Elias fon
@eliasfon
Seasoned GRC Analyst with expertise in risk management and compliance.
What I'm looking for
I am a seasoned GRC Analyst with over 9 years of experience driving enterprise risk management, regulatory compliance, and governance initiatives across diverse industries. My expertise lies in implementing frameworks such as NIST, ISO 27001, SOX, and PCI-DSS, conducting risk assessments, and managing third-party risk. I have a proven track record of aligning cybersecurity and business objectives, developing policies, and leveraging tools like ServiceNow GRC, Archer, and Splunk to enhance security posture and ensure continuous compliance.
Throughout my career, I have spearheaded risk assessments for critical SaaS applications, collaborated with internal audit and legal teams to support external regulatory audits, and maintained enterprise risk registers to improve visibility for executive leadership. My ability to automate compliance reporting and streamline audit preparation processes has significantly reduced onboarding cycle times and ensured 100% audit readiness with zero major findings. I am passionate about fostering a compliance-driven culture and continuously improving organizational security practices.
Experience
Work history, roles, and key accomplishments
GRC Analyst
HenryScheinOne
Jul 2023 - Present (2 years)
Spearheaded risk assessments for 25+ critical SaaS applications, identifying control gaps and aligning mitigation plans with NIST 800-53 and ISO 27001 standards. Conducted third-party vendor risk assessments using OneTrust and ServiceNow GRC, reducing onboarding cycle time by 30% and ensuring contract compliance with HIPAA and GDPR.
GRC Analyst
TCS
Aug 2020 - Jun 2023 (2 years 10 months)
Performed enterprise-wide risk assessments for over 40 internal applications and client environments, aligning mitigation efforts with NIST 800-53 and ISO 27001 frameworks. Managed third-party risk reviews across 60+ vendors using RSA Archer and OneTrust, reducing overall vendor onboarding risk exposure by 35%.
GRC Analyst
TEKGLOBAL Inc.
Feb 2017 - Aug 2020 (3 years 6 months)
Conducted risk assessments for over 30 internal systems and client environments, aligning findings with NIST 800-53, ISO 27001, and COBIT frameworks to guide mitigation planning. Oversaw third-party vendor risk management processes for more than 50 suppliers using LogicManager and OneTrust, reducing onboarding time by 25% and improving risk visibility.
GRC Analyst
Bavin Corp Consulting
Apr 2015 - Feb 2017 (1 year 10 months)
Conducted IT risk assessments across 20+ client environments, aligning findings and remediation plans with NIST 800-53, FISMA, and ISO 27001 frameworks. Assisted in the development and implementation of security policies, standards, and procedures for public and private sector clients, improving compliance posture by 30%.
Education
Degrees, certifications, and relevant coursework
University of Buea
Bachelor of Science, Computerized Business Management
Graduated with a Bachelor of Science in Computerized Business Management. The program focused on the intersection of computer science and business administration, preparing students for roles in technology-driven business environments.
Tech stack
Software and tools used professionally
Availability
Location
Authorized to work in
Social media
Job categories
Skills
Interested in hiring Elias?
You can contact Elias and 90k+ other talented remote workers on Himalayas.
Message EliasFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
