

Results-driven Governance, Risk, and Compliance Analyst with 3+ years of specialized expertise in information security, risk management, and compliance operations. Demonstrated success executing internal audits, control testing engagements, and cybersecurity maturity assessments using frameworks including NIST RMF/CSF - 800-53/2.0, ISO/IEC 27001, HITRUST, and COBIT. Track record Co-leading risk assessments, vulnerability management initiatives, and regulatory compliance evaluations for HIPAA, GDPR, FedRAMP, GLBA, PCI-DSS, and data breach notification laws. Skilled in conducting cybersecurity program capability assessments, developing risk-based recommendations, and creating remediation roadmaps that strengthen organizational security posture. Expert in cloud-centric security architecture, shared responsibility models, scoping, and threat landscape analysis across AWS and Azure environments. Adept at collaborating with cross-functional stakeholders through walkthroughs and workshops to evaluate information security, IOT Centric/SaaS processes and technology environments.
Certified Information Systems Auditor (CISA)
Certified in Risk and Information Systems Control (CRISC)
Certificate in Prince2 Project management (foundation)
Governance Risk and Compliance (GRC) Software: ServiceNow, RSA Archer, EasyAudit, Workiva, InfraNodes.
Cloud Platforms: AWS, Microsoft Azure.
Network Security: VPN (Connect Tunnel, SonicWall, Windows built-in).
Security Assessment Tools: Nessus, Nmap, Wireshark, Kali Linux, Metasploit, Splunk.
Productivity Tools: Google Suite and Microsoft Office Tools (MS Word, Excel, PowerPoint).
Support Tools: Remote Support (Bomgar, TeamViewer, LogMeIn), Antivirus (Sophos, ESET, Malwarebytes), Ticketing Systems (Ice, BMC Track-It, Smart Service Desk), Active Directory.
Operating Systems: Windows XP, Windows 7, Windows 10, Mac OS, Ubuntu, Android/iOS, Windows Server 2008, Windows Server 2012/2016.
Standards & Frameworks: FedRAMP, FISMA, COBIT, PCI-DSS, NIST RMF/CSF 800-53/2.0, ISO 27001, HIPAA, IT General Controls (ITGC), SSAE18 Attestation, ERP Security Assessments, SOX, GDPR, SOC 2, ITIL, COSO, CCPA.