Skip to main content
Christina RossCR
Open to opportunities

Christina Ross

@christinaross

GRC & compliance program leader delivering audit-ready third-party risk assurance.

United States
Message

What I'm looking for

I’m looking to lead GRC and third-party risk programs where audit excellence is non-negotiable, with strong cross-functional partners, and an opportunity to scale compliance using data-driven risk reporting and analytics.

I’m a results-driven GRC & compliance program leader with 14+ years building and scaling enterprise governance, risk, and compliance programs in highly regulated industries. I architect and operate third-party risk management that supports 125+ active vendors and ~60 annual onboardings.

I’ve achieved zero findings across SOX ITGC/ICFR, NIST CSF, and NY DFS external audits by owning end-to-end evidence collection, audit walkthroughs, control testing, and auditor coordination. I translate complex regulatory requirements into practical, scalable controls trusted by executive leadership, legal, and technical stakeholders.

My depth spans NIST CSF 1.0 & 2.0, NIST 800-53, SOX, CCPA, NY DFS 23 NYCRR 500, HIPAA, and SOC 1/2. I lead vulnerability management program development, conduct M&A security and risk diligence, drive regulatory attestation, and design security awareness programs mapped to the threat landscape—backed by measurable execution.

I also strengthen organizational resilience through CSIRP and BCP support, disaster recovery planning and facilitation, and cross-functional tabletop exercises. Today, I’m expanding into business analytics (Springboard, 2025-2026 / In Progress, 2026) to bring data-driven risk intelligence to compliance programs.

Experience

Work history, roles, and key accomplishments

TC
Current

Associate Director, IT Compliance

Texas Life Insurance Company

Feb 2014 - Present (12 years 5 months)

Owned end-to-end IT compliance and risk programs across multiple regulatory frameworks, delivering zero findings across SOX ITGC/ICFR, NIST CSF, and NY DFS external audits. Built and operated a risk-based third-party risk management program supporting onboarding of ~60 vendors annually and monitoring ~125 active vendors.

BH

Information Security Manager

Baylor Scott & White Healthcare

May 2007 - Sep 2013 (6 years 4 months)

Led a team of eight security professionals and established enterprise security governance policies that contributed to zero findings in IT General Controls audits. Managed HIPAA-compliant access control and identity lifecycle processes and supported secure integration for an acquisition.

Education

Degrees, certifications, and relevant coursework

WC

Westwood College

Bachelor of Science, Information Systems Security

Earned a Bachelor of Science in Information Systems Security from Westwood College in 2007.

Tech stack

Software and tools used professionally

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan