Dana Bessey

Result-oriented Senior Cybersecurity Audit and Compliance Lead with extensive expertise driving ISO 27001, HITRUST, HIPAA, SOC 2, and URAC certification initiatives while embedding robust ISMS and risk management practices across complex organizations. Proven track record in developing and implementing comprehensive security policies, controls, and procedures aligned with NIST and industry-leading frameworks, ensuring regulatory compliance, and operational resilience. Adept at leading third-party risk management, vendor assessments, and audit readiness programs, delivering actionable insights and mitigation strategies. Recognized for optimizing cybersecurity governance, enhancing process efficiency, and supporting enterprise-wide security awareness initiatives. Accomplished in leveraging technical and strategic leadership to elevate compliance posture and strengthen organizational trust. Skills: Artificial Intelligence (AI), NIS2, TISAX, GRC, NIST, ISO 27001, PCI, CJIS, CDC, ITAR, APO, CSA, Azure, AWS, HIPAA, HITRUST, Government, RMF, CSF, Security Controls, Control Mapping, Audit, Vendor Management, Assessment, Risk, CISSP, Security Awareness, Mapping business process flow, Policies/ Procedures/Best Practices, Privacy, GDPR, SSCP, MCSE, ERP