Open to opportunities

Deborah Iweriebon

@deborahiweriebon

Message

Seasoned Governance, Risk, and Compliance Analyst with proven expertise.

Zimbabwe

Message

What I'm looking for

I am seeking a role that fosters collaboration, emphasizes compliance, and offers opportunities for professional growth.

I am a seasoned Governance, Risk, and Compliance (GRC) Analyst with over five years of experience in the healthcare and financial services sectors. My expertise lies in mapping security controls to established frameworks such as NIST 800-53 and ISO 27001, conducting thorough third-party risk assessments, and ensuring compliance with regulatory standards. I have a proven track record of enhancing cybersecurity postures and reducing organizational risks through effective policy development and security assessments.

At Deloitte, I successfully mapped over 200 security controls, resulting in a significant reduction in audit preparation time and improved control maturity. My role involved developing and maintaining over 30 policies, achieving a 100% compliance rate during audits. I have led identity and access management assessments, significantly reducing over-provisioned access, and have improved incident detection capabilities through SIEM assessments. My commitment to excellence is reflected in my ability to identify and mitigate compliance risks proactively.

Previously, as an Information Security Risk Analyst at Dominion Group, I conducted comprehensive control assessments and authored numerous information security policies that contributed to successful audits with zero major findings. My collaborative approach has enabled me to enhance third-party risk management frameworks and strengthen client trust through effective privacy assessments. I am dedicated to leveraging my skills to drive organizational success and improve risk management processes.

Experience

Work history, roles, and key accomplishments

Current

Governance, Risk & Compliance Analyst

Current

Deloitte

Nov 2021 - Present (3 years 11 months)

Mapped 200+ security controls to NIST 800-53 and ISO 27001, resulting in a 40% reduction in audit preparation time and increased control maturity. Developed and maintained 30+ policies, procedures, and standards, leading to a 100% compliance rate during internal HIPAA and HITRUST audits.

NIST 800 53 ISO 27001 HIPAA)HITRUST IAM SIEM Splunk HIPAA

Information Security Risk Analyst

Dominion Group

Aug 2018 - Nov 2021 (3 years 3 months)

Conducted comprehensive control assessments mapped to NIST 800-30 and ISO 27001, reducing critical security gaps by 20%. Authored 20+ information security policies and standards in alignment with SOC 2 Type 2 requirements, contributing to successful annual audits with zero major findings.

ISO 27001 Asset Management Third Party Risk Management

Senior IT Auditor

Change HealthCare

Jan 2016 - Aug 2018 (2 years 7 months)

Conducted risk-based audits across various IT domains including cybersecurity, network infrastructure, and cloud services. Evaluated internal controls in alignment with SOX and ISO 27001 standards.

IT Audit Cybersecurity Network Infrastructure Cloud Services SOX ISO 27001

Education

Degrees, certifications, and relevant coursework

University of Benin

Bachelor's in Computer Science, Computer Science

Studied the fundamentals of computer science, gaining a strong foundation in the field. Developed skills relevant to various IT domains, including cybersecurity and network infrastructure.