Himalayas logo
DJ
Open to opportunities

David Johnson

@davidjohnson1

Senior GRC analyst with 20 years' experience delivering PCI DSS, SOC 2, and federal compliance success.

United States
Message

What I'm looking for

I am seeking a leadership role to mature enterprise compliance programs (PCI DSS, SOC 2, NIST 800-53), drive audit readiness, and expand into HIPAA/ISO adoption in a collaborative, growth-focused environment.

I am a Senior Governance, Risk, and Compliance (GRC) analyst with 20 years of hands-on experience supporting enterprise security, regulatory compliance, and risk management programs.

I have deep expertise in PCI DSS, SOC 2, NIST 800-53, FedRAMP, and HIPAA, and I am CISSP certified; I have implemented and validated controls that contributed to a 60% reduction in organizational risk and 100% audit success for PCI and SOC 2 engagements.

I lead control implementation, evidence collection, gap analysis, third-party risk assessments, and cloud compliance efforts (Azure IaaS/SaaS), and I seek to lead and mature enterprise compliance programs while expanding expertise in emerging frameworks.

Experience

Work history, roles, and key accomplishments

II

Senior GRC & Security Analyst

Intellectual Technology, Inc.

Jul 2014 - Aug 2025 (11 years 1 month)

Led enterprise GRC, audit, and compliance programs, supporting PCI DSS and SOC 2 audits and implementing 85% of PCI controls to achieve 100% audit success while reducing organizational risk by 60%.

PCI DSSSOCNIST 800 53DrataRisk AssessmentTenableRapid7Azure
II

Systems Administrator and Network Engineer

Intellectual Technology, Inc.

Feb 2005 - Jan 2011 (5 years 11 months)

Administered 200+ Windows servers and designed enterprise network infrastructure, managing firewalls, routers, switches and 800+ Cisco ASA firewalls with site-to-site VPNs across remote locations.

Windows ServerExchangeIISSQL ServerCisco ASAVPN

Education

Degrees, certifications, and relevant coursework

Keiser College logoKC

Keiser College

Associate of Science, Computer Network Administration

Associate of Science in Computer Network Administration focused on network fundamentals, systems administration, and infrastructure management.

KC

Keiser College

Associates of Science, Computer Network Administration

Completed an Associates of Science in Computer Network Administration focusing on network administration and systems management.

Tech stack

Software and tools used professionally

Windows logo

Windows

Cisco ASA logo

Cisco ASA

SQL logo

SQL

Clerk logo

Clerk

Evidence logo

Evidence

Drata logo

Drata

Remote logo

Remote

Availability

Open to opportunities

Location

United States

Authorized to work in

United States

Job categories

GRC Analyst JobsGRC AnalystRisk AnalystCompliance AnalystSecurity AnalystThird Party Risk ManagerCloud Security AnalystAudit ManagerIT ManagerSenior Security GRC AnalystSenior Governance Risk And Compliance SpecialistPrincipal Risk And Compliance AnalystCloud Governance SpecialistSenior GRC ConsultantSenior Compliance AnalystLead GRC Technology Specialist

Skills

PCI DSSSOC IINIST 800 53FedRAMPHIPAACISSPPolicy DevelopmentControl Readiness AssessmentsGap AnalysisDue DiligenceIncident ResponseVulnerability ManagementTenableRapid7DASTDrataSite To Site VPNsConfiguration ManagementCisco ASAClerkEvidenceRemoteSQLWindowsIaaSSaaSContinuous Control Monitoring

Interested in hiring David?

You can contact David and 90k+ other talented remote workers on Himalayas.

Message David

People also viewed

View all talent

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
David Johnson - Senior GRC Analyst - Intellectual Technology, Inc. | Himalayas