ANDERSON ANTHONY

About Me

I'm a Salesforce Security and Governance, Risk, and Compliance (GRC) professional dedicated to securing enterprise environments within highly regulated industries. My career journey spans roles from a Compliance Analyst, with RowJac Consulting, to a Salesforce consult at numerous companies, ultimately becoming a specialized Salesforce Security Administrator at Pfizer, where was instrumental in securing multiple environments supporting, SOC 2, GxP and FDA-regulated global medical systems. At Pfizer, I successfully collaborated with cross-functional teams to remediate critical vulnerabilities, enforce robust security architectures, and implement automated compliance solutions, establishing a strong foundation in enterprise-grade security, compliance and operational resilience.

Currently, I lead CloudStrategik Consulting, a specialized consultancy I founded to help organizations in Healthcare, Life Sciences, FinTech, Pharma and other regulated industries secure their Salesforce ecosystems. Through CloudStrategik, I provide comprehensive services including Security Posture Management, Security and GRC Engineering, and Disaster Recovery Program Management. By leveraging my deep expertise in tools like Salesforce Shield, Security Center, AppOmni, Splunk, Own Secure, etc., I solve complex compliance challenges, ensuring my clients meet stringent regulatory requirements such as HIPAA, SOC 2, and GxP while maintaining scalable and secure platforms.

Beyond my daily consulting and administrative work, I am deeply passionate about the intersection of Salesforce security, GRC, and continuous compliance automation. I actively develop custom solutions and participate in open-source projects - like the SBS Benchmark for example, where I am a contributor - with the objective of streamlining resilience, audit readiness and policy enforcement on the Salesforce cloud platform.

Experience Highlights

• Architected and deployed a Privileged Access Management solution in Salesforce to enforce session-based change control and audit trail compliance across multiple validated environments
• Configured declarative automation (Flows, validation rules, duplicate/matching rules) and custom Apex to enforce single-user concurrency, record immutability, and automated audit trail capture
• Managed cross-environment deployments using change sets, troubleshooting org-specific configuration issues to ensure consistent functionality
• Developed compliance documentation including requirements specifications, Installation Qualification (IQ) protocols, verification plans, and data dictionaries for GxP-regulated systems
• Designed controls to meet Privileged Activity GxP requirements by linking all administrative actions to approved change records with tamper-proof evidence retention
• Created reusable GRC policy templates, security compliance checklists, and audit readiness tools to standardize governance processes
• Built full-stack security and compliance applications using TypeScript and React to support enterprise security workflows
• Contributed to the design of modular, reusable frameworks for policy creation, compliance verification, and security enforcement

Get in Touch

Anderson@cloudstrategik.com

linkedin.com/in/andersonjanthony