Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

James Dunlap

Charleston,WV

Summary

Experienced GRC leader with a proven track record of designing and managing risk and compliance programs in highly regulated industries such as banking and healthcare. Specializes in enterprise risk assessments, controls testing, audit readiness, and third-party risk management. Possesses hands-on expertise across frameworks including NIST CSF, ISO 27001, GLBA, HIPAA, PCI DSS, SOX, and FFIEC. Successfully led the implementation of GRC automation tools to streamline evidence collection, improve reporting, and ensure continuous compliance. Brings a strategic and technical perspective to governance and risk with a strong foundation in IT leadership as a former CIO. Built security awareness programs and aligned cloud and data governance initiatives to regulatory requirements. Effectively translates complex controls into actionable guidance for business leaders. Currently seeking a leadership role to leverage experience in maturing and scaling GRC programs that align security with business goals.

Overview

11
11
years of professional experience
1
1
Certification

Work History

Sr. Security Compliance Engineer

MVB Bank
01.2022 - Current
  • Led enterprise-wide security initiatives that improved compliance audit scores by 30% and reduced regulatory findings year-over-year.
  • Implemented NIST-aligned controls and delivered executive reporting that drove the remediation of 95% of high-risk issues within 60 days.
  • Authored and enforced data governance, mobile device, and AI usage policies, reducing policy violations by 40%.
  • Conducted 200+ third-party risk assessments, supporting $1B+ in fintech transactions and partnerships with zero compliance breaches.
  • Decreased phishing click rates from 8.2% to 3.1% through targeted simulations and ongoing training campaigns.
  • Spearheaded GRC improvements that reduced control gaps by 45% and positioned the team as a top-performing function in annual risk reviews.

CIO

West Virginia OrthoNeuro
01.2022 - 01.2024
  • Led strategic IT initiatives across 6 locations, aligning technology with clinical and business goals, resulting in a 25% reduction in operational costs and a 40% improvement in system uptime.
  • Directed governance, risk, and compliance programs that reduced cybersecurity incidents by 60% and ensured complete HIPAA, HITECH, and PCI compliance.
  • Established a security-first culture through ongoing training, policy enforcement, and leadership engagement, increasing staff security awareness scores by 35%.
  • Served as virtual CIO during acquisition by a regional health network, managing integration of infrastructure, EHR systems, and compliance practices across entities.
  • Negotiated and managed $2M+ in vendor contracts, optimizing technology spend and improving service delivery timelines by 20%.
  • Strengthened digital infrastructure and secured sensitive data during M&A transition, ensuring zero downtime and uninterrupted patient care.

Information Systems Director

Retina Consultants, PLLC
01.2014 - 01.2022
  • Designed and implemented a secure, HIPAA-compliant voice and data infrastructure, reducing system downtime by 45% and aligning IT with executive strategic goals.
  • Led digital transformation projects that modernized EHR systems and administrative platforms, improving patient data access and reducing clinical documentation time by 30%.
  • Directed a 15+ member IT team, fostering a culture of innovation and achieving a 98% project delivery rate on time and under budget.
  • Streamlined vendor partnerships and operations, cutting IT costs by 35% compared to industry benchmarks.
  • Acted as vCIO during a healthcare acquisition, ensuring seamless system integration and maintaining full regulatory compliance throughout the transition.
  • Strengthened data security and operational efficiency, directly contributing to improved clinical workflows and enhanced care delivery outcomes.

Education

Master of Science - Information Systems Administration

Strayer University
Washington, DC
05.2012

Bachelor of Arts - Photography

West Virginia State University
Institue, Wv
12.2005

Skills

  • Governance, Risk, & Compliance (GRC)
  • Data Governance
  • Third-party Risk Mgmt
  • Security Awareness Training
  • IT Audit
  • Risk and Controls Apps
  • Anti Phishing Apps
  • NIST CSF, 800-37, 800-53
  • SOC2
  • ISO 27001/2
  • PCI
  • HIPPA/HITRUST

Certification

  • CISSP (Certified Information Systems Security Professional)
  • CCSP (Certified Cloud Security Professional)
  • AZ900 (Microsoft Certified: Azure Fundamentals)
  • CPHIMS (Certified Professional in Healthcare Information and Management Systems)

Timeline

Sr. Security Compliance Engineer

MVB Bank
01.2022 - Current

CIO

West Virginia OrthoNeuro
01.2022 - 01.2024

Information Systems Director

Retina Consultants, PLLC
01.2014 - 01.2022

Master of Science - Information Systems Administration

Strayer University

Bachelor of Arts - Photography

West Virginia State University

Similar Profiles

  • Erin Stilwell

    Erin StilwellErin Stilwell

    Retail Relationship Banker at MVB BankRetail Relationship Banker at MVB Bank

    View Profile
  • Shaina Waddell

    Shaina WaddellShaina Waddell

    Treasury Services Analyst at MVB BankTreasury Services Analyst at MVB Bank

    View Profile
  • Karla Sandoval Madrid

    Karla Sandoval MadridKarla Sandoval Madrid

    Customer Service Representative at MVB Motor Vehicle Services of BuckeyeCustomer Service Representative at MVB Motor Vehicle Services of Buckeye

    View Profile
James Dunlap