Christina Ross
@christinaross
GRC & compliance program leader delivering audit-ready third-party risk assurance.
What I'm looking for
I’m a results-driven GRC & compliance program leader with 14+ years building and scaling enterprise governance, risk, and compliance programs in highly regulated industries. I architect and operate third-party risk management that supports 125+ active vendors and ~60 annual onboardings.
I’ve achieved zero findings across SOX ITGC/ICFR, NIST CSF, and NY DFS external audits by owning end-to-end evidence collection, audit walkthroughs, control testing, and auditor coordination. I translate complex regulatory requirements into practical, scalable controls trusted by executive leadership, legal, and technical stakeholders.
My depth spans NIST CSF 1.0 & 2.0, NIST 800-53, SOX, CCPA, NY DFS 23 NYCRR 500, HIPAA, and SOC 1/2. I lead vulnerability management program development, conduct M&A security and risk diligence, drive regulatory attestation, and design security awareness programs mapped to the threat landscape—backed by measurable execution.
I also strengthen organizational resilience through CSIRP and BCP support, disaster recovery planning and facilitation, and cross-functional tabletop exercises. Today, I’m expanding into business analytics (Springboard, 2025-2026 / In Progress, 2026) to bring data-driven risk intelligence to compliance programs.
Experience
Work history, roles, and key accomplishments
Associate Director, IT Compliance
Texas Life Insurance Company
Feb 2014 - Present (12 years 5 months)
Owned end-to-end IT compliance and risk programs across multiple regulatory frameworks, delivering zero findings across SOX ITGC/ICFR, NIST CSF, and NY DFS external audits. Built and operated a risk-based third-party risk management program supporting onboarding of ~60 vendors annually and monitoring ~125 active vendors.
Information Security Manager
Baylor Scott & White Healthcare
May 2007 - Sep 2013 (6 years 4 months)
Led a team of eight security professionals and established enterprise security governance policies that contributed to zero findings in IT General Controls audits. Managed HIPAA-compliant access control and identity lifecycle processes and supported secure integration for an acquisition.
Education
Degrees, certifications, and relevant coursework
Westwood College
Bachelor of Science, Information Systems Security
Earned a Bachelor of Science in Information Systems Security from Westwood College in 2007.
Availability
Location
Authorized to work in
Job categories
Skills
Interested in hiring Christina?
You can contact Christina and 90k+ other talented remote workers on Himalayas.
Message ChristinaGet matched with your dream remote job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
