Profiles search

Sonila Agako

GRC Specialist
Toronto, Ontario, Canada
View resume Unlock resume

Skills

Cyber security, NIST CSF , National strategy and action plan, ISO 27001, NIS2, GDPR, CSIRT Framework, Regulations, Web & Application Security, Auditing, GRC, SCADA, SIEM, IAM,
Leadership, Critical thinking and Emotional Intelligence, Risk management
SQL and MS-SQL, Git, Jenkins, AWS, Bitbucket, Jmeter, Rest
Assured, Postman, Shell, Linux, Python, Jira, Confluence, Java, PhP and C#
Project Management, Project writing, project development &project management, Cloud tools(OneDrive, GoogleDrive, Dropbox), Agile Scrum, PMI, Prince2, PMP

About

With a strong background in cybersecurity governance, risk assessment, and compliance assurance as well as with many years of progressive experience in Quality Assurance, including leadership roles, international collaboration, and a recent position within a government unit focused on cybersecurity, I bring a well-rounded and strategic perspective to ensuring governance, compliance, and risk awareness in digital systems.

As a Head of Compliance and Control Unit within a public institution, I drafted and led the development and implementation of secure documentation practices, participated in internal risk assessments, and contributed to aligning national strategies, regulations and compliance requirements with cybersecurity frameworks like NIST CSF, NIS2 and ISO 27001. This experience deepened my understanding of the intersection between quality, compliance, and information security — an area I am excited to continue developing.
I have also supported governance initiatives by drafting and reviewing cybersecurity policies and procedures, and preparing board-level reports with key risk metrics. My experience includes coordinating internal and external audits, performing control testing for design and operational effectiveness, and monitoring compliance with evolving regulatory requirements.

Throughout my career, I also have led and contributed to complex QA initiatives in both the private sector and public institutions, working closely with multidisciplinary and multicultural teams. My strengths lie in establishing structured testing processes, delivering consistent results under pressure, and building communication bridges between technical and non-technical stakeholders. I have managed test planning, defect tracking, documentation, and quality governance with a focus on accountability, transparency, and efficiency.