Details
Skills
• Governance, Risk & Compliance: Security risk assessments, control testing, policy & procedure documentation,
security audits, compliance validation, gap analysis, remediation tracking.
• Security Controls & Access Governance:Identity & Access Management (RBAC, SSO, MFA, access reviews),
data protection & DLP controls, least-privilege enforcement.
• Cloud & Platform Risk:Cloud security governance (AWS, Azure), security groups, ACLs, access control
validation, configuration risk review.
• Cybersecurity Frameworks & Standards: NIST CSF, ISO 27001, CIS Controls, PCI DSS, OWASP Top
10.
• Security Tooling (for Control Validation & Evidence):Splunk, Wireshark, Nmap, OpenVAS, Burp Suite,
Metasploit, ServiceNow GRC, Archer GRC.
About
Navigating the intricate world of cybersecurity isn’t just a job for me; it’s a passion that drives my every day. I’ve spent years diving into the depths of risk management and compliance as a Cybersecurity GRC Analyst. My journey began with an eagerness to understand how organizations can safeguard their assets while aligning with frameworks like NIST CSF and ISO 27001.
At Commonwealth Bank, I had the opportunity to set up Splunk dashboards that assessed over 10k+ fraud-related events. This initiative not only enhanced visibility into control effectiveness but also boosted fraud risk detection by 35%. Each project has been a stepping stone; at Mastercard, I documented phishing-related indicators which improved our detection readiness by 30%. It’s rewarding to see how these efforts translate into real-world impact.
During my time at Thinkcloudly as a GRC Analyst, I led enterprise cybersecurity risk assessments that contributed to an estimated 30% reduction in overall risk exposure through effective evaluation of controls. Every analysis is more than just numbers; it’s about providing insights that help teams make informed decisions and strengthen their defenses.
While taking some time for professional growth in 2025 through upskilling initiatives during my career break was crucial for personal development—it allowed me to delve deeper into emerging trends in cybersecurity that excite me today! In my spare time when I'm not immersed in cyber risks or compliance checks, you'll find me exploring new tech tools or participating in local community workshops focused on digital security awareness.
If you’re looking for someone who can bridge technical findings with strategic insights in the realm of cybersecurity governance and compliance—let's connect! Feel free to reach out via email if you have questions about collaboration opportunities or want to discuss emerging trends in this dynamic field.
Skills:
- Cyber Risk Assessment
- Control Validation
- Compliance Assurance (NIST CSF & ISO 27001)
- Fraud Detection Improvement
- Identity Access Management (IAM) Policies
Profile Photo
