Governance, Risk & Compliance (GRC) Analyst with a legal background and track record of supporting compliance-driven organizations. Experienced in developing clear, audit-ready documentation aligned with SOC 2, ISO 27001, and other regulatory frameworks. Proficient in policy drafting, control mapping, and vendor risk assessments, with a talent for translating complex technical and security concepts into accessible, actionable content. Committed to integrating compliance into everyday operations to enable scalable and sustainable growth.
GRC Platforms:
ServiceNow GRC, AuditBoard, MetricStream
Compliance Frameworks & Standards:
SOC 2 (Type I & II), ISO/IEC 27001, NIST SP 800-53, NIST CSF, HIPAA, GDPR, CCPA, COBIT, PCI DSS
Risk Management Tools:
Risk heat maps, control matrices, business impact analysis (BIA), third-party risk assessment tools
Documentation & Collaboration:
Confluence, JIRA, Microsoft Office Suite (Excel, Word, PowerPoint), Google Workspace, SharePoint
Security & IT Tools (Familiarity):
Splunk, AWS IAM, Azure Security Center