Open to opportunities

Dustin Perkins

@dustinperkins

Message

Information security leader and GRC consultant with 15+ years delivering ISO 27001, SOC 2, and NIST compliance.

United States

Message

What I'm looking for

I’m looking to lead enterprise security programs—owning governance, risk, and compliance while strengthening security operations and security roadmaps that deliver audit-ready results and measurable risk reduction.

I’m an Information Security leader with 15+ years of combined military and civilian cybersecurity experience, specializing in building and running enterprise governance, risk, and compliance programs. I’ve led cross-functional teams to achieve SOC 2, ISO 27001, and NIST compliance for Fortune 500 and mid-market organizations.

In my work as a Principal GRC Consultant, I’ve guided 25+ enterprise clients and designed ISO 27001 information security management systems that achieved a 100% first-time certification success rate and zero critical findings. I develop risk assessment frameworks using NIST CSF and ISO 31000 and have driven measurable outcomes like a 40% reduction in high-severity security findings, plus third-party vendor risk work across 200+ vendor relationships.

I also bring hands-on security leadership—serving as interim CISO, architecting zero-trust network access for 500+ endpoints, leading PCI DSS gap assessments, and building an inaugural security operations program from the ground up.

Experience

Work history, roles, and key accomplishments

Principal GRC Consultant

CyberCX

Oct 2021 - Mar 2026 (4 years 5 months)

Led GRC consulting for 25+ enterprise clients across healthcare, financial services, and technology, managing a $3.5M annual portfolio. Designed ISO 27001 ISMS for 8 organizations achieving 100% first-time certification with zero critical findings, and built risk assessment frameworks using NIST CSF and ISO 31000 that reduced high-severity findings by 40%.

GRC Consulting ISO 27001 NIST CSF ISO 31000 Risk Assessment Third Party Risk Management Archer GRC Security Compliance

Independent Security Consultant

Self-Employed

Aug 2020 - Oct 2021 (1 year 2 months)

Provided interim CISO and security advisory services to six mid-market companies, focusing on remote workforce security and cloud migration during the transition period. Architected zero-trust network access solutions for three organizations, securing 500+ endpoints.

Interim CISO Advisory Remote Workforce Security Cloud Security Zero Trust Architecture NIST Cybersecurity Framework Security Strategy Access Control

Vice President - IT

S & G Stores

May 2020 - Jul 2020 (2 months)

Led a rapid security transformation for a regional retail chain during COVID-19, implementing contactless payment systems and securing 45 store locations within a 90-day engagement. Completed a PCI DSS gap assessment identifying 23 critical compliance deficiencies and delivered a remediation roadmap adopted as corporate standard.

PCI DSS Payments Security Compliance Remediation Risk reduction Stakeholder Management

Chief Information Security Officer

Technology Management Corporation

Feb 2019 - Jun 2019 (4 months)

Recruited to establish an inaugural security program for a managed service provider serving multiple small-to-medium business clients across legal and consulting verticals. Built the security operations function from scratch, including incident response procedures, vulnerability management, and security awareness training.

Information Security Program Setup Incident Response Vulnerability Management Security Operations Security Awareness Managed Services

Port Security Specialist

United States Coast Guard

Sep 2003 - Sep 2011 (8 years)

Served as a Port Security Specialist / Maritime Law Enforcement member supporting critical maritime security and law enforcement missions. Honorably discharged after 8 years of service.

maritime law enforcement Port Security Law Enforcement Procedures