Banner Image

Skills

  • Compliance Consulting
  • Governance Risk Compliance (GRC)
  • Information Security Audit
  • IT Security
  • Linux Administration
  • PCI Compliance
  • Risk Assessment
  • Risk Management
  • Windows Server

Services

  • GRC & Compliance Specialist

    $50/hr Starting at $50 Ongoing

    Dedicated Resource

    Experienced Governance, Risk and Compliance (GRC) specialist offering remote consulting services to help organizations meet regulatory and industry standards. I provide tailored assessments, policy development,...

    Compliance ConsultingGovernance Risk Compliance (GRC)Information Security AuditIT SecurityLinux Administration

About

Information Security Analyst | GRC Specialist
Results-driven GRC professional with 3+ years of experience in IT compliance, risk assessment, and security auditing. Proven expertise in PCI DSS compliance and NIST Cybersecurity Framework implementation with demonstrated success in vulnerability management, disaster planning, and Microsoft Entra ID administration.
Core Competencies
GRC & Compliance: PCI DSS Auditing • NIST Cybersecurity Framework • Risk Assessment • Policy Development
Identity & Access Management: Microsoft Entra ID • RBAC • Conditional Access • MFA • Access Reviews
Security Operations: Vulnerability Management • SIEM Administration • Security Awareness Training
Technical Skills: Qualys VMDR • KnowBe4 • RocketCyber SOC • Windows Server • Linux • Docker/Portainer
Professional Experience
Compliance Specialist | Lasting Change, Inc. | Fort Wayne, IN | Dec 2023 – Present
• Developed organization's first disaster and business continuity plans conducting cross-departmental tabletop exercises aligned with NIST SP 800-34 guidelines
• Performed comprehensive security risk assessments and compliance audits ensuring adherence to regulatory requirements
• Implemented KnowBe4 security awareness program for 500+ employees with targeted phishing simulations, achieving measurable improvement in threat detection and reporting
• Engineered Microsoft Entra ID conditional access policies including MFA requirements and device compliance standards
• Automated access certification processes and quarterly reviews, reducing manual oversight by 70%
Compliance Specialist | Brotherhood Mutual Insurance Company | Fort Wayne, IN | Feb 2022 – Mar 2023
• Executed critical vulnerability remediation across 100+ enterprise devices, ensuring PCI DSS compliance ahead of annual audit cycles with 99.5% patch compliance rate
• Designed and implemented centralized IT asset inventory system for comprehensive hardware and software tracking
• Streamlined audit preparation processes, reducing audit response time by 40%
• Created standardized documentation and reporting procedures for regulatory compliance initiatives
Technical Expertise
Compliance Frameworks: PCI DSS • NIST Cybersecurity Framework • NIST SP 800-34
Security Tools: Qualys VMDR • KnowBe4 • RocketCyber SOC (SIEM) • Docker/Portainer
Systems: Windows Server 2016/2019/2022 • Linux (RHEL/Ubuntu) • Synology DSM 7.2 (CIS Benchmarks)
IAM: Microsoft Entra ID • Active Directory • RBAC • Multi-Factor Authentication
Professional Development
• PCI DSS Audit Collaboration (2024): Worked with Qualified Security Assessor (QSA) to audit Linux/Windows firewall configurations and network segmentation controls
• KnowBe4 Conference 2025: Advanced security awareness training methodologies
• CompTIA Security+ (In Progress - Expected Q2 2025)
• Qualys Vulnerability Management Certification (Dec 2023)
Education
Bachelor of Arts in Sociology | Spring Arbor University | 2007 – 2012