M&A Security Due Diligence

Overview

Conducted security due diligence for multiple mergers and acquisitions, reviewing target company security posture, compliance readiness, and technical debt. Assessed cloud architectures, identity and access management, vulnerability management practices, and compliance frameworks. Authored executive-level risk reports and integration playbooks to guide acquisition decisions and post-close remediation.

Role

Director of product security responsible for risk assessments and executive reporting.

Impact

Identified critical risks pre-close, informed valuation and negotiation strategies, and ensured smoother post-merger integration. Reduced integration risk and accelerated time-to-value by aligning acquired entities with corporate security and compliance frameworks.

Technologies, Frameworks, and Artifacts

• ISO and NIST security assessments
• Cloud security reviews
• Integration playbooks
• Executive risk reporting