Adeline Agyebit
Virginia,Sterling
Summary
Strategic and detail-oriented Governance, Risk, and Compliance (GRC) Analyst with 7 years of experience driving information security, risk management, and regulatory compliance. Adept in implementing cybersecurity frameworks including NIST 800-53, ISO 27001, SOX, and PCI-DSS, with expertise in policy development, POA&M management, and third-party risk assessments. Strong collaborator with a proven track record of delivering audit readiness, enhancing organizational security posture, and aligning IT security practices with business goals.
Overview
7
7
years of professional experience
1
1
Certification
Work History
GRC Analyst
Acrisure
09.2022 - Current
- Developed and managed POA&M tracking system, improving issue remediation speed by 35%.
- Performed enterprise-wide control testing and risk assessments aligned with NIST and ISO frameworks.
- Supported internal and external audit readiness efforts, resulting in zero major findings.
- Collaborated with cross-functional stakeholders to document and maintain security policies and risk registers.
- Conducted third-party vendor assessments, enhancing supply chain security posture.
- Assisted legal and procurement teams in ensuring security clauses were embedded in contracts.
- Conducted training sessions on risk reporting and compliance documentation best practices.
- Coordinated quarterly control self-assessments with department leads across the organization.
- Reviewed and implemented remediation plans for high-risk audit findings.
- Delivered GRC dashboard insights to leadership for real-time risk visibility.
GRC Analyst
Acrisure
09.2022 - Current
- Developed and managed POA&M tracking system, improving issue remediation speed by 35%.
- Performed enterprise-wide control testing and risk assessments aligned with NIST and ISO frameworks.
- Supported internal and external audit readiness efforts, resulting in zero major findings.
- Collaborated with cross-functional stakeholders to document and maintain security policies and risk registers.
- Conducted third-party vendor assessments, enhancing supply chain security posture.
- Assisted legal and procurement teams in ensuring security clauses were embedded in contracts.
- Conducted training sessions on risk reporting and compliance documentation best practices.
- Coordinated quarterly control self-assessments with department leads across the organization.
- Reviewed and implemented remediation plans for high-risk audit findings.
- Delivered GRC dashboard insights to leadership for real-time risk visibility.
Information Security Compliance Analyst
Fortified Health Security
01.2020 - 08.2022
- Led PCI-DSS, SOX, and HIPAA compliance assessments and evidence gathering efforts.
- Analyzed vulnerability scan results (via Nexus) and collaborated with teams on timely remediation.
- Maintained audit artifacts, including policies, system security plans, and risk treatment plans.
- Assisted in the development of security awareness training to promote compliance culture.
- Reviewed and updated security documentation, resulting in a 25% audit preparation time reduction.
- Facilitated tabletop exercises and scenario-based risk workshops.
- Reviewed SPEs and monitored security exception trends across departments.
- Drafted IT security policies aligned with regulatory frameworks and company risk appetite.
- Supported SOC 2 and SOX control testing and documentation for external auditors.
- Participated in annual risk register reviews and impact assessments.
Information Security Compliance Analyst
Fortified Health Security
01.2020 - 08.2022
- Led PCI-DSS, SOX, and HIPAA compliance assessments and evidence gathering efforts.
- Analyzed vulnerability scan results (via Nexus) and collaborated with teams on timely remediation.
- Maintained audit artifacts, including policies, system security plans, and risk treatment plans.
- Assisted in the development of security awareness training to promote compliance culture.
- Reviewed and updated security documentation, resulting in a 25% audit preparation time reduction.
- Facilitated tabletop exercises and scenario-based risk workshops.
- Reviewed SPEs and monitored security exception trends across departments.
- Drafted IT security policies aligned with regulatory frameworks and company risk appetite.
- Supported SOC 2 and SOX control testing and documentation for external auditors.
- Participated in annual risk register reviews and impact assessments.
Risk Analyst
PNC Bank
06.2018 - 12.2019
- Conducted risk assessments and business impact analysis across various business units.
- Assisted in building cybersecurity policies and aligning them with FISMA and organizational requirements.
- Generated and presented risk reports to senior leadership with recommendations on mitigation.
- Monitored key risk indicators and supported the development of response strategies.
- Built foundational reports for quarterly governance meetings.
- Supported incident response team in analyzing low-risk threat events.
- Designed and maintained a control tracking matrix to monitor remediation progress.
- Collaborated with IT to implement appropriate safeguards and recovery measures.
- Prepared quarterly risk heat maps to highlight control gaps and trends.
Risk Analyst
PNC Bank
06.2018 - 12.2019
- Conducted risk assessments and business impact analysis across various business units.
- Assisted in building cybersecurity policies and aligning them with FISMA and organizational requirements.
- Generated and presented risk reports to senior leadership with recommendations on mitigation.
- Monitored key risk indicators and supported the development of response strategies.
- Built foundational reports for quarterly governance meetings.
- Supported incident response team in analyzing low-risk threat events.
- Designed and maintained a control tracking matrix to monitor remediation progress.
- Collaborated with IT to implement appropriate safeguards and recovery measures.
- Prepared quarterly risk heat maps to highlight control gaps and trends.
Education
Bachelor of Science - Computer Science
University of Buea
01.2016
Master’s Degree - Cybersecurity
Grand Canyon University (GCU)
05.2025
Skills
- Governance Risk & Compliance (GRC)
- Third-Party Risk Management (TPRM)
- Cybersecurity Compliance
- POA&M Management
- Policy Development
- Documentation
- Audit Readiness
- Vulnerability Management
- Remediation
- Risk Assessment
- Mitigation
- Cross-functional Collaboration
- Regulatory Compliance Monitoring
- Incident Response
- Security Frameworks
- Control Assessments
Websites
Certification
- Certified Information Systems Auditor (CISA)
- CompTIA Security+
- AWS Certified Solutions Architect
Accomplishments
- Created and operationalized a centralized POA&M platform, cutting remediation timelines by over 30%.
- Led successful compliance reviews for SOC 2 and HIPAA with zero critical gaps.
- Developed risk treatment plans for third-party vendors, reducing identified risks by 40%.
Personal Information
- Visa Status: US Citizen
- Work Permit: US Citizen
Timeline
GRC Analyst
Acrisure
09.2022 - Current
GRC Analyst
Acrisure
09.2022 - Current
Information Security Compliance Analyst
Fortified Health Security
01.2020 - 08.2022
Information Security Compliance Analyst
Fortified Health Security
01.2020 - 08.2022
Risk Analyst
PNC Bank
06.2018 - 12.2019
Risk Analyst
PNC Bank
06.2018 - 12.2019
Master’s Degree - Cybersecurity
Grand Canyon University (GCU)
Bachelor of Science - Computer Science
University of Buea
Similar Profiles
Misty SmithMisty Smith
Digital Account Manager at AcrisureDigital Account Manager at Acrisure
JAY L. KEPPOLJAY L. KEPPOL
Senior Account Manager at AcrisureSenior Account Manager at Acrisure
Jesse A. WallsJesse A. Walls
Partner at AcrisurePartner at Acrisure
Jeremy SOULESJeremy SOULES
Assistant Project Manager at Sorensen Gross CompanyAssistant Project Manager at Sorensen Gross Company
Sanita ShresthaSanita Shrestha
CNA at Loudoun Rehabilitation and Nursing CenterCNA at Loudoun Rehabilitation and Nursing Center