Jonathan Treptow
Youngsville,NC
Summary
Strategic GRC Leader | AI & TPRM Transformation. A transitional expert with 13+ years of multi-sector experience (Defense, Healthcare, Higher Ed) specializing in the adoption of Agentic AI and predictive risk modeling. Expert at navigating the "gray space" of digital transition-replacing static assessments with real-time, AI-driven monitoring while maintaining rigorous Big 4 and military-grade standards. Successfully slashed operational costs and cycle times by 40% through the design and deployment of automated governance ecosystems. Innovative Computer and Information Systems Manager with proven experience in leading IT departments, managing complex projects from conception to implementation. Skilled in optimizing team dynamics, integrating new technologies, and developing strategies that significantly improve productivity. Demonstrated ability to enhance system operations and streamline workflow processes across various platforms, ensuring operational excellence and robust IT infrastructure support.
Overview
6
6
years of professional experience
1
1
Certification
Work History
Manager, Cybersecurity Third-Party Risk Management
Pearson Education
Durham, NC
01.2025 - 01.2026
- Led advancement of TPRM processes from manual workflows to centralized application-driven framework, cutting vendor assessment turnaround time by 40% and boosting data accuracy.
- Resolved 450 critical vendor risks in first year, significantly reducing organization's external attack surface.
- Developed and implemented innovative TPRM policies and training modules, achieving 25% increase in stakeholder adoption and compliance rates across business units.
- Led cross-functional team to integrate AI/ML risk governance into standard security assessments, ensuring organization meets emerging regulatory requirements.
GRC Specialist (Contract)
Johnson & Johnson
Remote
03.2024 - 12.2024
- Achieved complete closure of 400-item backlog of aged vulnerabilities, restoring system integrity.
- Optimized process, reducing SLA for initial risk tiering from 30 days to 5 days, enhancing response time to risks.
- Managed end-to-end GRC operations, executing 400 application security reviews and risk assessments, ensuring compliance and risk mitigation.
Manager, Cybersecurity TPRM & GRC Risk Management
LabCorp
Durham, NC
03.2020 - 03.2024
- Directed enterprise TPRM program, overseeing annual assessment of 1000+ global vendors to ensure compliance with HIPAA and ISO 27001 standards.
- Efficiency Engineering: Designed and deployed a custom TPRM workflow that automated vendor tiering, recapturing over 1,500 man-hours annually for the risk team.
- Leadership & Development: Built and mentored a high-performing risk team, establishing a standardized training curriculum that reduced new analyst onboarding time by 30%.
- Mentored high-performing risk team, improving operational effectiveness and knowledge retention through targeted training initiatives.
Education
Master of Science - Computer Information Assurance and Security
Capella University
Minneapolis, MN01.2017
Bachelor of Science - Information Security
DeVry University
New Brunswick, NJ01.2014
Skills
- AI governance leadership
- Framework integration
- Model risk management
- Cross-framework harmonization
- Algorithmic ethics oversight
- TPRM and AI security
- Vendor de-risking
- Continuous monitoring automation
- Contractual safeguards
- Intelligent GRC ecosystems
- Platform orchestration
- Predictive risk quantification
- Workflow engineering
Certification
- CISSP, ICS2, 06/01/26
- CISA, ISCA, Expired
- CISM, ISCA, Expired
Timeline
Manager, Cybersecurity Third-Party Risk Management
Pearson Education
01.2025 - 01.2026
GRC Specialist (Contract)
Johnson & Johnson
03.2024 - 12.2024
Manager, Cybersecurity TPRM & GRC Risk Management
LabCorp
03.2020 - 03.2024
Master of Science - Computer Information Assurance and Security
Capella University
Bachelor of Science - Information Security
DeVry University