Elias fonEF
Open to opportunities

Elias fon

@eliasfon

Seasoned GRC Analyst with expertise in risk management and compliance.

United States
Message

What I'm looking for

I am looking for a role that challenges me and allows for professional growth in risk management and compliance.

I am a seasoned GRC Analyst with over 9 years of experience driving enterprise risk management, regulatory compliance, and governance initiatives across diverse industries. My expertise lies in implementing frameworks such as NIST, ISO 27001, SOX, and PCI-DSS, conducting risk assessments, and managing third-party risk. I have a proven track record of aligning cybersecurity and business objectives, developing policies, and leveraging tools like ServiceNow GRC, Archer, and Splunk to enhance security posture and ensure continuous compliance.

Throughout my career, I have spearheaded risk assessments for critical SaaS applications, collaborated with internal audit and legal teams to support external regulatory audits, and maintained enterprise risk registers to improve visibility for executive leadership. My ability to automate compliance reporting and streamline audit preparation processes has significantly reduced onboarding cycle times and ensured 100% audit readiness with zero major findings. I am passionate about fostering a compliance-driven culture and continuously improving organizational security practices.

Experience

Work history, roles, and key accomplishments

HE
Current

GRC Analyst

HenryScheinOne

Jul 2023 - Present (2 years)

Spearheaded risk assessments for 25+ critical SaaS applications, identifying control gaps and aligning mitigation plans with NIST 800-53 and ISO 27001 standards. Conducted third-party vendor risk assessments using OneTrust and ServiceNow GRC, reducing onboarding cycle time by 30% and ensuring contract compliance with HIPAA and GDPR.

TC

GRC Analyst

TCS

Aug 2020 - Jun 2023 (2 years 10 months)

Performed enterprise-wide risk assessments for over 40 internal applications and client environments, aligning mitigation efforts with NIST 800-53 and ISO 27001 frameworks. Managed third-party risk reviews across 60+ vendors using RSA Archer and OneTrust, reducing overall vendor onboarding risk exposure by 35%.

TI

GRC Analyst

TEKGLOBAL Inc.

Feb 2017 - Aug 2020 (3 years 6 months)

Conducted risk assessments for over 30 internal systems and client environments, aligning findings with NIST 800-53, ISO 27001, and COBIT frameworks to guide mitigation planning. Oversaw third-party vendor risk management processes for more than 50 suppliers using LogicManager and OneTrust, reducing onboarding time by 25% and improving risk visibility.

Education

Degrees, certifications, and relevant coursework

UB

University of Buea

Bachelor of Science, Computerized Business Management

Graduated with a Bachelor of Science in Computerized Business Management. The program focused on the intersection of computer science and business administration, preparing students for roles in technology-driven business environments.

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
Elias fon - GRC Analyst - HenryScheinOne | Himalayas