David Wright
@davidwright1
Cybersecurity GRC director with 10+ years leading compliance, risk assessment, and security audits across enterprise environments.
United StatesWhat I'm looking for
I’m a Cybersecurity GRC leader with 10+ years of experience in IT risk management, governance, compliance, and security auditing across enterprise environments. I specialize in translating technical security controls into business risk context, so stakeholders can make confident decisions.
I’ve served as Director Information Security, leading the organization’s security program and client security engagement strategy as the primary executive-facing security liaison. I directed security compliance and governance initiatives aligned with SOC 2, ISO 27001, and client-driven regulatory requirements, coordinating cross-functional teams to achieve audit readiness and successful third-party security assessments.
In consulting and GRC roles, I led PCI DSS scoping and compliance assessments, performed gap analysis, and developed remediation plans to strengthen continuous compliance. I assessed network security controls (firewall rules, access controls, logging mechanisms) and performed access control and authentication assessments across operating systems, including evaluating password policies and MFA.
Most notably, as GRC Compliance Manager I used SAP Archer GRC to lead policy governance and audit lifecycle management, improving compliance workflows and reducing SLA-related financial penalties by 10% annually. I also managed Third-Party Risk Management (TPRM) audits, integrated risk assessments into policy management, and supported sustained HIPAA-aligned compliance for two consecutive years.
Experience
Work history, roles, and key accomplishments
Director Information Security
GeorgeJon
Jul 2025 - Mar 2026 (8 months)
Led the organization’s security program and client security engagement strategy, translating security controls into business risk context. Drove SOC 2 and ISO 27001-aligned governance, operationalized security strategy and playbooks, and led enterprise vulnerability management and continuous security improvements.
Cyber Security Consultant
Baxter Clewis Cyber Security
Dec 2023 - Dec 2024 (1 year)
Performed PCI DSS scoping and compliance assessments, conducting gap analysis and creating remediation plans to strengthen continuous compliance. Assessed network and access control security, developed security policies aligned to PCI DSS/SOC 2/NIST/CIS, and supported third-party risk management through vendor audits and remediation.
GRC Compliance Manager
Centene Corporation
Apr 2014 - Nov 2023 (9 years 7 months)
Led policy governance and audit lifecycle management using SAP Archer GRC, improving compliance workflows and reducing SLA-related financial penalties by 10% annually. Managed third-party risk management audits, integrated risk assessments with policy management for high-risk prioritization, and sustained HIPAA-aligned compliance performance for two consecutive years.
Education
Degrees, certifications, and relevant coursework
University of Phoenix
2004 - 2005
Attended University of Phoenix from 2004 to 2005.
South Shore High School
1990 - 1994
Attended South Shore High School from 1990 to 1994.
Availability
Location
United StatesAuthorized to work in
Job categories
Skills
Interested in hiring David?
You can contact David and 90k+ other talented remote workers on Himalayas.
Message DavidFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
