Kul Bhushan – Security & Compliance Consulting

About

I’m a security founder and consultant focused on helping fast-growing healthcare, SaaS, and fintech companies in the U.S. build practical, audit-ready security and compliance programs.

With an MBA and CISSP, I bridge the gap between technical security work and executive expectations, aligning SOC 2, HIPAA / HITECH, and NIST frameworks with real business goals, customer contracts, and U.S. regulatory pressure.

Core Services

Service Area

SOC 2 Readiness & Audit Support

Gap assessment and remediation roadmap
Control design, policies & procedures
Evidence collection and audit preparation
Continuous readiness and customer questionnaire support

Service Area

HIPAA Compliance for Healthcare & Healthtech

HIPAA Security & Privacy Rule gap analysis
Risk assessments and PHI protection
Policies, procedures, and training
Vendor and BA risk management

Service Area

NIST Framework Alignment

NIST CSF / 800-53 assessments
Control mapping and maturity roadmaps
Implementation guidance and coaching

Service Area

Incident Response & Tabletop Exercises

Incident Response plans and playbooks
Roles, responsibilities & escalation paths
Scenario-based tabletop design and facilitation
After-action reports and improvement plans

Service Area

Disaster Recovery & Business Continuity

DR/BC strategy and documentation
RTO/RPO definitions and validation
Backup and restoration planning
Continuity testing and refinement

Who I Work With

Healthcare & Healthtech (U.S.) HIPAA / HITECH programs, PHI security, NIST alignment, vendor and BA risk.

SaaS (B2B / Enterprise) SOC 2 readiness, security program build-out, and customer security reviews.

Fintech SOC 2, NIST alignment, IR/DR readiness, vendor risk, and support for U.S. regulatory expectations.

Engagement Models

Fractional Security Lead 10–40 hours per month of ongoing guidance and execution for teams needing senior security & compliance leadership.

Project-Based Focused engagements such as SOC 2 readiness, HIPAA programs, IR build-out, tabletop exercises, or DR/BC planning.

Advisory / On-Demand As-needed support for founders, CTOs, and security leaders on strategy, roadmap, and audits.

Let’s Talk

If you’re preparing for SOC 2 or HIPAA, scaling into enterprise markets, or strengthening your security posture, I’d be happy to help.

Email: kul@kulbhushan.com

Website: kulbhushan.com

Contact Me View LinkedIn