Open to opportunities

Chris Conley

@chrisconley

Message

GRC analyst improving audit readiness and reducing third‑party risk.

United States

Message

What I'm looking for

I seek GRC roles where I can lead audit readiness, strengthen vendor assurance, and implement ISO/SOC frameworks within resilient, async-friendly teams focused on measurable compliance improvements.

I am a Governance, Risk, and Compliance (GRC) analyst focused on strengthening audit readiness and vendor risk programs aligned with ISO 27001 and SOC 2. I translate regulatory frameworks into actionable controls that improve compliance posture and reduce third‑party risk.

I have hands‑on experience developing ISO 27001 and SOC 2–aligned deliverables such as Risk Registers, Data Classification Policies, and Access Control Procedures, and I conduct mock internal audits and vendor risk reviews to evaluate control maturity.

As a consultant and engagement lead, I delivered measurable improvements — for example, improving nonprofit audit readiness by 20% within 60 days and closing compliance gaps through SIG Lite vendor assessments and remediation roadmaps.

I hold CompTIA Security+, ISO/IEC 27001 Lead Implementer and Lead Auditor certifications, and I prioritize async, resilience‑focused operations, policy development, and clear governance reporting to support executive stakeholders.

Experience

Work history, roles, and key accomplishments

Compliance & Policy Analyst

Catchafire (Nonprofit Client)

Jan 2025 - Feb 2025 (1 month)

Delivered ISO 27001-aligned risk assessments and internal controls that improved nonprofit audit readiness by 20% in 60 days and closed vendor compliance gaps via remediation roadmaps.

ISO 27001 Risk Assessment Vendor Risk Management SIG Lite Compliance Reporting Internal Controls

GRC & Compliance Consultant

Upwork Freelance

Delivered ISO 27001 and SOC 2-aligned compliance deliverables, conducted mock internal audits and vendor-risk reviews, and improved client audit readiness and control maturity.