Summary
Overview
Work History
Education
Skills
Personal Information
Affiliations
References
Timeline
Generic

Samuel Godswill Ntrakwa

River Grove,IL

Summary

Experienced Governance, Risk, and Compliance (GRC) Analyst with over a decade of expertise across cybersecurity, healthcare policy, and public health sectors. Proven track record in IT audit, risk management, and cybersecurity within regulated environments, particularly healthcare. Skilled in applying frameworks like NIST, COBIT, HITRUST CSF, SOC 2 Type 2, and HIPAA compliance to ensure robust information security and compliance standards. Seeking to leverage strong technical acumen and healthcare background in a Senior GRC Analyst role at Guthrie Health.

Overview

13
13
years of professional experience

Work History

Cybersecurity Governance, Risk, and Compliance Analyst

Loyola Medical Center
Remote, Chicago, IL
01.2023 - Current
  • Conducted comprehensive risk assessments and developed strategies to ensure compliance with cybersecurity frameworks such as NIST, COBIT, HITRUST CSF, and SOC 2 Type 2, resulting in a 25% improvement in audit readiness for healthcare clients.
  • Assisted clients in enhancing their risk posture by implementing internal controls and security policies, leading to a 30% reduction in compliance-related incidents.
  • Collaborated with healthcare clients to develop GRC roadmaps, ensuring alignment with industry-specific security and privacy standards (e.g., HIPAA, HITECH).
  • Led the development of risk management policies and incident response plans, reducing cybersecurity vulnerabilities across healthcare systems by 40%.

IT Auditor & GRC Analyst

UI Health and Center for Christ Imaging
Remote, Chicago, IL
09.2021 - 11.2022
  • Conducted internal audits focusing on cybersecurity, IT governance, and risk management, identifying key areas for improvement in alignment with NIST, COBIT, HITRUST CSF, and SOC 2 Type 2 frameworks.
  • Performed cyber audits for healthcare organizations, ensuring adherence to compliance frameworks and mitigating risks to patient data security, achieving a 20% increase in compliance scores.
  • Analyzed security incidents and assisted in root cause analysis, developing preventive measures that enhanced organizational cybersecurity resilience by 35%.

Healthcare Chaplain and Mental Health Therapist

McNeal Hospital, Loyola Medicine
Berwyn, Chicago, IL
01.2016 - 05.2021
  • Integrated expertise in healthcare regulations and patient privacy (HIPAA) into holistic care approaches, ensuring the confidentiality and integrity of sensitive patient information.
  • Worked with multidisciplinary teams to ensure alignment with healthcare compliance standards, advising on security best practices in data handling and reporting, resulting in 100% compliance during audits.

Public Health Policy Analyst

University of Western Australia and Hepatitis WA
Perth, Australia
01.2012 - 04.2014
  • Performed detailed policy analyses to ensure public health programs were compliant with governmental and regulatory frameworks.
  • Developed and implemented policies to manage public health risks, ensuring alignment with national standards, contributing to a 30% improvement in program effectiveness.
  • Analyzed health data to anticipate risks, translating complex regulatory data into actionable recommendations for stakeholders, thereby enhancing compliance strategies.

Education

Expert Cybersecurity Professional (Ethical Hacking) -

Eduninds Learning
Sheridan, WY
08-2024

Master of Divinity (M.Div.) -

Liberty University
Lynchburg, VA
05-2019

Master of Public Health (MPH) -

University of Western Australia
Perth, WA
05-2014

Bachelor of Science (B.S.) in Chemistry -

Chicago State University
Chicago, IL
05-2010

The Definitive GRC Analyst Master Class -

Simply Cyber - Continuing Learning

Certified Information Systems Auditor (CISA) -

ProTrain - Continuing Learning

Skills

  • Governance, Risk, and Compliance (GRC)
  • NIST Framework & Standards
  • HITRUST Common Security Framework (CSF)
  • SOC 2 Type 2 Compliance
  • Ethical Hacking & Penetration Testing
  • Risk Management & Mitigation
  • Regulatory Compliance (HIPAA, FERPA)
  • Policy Analysis & Development
  • Incident Response & Data Privacy
  • Vulnerability Assessment
  • Stakeholder Communication & Training
  • IT Audit and Cybersecurity Audits
  • Security Awareness & Training Programs
  • Remote Team Leadership and Collaboration

Personal Information

Title: Governance, Risk, and Compliance Analyst (GRC) | Information Systems Auditor | Cybersecurity Professional

Affiliations

  • Achieved a 25% improvement in audit readiness and ensured 100% compliance with HIPAA regulations by implementing HITRUST CSF, SOC 2 Type 2, and NIST frameworks.
  • Reduced compliance-related incidents by 30% through the development and implementation of internal controls and security policies.
  • Contributed to a 40% reduction in cybersecurity vulnerabilities across multiple systems by designing and executing GRC roadmaps.
  • Decreased incident resolution time by 35% through the development and execution of incident response plans.
  • Increased compliance audit scores by 20% during IT audits, identifying and addressing gaps in governance and cybersecurity frameworks.
  • Led SOC 2 Type 2 and HITRUST audit preparation for healthcare clients, resulting in successful certification and a 15% reduction in audit preparation costs.
  • Implemented security solutions that led to 35% fewer recurring security incidents, improving overall cybersecurity resilience.
  • Achieved 100% compliance during internal audits by applying HIPAA-compliant data management practices in healthcare settings.
  • Reduced data breaches by 25% through the development of risk management strategies focused on patient confidentiality and data privacy
  • Contributed to a 30% improvement in regulatory compliance by developing and implementing public health policies.
  • Reduced data privacy incidents by 20% through effective collaboration with healthcare organizations to address cybersecurity and privacy concerns.

References

References available upon request.

Timeline

Cybersecurity Governance, Risk, and Compliance Analyst

Loyola Medical Center
01.2023 - Current

IT Auditor & GRC Analyst

UI Health and Center for Christ Imaging
09.2021 - 11.2022

Healthcare Chaplain and Mental Health Therapist

McNeal Hospital, Loyola Medicine
01.2016 - 05.2021

Public Health Policy Analyst

University of Western Australia and Hepatitis WA
01.2012 - 04.2014

Expert Cybersecurity Professional (Ethical Hacking) -

Eduninds Learning

Master of Divinity (M.Div.) -

Liberty University

Master of Public Health (MPH) -

University of Western Australia

Bachelor of Science (B.S.) in Chemistry -

Chicago State University

The Definitive GRC Analyst Master Class -

Simply Cyber - Continuing Learning

Certified Information Systems Auditor (CISA) -

ProTrain - Continuing Learning
Samuel Godswill Ntrakwa