EMMANUEL PETER
Jacksonville
Summary
GRC Analyst with 2+ years of progressive risk management experience, including 1 year in U.S. cybersecurity consulting and 5 years in operational risk and compliance leadership. CISA and Security+ certified with hands-on expertise in SOC 1/SOC 2 audits, ISO 27001, NIST RMF, and third-party risk assessments. Proven track record executing control assessments, managing audit findings lifecycles, and developing risk dashboards that support data-driven decision making. Seeking to leverage vendor risk and remediation management experience in Tampa, FL.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Cybersecurity / GRC / TPRM Analyst (Contract)
Washington Tech Solutions (WTS)
Greenbelt, Maryland
- 01.2025
- Executed control assessments using examine, interview, and test methods to validate design and operational effectiveness of security controls, supporting audit readiness activities
- Conducted third-party security risk assessments using SIG/CAIQ questionnaires for 25+ vendors, evaluating security posture and compliance alignment with SOC 2 and ISO 27001
- Reviewed SOC 2 Type II reports to identify control gaps, assess vendor risk exposure, and provide risk-tiering recommendations to stakeholders
- Drove remediation lifecycle management by creating and tracking POA&M items, coordinating with control owners to reduce residual risk
- Developed risk dashboards and compliance reports in Excel to support data-driven decision making and executive reporting
- Supported NIST RMF implementation across Categorize, Select, Implement, Assess, and Monitor phases
Risk & Compliance Lead / Operations Manager
Silmatics Survey Ltd
Nigeria
03.2019 - 12.2024
- Managed operational risk and compliance for surveying operations, ensuring adherence to internal controls and regulatory requirements
- Oversaw audit findings lifecycle, coordinating remediation activities and tracking control improvements across business units
- Identified process risks and implemented control improvements, enhancing operational efficiency and reducing audit findings
- Maintained risk registers and compliance documentation to support business operations and external audits
- Partnered cross-functionally with field teams and management to operationalize security standards and resolve compliance issues
Security Operations / Control Room Operator
ASA Advance Technology Ltd
Nigeria
06.2017 - 10.2019
- Monitored security systems and operations, identifying and escalating incidents per company procedures
- Documented security incidents and maintained logs to support operational oversight and compliance tracking
Education
Bachelor of Science - Architecture
UNIVERSITY OF UYO NIGERIA
Uyo, Akwa Ibom, Nigeria2009
Skills
GRC & TPRM: Third-Party Risk Management (TPRM), Vendor Risk Assessments, Risk Assessments, Risk Register Management, POA&M Tracking, Audit Readiness
Control & Compliance: Control Assessments (NIST 800-53), Security Controls Testing (Examine, Interview, Test), Compliance Monitoring & Regulatory Alignment
Frameworks: NIST RMF (800-37), NIST 800-53 Rev 5, ISO 27001, SOC 2, PCI DSS
Tools: ServiceNow (GRC workflows), RSA Archer, Microsoft Excel (Pivot Tables, VLOOKUP/XLOOKUP, dashboards)
Security Exposure: SIEM (Splunk, Microsoft Sentinel – basic exposure)
Accomplishments
Successfully passed ISACA Certified Information Systems Auditor (CISA) certification, demonstrating expertise in IT auditing, risk management, and compliance.
Achieved CompTIA Security+ certification, validating knowledge in cybersecurity fundamentals, risk management, and security controls.
Completed hands-on Cybersecurity Training at Washington Tech Solutions, developing practical experience in NIST RMF, risk assessments, and compliance documentation.
Developed key security documentation including System Security Plan (SSP), Business Impact Analysis (BIA), and Incident Response Plan (IRP) aligned with NIST standards.
Conducted risk assessments and control evaluations, identifying gaps and recommending remediation actions to improve security posture.
Supported audit readiness efforts by maintaining risk registers, compliance evidence, and documentation for internal and external audits.
Certification
- ISACA Certified Information Systems Auditor (CISA) – Active
- CompTIA Security+ – Active
Languages
English
Full Professional
Timeline
Risk & Compliance Lead / Operations Manager
Silmatics Survey Ltd
03.2019 - 12.2024
Security Operations / Control Room Operator
ASA Advance Technology Ltd
06.2017 - 10.2019
Cybersecurity / GRC / TPRM Analyst (Contract)
Washington Tech Solutions (WTS)
- 01.2025
Bachelor of Science - Architecture
UNIVERSITY OF UYO NIGERIA
CORE COMPETENCIES
- Risk & Compliance
- SOC 1 / SOC 2 Type I & II audits and report analysis
- PCI-DSS framework awareness
- ISO 27001 & NIST RMF (800-37, 800-53)
- Audit readiness and control assessments
- Third-Party Risk Management
- Vendor risk assessments (SIG, CAIQ, DDQ)
- Ongoing vendor assurance reviews
- Risk tiering and residual risk reduction
- Remediation & Reporting
- POA&M lifecycle management and tracking
- Risk register maintenance
- Excel dashboards and data visualization
- Control documentation and compliance roadmaps
ADDITIONAL INFORMATION
- Work Authorization: U.S. Green Card Holder
- Location: Jacksonville, FL | Open to remote, hybrid, and on-site roles