compliance-focused roles, showcasing my commitment to continuous learning and my ability to adapt to the evolving IT security and risk management landscape.
ISC2: Cybersecurity
A deep dive into the principles of cybersecurity, preparing me to assess and manage security risks in various organizational contexts.
CompTIA: Security+
Focuses on essential cybersecurity concepts, providing a strong base in securing networks, systems, and data.
Microsoft: Identity and Services Administrator Associate
Comprehensive understanding of Microsoft 365 services, user management, and security configurations.
Microsoft: Mobility and Security Administrator Associate
Specialized in managing mobile device policies and securing data within Microsoft 365 environments.
Microsoft: Administrator Expert
Expert in managing Microsoft 365 services, including user and group management, security, and compliance configurations.
Top 2%
[0xC][GURU]
I've also advanced my cybersecurity journey through TryHackMe, completing courses like Pre-Security, Introduction to Cyber Security, and SOC Level 1.
Through consistent dedication, I earned certifications in each, ultimately ranking in the top 2% of TryHackMe users.
Pre-Security
Foundational training in cybersecurity concepts, covering network security, web vulnerabilities, cryptography, and ethical hacking techniques, preparing for further exploration of security roles.
Introduction to
Cyber Security
Comprehensive introduction to core cybersecurity principles, including threat identification, risk management, security protocols, and defensive strategies to protect networks and systems.
SOC Level 1
Focused training on Security Operations Center (SOC) functions, including real-time monitoring, incident detection, log analysis, and incident response protocols for effective threat mitigation.
PROJECTS
Built IT infrastructure for ATLAS, creating a secure environment to manage users, devices, and resources. Set up a VM server, Domain Controller, Active Directory, and integrated with Microsoft Entra and Azure AD. Managed licenses and role-based access.
Conducted a PCI DSS compliance audit for SBS - Secure Bank Solutions to assess the security of cardholder data and identify areas for improvement. The audit focused on evaluating adherence to the 12 PCI DSS requirements and providing a roadmap to address compliance gaps.
Performed GDPR and ISO 27001 compliance audit for Global Market to ensure protection of personal data. Assessed data privacy, security, and risk management, providing a roadmap to address compliance gaps.