Functional Skills
Risk Management
Audit Readiness
Compliance and risk
Business Continuity
Data Governance
Risk Governance
Incident Response
AI Risk Management
Business Process Outsourcing
Software Skills
Jira
AWS
SQL
Python
Microsoft Excel
ServiceNow
PowerBI
Certifications
CRISCCertified in Risk and Information Systems Control
CISMCertified Information Security Manager
CISACertified Information Systems Auditor
Sector Experience
Aerospace & Defense
Energy
Financial Services
Healthcare
Technology
Experience
Hybrid / Remote | Contract
Corporate Strategy & Development
Cybersecurity & IT Audit Consultant
12/2019 - Present
Various Contracting Agencies & Client Partnerships (Financial, Government, and Technology Sectors) Dec 2019 – Present Hybrid / Remote Contract
● • Delivered measurable audit and compliance improvements for financial and public-sector clients, reducing audit cycle times by 30% and improving documentation quality.
• Conducted SOC 2 Type II report readiness and testing engagements, assessing control design and operating effectiveness across Trust Services Criteria.
• Supported IT General Controls (ITGC), application controls, and business process reviews under CISA domains: Information Systems Operations, Governance, Protection of Information Assets, and Risk Management.
• Enhanced risk governance, control testing, and compliance gap remediation under NIST, ISO 27001, PCI-DSS, HIPAA, FedRAMP, and SOX frameworks.
• Leveraged RSA Archer GRC Platform for risk assessments, control mapping, and audit workflows.
• Utilized ServiceNow GRC and Power BI for control monitoring, metrics, and executive reporting dashboards.
• Advised senior executives and audit committees on risk posture, compliance strategy, and audit readiness improvements.
• Developed cybersecurity policies, SOPs, and audit documentation aligning with enterprise governance models.
• Conducted access reviews, entitlement audits, and control testing to verify compliance with data security and privacy regulations.
• Delivered executive briefings and mentorship programs framing cybersecurity and AI as business en
● • Delivered measurable audit and compliance improvements for financial and public-sector clients, reducing audit cycle times by 30% and improving documentation quality.
• Conducted SOC 2 Type II report readiness and testing engagements, assessing control design and operating effectiveness across Trust Services Criteria.
• Supported IT General Controls (ITGC), application controls, and business process reviews under CISA domains: Information Systems Operations, Governance, Protection of Information Assets, and Risk Management.
• Enhanced risk governance, control testing, and compliance gap remediation under NIST, ISO 27001, PCI-DSS, HIPAA, FedRAMP, and SOX frameworks.
• Leveraged RSA Archer GRC Platform for risk assessments, control mapping, and audit workflows.
• Utilized ServiceNow GRC and Power BI for control monitoring, metrics, and executive reporting dashboards.
• Advised senior executives and audit committees on risk posture, compliance strategy, and audit readiness improvements.
• Developed cybersecurity policies, SOPs, and audit documentation aligning with enterprise governance models.
• Conducted access reviews, entitlement audits, and control testing to verify compliance with data security and privacy regulations.
• Delivered executive briefings and mentorship programs framing cybersecurity and AI as business en
U.S. Army
Information Technology
Cybersecurity & Risk Management Officer
1/2009 - 1/2019
• Directed secure system reassessments, facilitated mission-critical risk analysis reviews, and authored cybersecurity policies for classified networks.
• Oversaw information assurance and risk mitigation strategies across deployed and CONUS environments.
• Conducted vulnerability management, compliance assessments, and incident response operations under DoD and federal frameworks.
• Led cross-functional teams responsible for data protection, risk remediation, and business continuity planning.
• Recognized for implementing secure IT governance practices that directly informed enterprise compliance programs adopted in later federal contracts.
• Oversaw information assurance and risk mitigation strategies across deployed and CONUS environments.
• Conducted vulnerability management, compliance assessments, and incident response operations under DoD and federal frameworks.
• Led cross-functional teams responsible for data protection, risk remediation, and business continuity planning.
• Recognized for implementing secure IT governance practices that directly informed enterprise compliance programs adopted in later federal contracts.