Enterprise Security and Governance, Risk, and Compliance (GRC) Experience
With over two decades of experience in the IT industry, my career began in 1999 with an internship at the McCreary County School District, where I contributed to the creation of Microsoft Exchange 5.5 servers and proxies. Since then, I've built a diverse career that spans various IT roles, including Service Desk, Knowledge Management, End User Services Management, Software Engineering, and Project Management. Throughout each role, I've developed a deep understanding of IT Security, its processes, and the frameworks that underpin it.
My career has provided me with extensive cross-functional experience, allowing me to effectively communicate with audiences at all levels—from everyday users to C-suite executives. I've worked in both public and private sectors, alongside nonprofits and NGOs, leading cybersecurity projects for secured government facilities and providing technology training to communities. I have successfully led organizations through ISO 20000 certifications, passed SOX compliance audits, followed US Department of Defense STIGs, and implemented NIST guidelines to enhance security postures.
Through my diverse background in IT and cybersecurity, I've realized that effective cybersecurity is a critical foundation of modern life, and its true strength lies in governance, compliance, and auditing. While Red Teaming often gets media attention, it's the strategic policies, thorough audits, and compliance initiatives that are the real drivers of organizational security.
Now, as I transition into the field of Governance, Risk, and Compliance (GRC), I leverage my experience as a Project Manager and Business Analyst to shape effective GRC strategies and solutions. This site showcases my work and provides details on how to contact me. Welcome to my Cybersecurity GRC Portfolio.
Cybersecurity and Compliance Memberships, Certifications, and Credentials
I am actively advancing my expertise in the cybersecurity and compliance fields by pursuing key certifications that are critical for modern security professionals. Currently, I am working towards my CompTIA Security+ certification, a globally recognized credential that validates foundational cybersecurity knowledge and skills. Additionally, I am earning a Certificate in Computer Forensics, which is essential for understanding the intricacies of digital forensics and incident investigation. To further bolster my project management skills, I am also pursuing a Google Project Management certificate, equipping me with the knowledge needed to efficiently manage and execute cybersecurity and compliance projects.
These certifications enhance my ability to assess risks, ensure compliance, and implement robust cybersecurity solutions for organizations. As I continue to grow my expertise, I remain committed to staying at the forefront of the cybersecurity and risk management fields, leveraging these credentials to deliver high-quality security and compliance outcomes.
Cybersecurity GRC Insights, Trends, and Best Practices
Cybersecurity is a rapidly evolving field, and staying updated with the latest trends, best practices, and regulatory changes is essential for professionals and organizations alike. In my blog, I break down complex cybersecurity and Governance, Risk, and Compliance (GRC) concepts, translating jargon into clear, actionable insights that anyone can understand. Whether you're a business leader looking to improve your organization's cybersecurity posture or an aspiring GRC professional, my goal is to help you stay informed and ahead of the curve. Explore my latest posts on cybersecurity, risk management, compliance, and industry news on Medium.
Prefer visual content? Check out my YouTube videos where I dive deeper into the concepts discussed in my blog, offering tutorials, insights, and expert advice on cybersecurity best practices, GRC strategies, and more.
Risk Assessment and Security Audit Projects
Explore my comprehensive cybersecurity portfolio, which highlights a variety of my professional projects focused on key areas of Governance, Risk, and Compliance (GRC). This includes detailed risk assessments, incident response strategies, and thorough compliance audits. Each project showcases my expertise in identifying vulnerabilities, implementing security controls, and ensuring regulatory compliance across diverse industries. Whether you are interested in understanding risk management frameworks, incident mitigation processes, or the latest compliance standards, my portfolio offers valuable insights into the practical application of cybersecurity GRC principles. Discover how these projects can help safeguard your organization's data, enhance its security posture, and meet regulatory requirements effectively.
Inquire About Cybersecurity, Risk Management, and Compliance Solutions
Reach out today to discuss how I can help enhance your organization's cybersecurity posture, streamline risk management processes, and ensure compliance with industry standards and regulations. Whether you are seeking guidance on building a robust cybersecurity strategy, conducting risk assessments, or navigating complex compliance requirements, I am here to assist. With expertise in Governance, Risk, and Compliance (GRC), I provide tailored solutions that address your unique challenges and help protect your business from potential threats. Let's work together to create a secure, compliant environment for your organization. Contact me now to start the conversation!