Cybersecurity GRC Analyst - Exact Sciences - Remote
(2025-04)
- Partner with leadership and IT Security stakeholders to prioritize policy, control, and remediation initiatives aligned to enterprise strategy.
- Apply NIST and ISO frameworks to identify compliance gaps, strengthen controls, and improve policy enforcement.
- Lead cybersecurity policy and procedure lifecycle management, ensuring ongoing alignment with regulatory requirements.
- Support the full risk lifecycle: identification, assessment, treatment, monitoring, and reporting.
- Maintain and enhance the enterprise risk register, validating risk scoring and exposure.
- Develop governance structures, dashboards, and reporting to measure cybersecurity maturity and control effectiveness.
- Support audits through evidence collection, control validation, and remediation tracking.
- Administer ServiceNow GRC functions including control objectives, attestations, issues, and reporting.
- Lead documentation governance initiatives, including SharePoint migration and structured access controls.
Senior Security GRC Policy Analyst - WPS Health Solutions - Remote
(2021-09 - 2024-09)
- Translated federal and regulatory requirements (NIST, HIPAA, MAC ARS) into enterprise security policies and controls.
- Developed and implemented cybersecurity policies, standards, and procedures across a regulated healthcare environment.
- Performed gap analyses and drove remediation for compliance with CMS and DoD requirements.
- Partnered with audit teams to support audit readiness and remediation (FISMA, 912, TDL).
- Designed and delivered ARS/NIST-aligned security awareness training and enterprise communications.
- Managed phishing simulation programs and cybersecurity awareness initiatives (KnowBe4).
- Utilized ServiceNow IRM/GRC for authority documents, control objectives, workflows, issue and exception management, attestations, risk, dashboards and reporting.
Senior Enterprise Security Coordinator - WPS Health Solutions
(2021-03 - 2021-09)
- Developed cybersecurity policies, standards, and controls aligned to regulatory frameworks.
- Supported audit readiness through evidence gathering and validation.
- Assessed risk landscape and recommended control improvements to strengthen compliance posture.
- Delivered security awareness training and enterprise communication initiatives.
Collaborative Advisor (Cybersecurity & Process Improvement) - FarWell - Remote
(2020-02 - 2021-03)
- Led process analysis and improvement initiatives aligned to cybersecurity GRC frameworks.
- Managed project plans, timelines, and deliverables for compliance and security initiatives.
- Coordinated cross-functional change control and risk mitigation efforts.
- Developed governance reporting including risk metrics and control performance.
- Produced policies, procedures, and audit documentation supporting compliance efforts.
PLM Change Analyst / Documentation Leadership Roles - Sub-Zero Group, Inc.
(2007 - 2020)
- Served as SME for data integrity, change management, and compliance within PLM/ERP systems.
- Led cross-functional coordination across engineering, operations, quality, and IT.
- Facilitated change control processes, audits, and documentation governance.
- Drove continuous improvement initiatives and supported enterprise system implementations.
Earlier Career: Engineering Documentation & Leadership - SR Telecom
(1996 - 2004)
- Managed documentation teams, engineering change processes, and product lifecycle data.
- Developed reporting, metrics, and governance processes supporting manufacturing and engineering operations.
