Open to opportunities

Darren Davila

@darrendavila

Message

GRC consultant helping defense organizations pass CMMC Level 2.

United States

Message

What I'm looking for

I’m looking for a GRC-focused role where I can lead CMMC readiness end-to-end—scoping, gap analysis, remediation, evidence, and continuous monitoring—while partnering with technical teams to turn compliance into measurable security outcomes.

I’m a GRC Consultant with multiple years of experience preparing clients in the defense industry for successful CMMC L2 assessment. I bring clients from initial scoping to continuous monitoring, making compliance actionable—not just paperwork.

My work spans the full CMMC journey: gap analysis, documentation, remediation, evidence collection, C3PA assessment, CMMC certification, and ongoing readiness. I also drive POA&M creation, tracking, and remediation planning so organizations can close findings efficiently.

I develop and maintain core artifacts like System Security Plans (SSPs) and support security control testing and effectiveness reviews. I’ve led compliance and governance efforts including cloud security governance for Microsoft 365, Azure Government security compliance oversight, and support across GCC / GCC High environments, along with enterprise cyber risk assessments and audit coordination.

Before GRC consulting, I guided organizations through CMMC and FedRAMP compliance as a Cybersecurity Analyst, partnering with IT teams to align technical solutions with security policies. Earlier roles included Network Operations Center Technician (incident and network reliability support, 24/7 monitoring, disaster recovery coordination) and Technical Support Engineer (Server) work supporting Tableau Server and escalating complex issues to Tier 3, reinforcing my customer-focused, practical approach.

Experience

Work history, roles, and key accomplishments

GRC Consultant

How to GRC

Apr 2025 - May 2026 (1 year 1 month)

Led multiple clients through successful CMMC L2 assessment readiness and execution, creating CMMC-compliant policies and procedural documentation including SSPs and POA&Ms. Collaborated with internal and external IT teams to remediate technical compliance gaps and support evidence collection through the assessment process.

CMMC 2.0 Readiness Compliance Documentation Change Management

Cybersecurity Analyst

How to GRC

Jun 2022 - Apr 2025 (2 years 10 months)

Guided organizations through CMMC and FedRAMP compliance work by identifying and addressing compliance gaps to improve adherence to federal standards. Partnered with IT teams to align technical solutions with security policies and delivered compliance training to increase security awareness and adherence.

CMMC Compliance FedRAMP Compliance Security Awareness Training Risk Assessment Tabletop Consulting

Network Operations Center Technician

GTT Communications

Feb 2020 - Feb 2021 (1 year)

Troubleshot VoIP and network issues to improve system reliability and performance while monitoring networks 24/7 to ensure operational continuity. Implemented network security protocols for VoIP and coordinated disaster recovery activities for faster issue resolution.

Network Monitoring Network Protocols User Password Port Administration Disaster Recovery Incident Response Systems Performance

Technical Support Engineer (Server)

Tableau Software

Sep 2015 - Apr 2019 (3 years 7 months)

Provided technical support for Tableau Server, improving customer satisfaction through effective problem resolution and system optimization. Escalated complex issues to Tier 3 experts and supported security and compliance-focused guidance during issue resolution and customer communications.

Technical Support Tableau Server Troubleshooting Optimization Customer Communications Security Compliance