Gabriel Samuel
@gabrielsamuel1
Experienced GRC professional with a focus on information security.
United StatesWhat I'm looking for
I am an experienced Governance, Risk, and Compliance (GRC) professional with over 10 years in Information Security Governance, Enterprise Risk Management, Compliance, and IT Audit. My proven ability to lead security and compliance programs is aligned with industry frameworks such as NIST 800-53, ISO 27001, and HIPAA. I excel in managing third-party risk, conducting technical assessments, and developing security policies while interfacing with senior stakeholders to drive security maturity and regulatory compliance.
Throughout my career, I have led enterprise-wide GRC initiatives, including policy management and compliance reviews, and have successfully managed third-party risk programs. My experience includes delivering board-level reports on key risk indicators and facilitating Cyber Business Impact Analyses to assess data confidentiality and integrity. I am committed to enhancing organizational security posture through effective training and awareness campaigns, ensuring that all employees are equipped to recognize and respond to security threats.
Experience
Work history, roles, and key accomplishments
GRC Manager (InfoSec)
UT Southwestern Medical Center
Mar 2016 - Present (9 years 2 months)
Led enterprise-wide GRC initiatives, including policy management, risk analysis, and compliance reviews aligned to HIPAA, PCI DSS, NIST, and SOC 2 standards. Managed the third-party risk program, including cloud vendor reviews and TX-RAMP compliance.
GRC Manager (InfoSec)
UT Southwestern Medical Center
Mar 2016 - Present (9 years 2 months)
Led enterprise-wide GRC initiatives, including policy management, risk analysis, and compliance reviews aligned with HIPAA, PCI DSS, NIST, and SOC 2 standards. Managed the third-party risk program, developed the IS risk register, and responded to regulatory audits.
Supervisor, IT Audit
UT Southwestern Medical Center
Mar 2016 - Present (9 years 2 months)
Managed internal IT audits covering access management, data governance, and system security. Led internal controls training and risk ownership awareness for stakeholders, and reviewed SOC reports.
IT Governance, Risk, and Compliance
UT Southwestern Medical Center
Mar 2016 - Present (9 years 2 months)
Oversaw annual IT risk assessments and developed prioritized audit plans. Coordinated audit evidence collection, conducted enterprise-wide PCI DSS compliance reviews, and advised on data privacy.
Assessment / Audit
UT Southwestern Medical Center
Mar 2016 - Present (9 years 2 months)
Designed and executed IT audit programs using NIST and COBIT frameworks. Reviewed data flows and system interconnectivity for data integrity risks, and performed change management and incident review audits.
GRC Manager (InfoSec)
UT Southwestern Medical Center
Mar 2016 - Present (9 years 2 months)
Led enterprise-wide GRC initiatives, including policy management, risk analysis, and compliance reviews aligned with HIPAA, PCI DSS, NIST, and SOC 2 standards. Managed the third-party risk program, including cloud vendor reviews and TX-RAMP compliance, and responded to regulatory audits. Delivered board-level reports on KRIs, KPIs, and enterprise security risks, while also overseeing internal IT a
IT Auditor
Cook Children’s Health Care System
Dec 2013 - Mar 2016 (2 years 3 months)
Audited IT controls for compliance with HIPAA and internal policies, reviewing system development life cycles for new implementations. Conducted vendor access reviews, BAA compliance, and Active Directory audits. Documented audit findings and action plans, presenting them to senior management.
IT Auditor
Cook Children’s Health Care System
Dec 2013 - Mar 2016 (2 years 3 months)
Audited IT controls for HIPAA compliance and internal policies, and reviewed system development life cycles for new implementations. Conducted vendor access reviews, BAA compliance, and Active Directory audits.
IT Governance, Risk, and Compliance (Internal Audit)
UT Southwestern Medical Center
Oversaw annual IT risk assessments and developed prioritized audit plans. Coordinated audit evidence collection and engagement with external auditors, and conducted enterprise-wide PCI DSS compliance reviews.
Supervisor, IT Audit (Internal Audit)
UT Southwestern Medical Center
Managed internal IT audits covering access management, data governance, and system security. Led internal controls training and reviewed SOC reports and vendor controls.
IT Auditor
Cook Children’s Health Care System
Dec 2013 - Mar 2016 (2 years 3 months)
Audited IT controls for compliance with HIPAA and internal policies, and reviewed system development life cycles for new implementations. Conducted vendor access reviews, BAA compliance, and Active Directory audits.
Assessment / Audit (Internal Audit)
UT Southwestern Medical Center
Designed and executed IT audit programs using NIST and COBIT frameworks. Reviewed data flows and system interconnectivity for data integrity risks, and performed change management and incident review audits.
Education
Degrees, certifications, and relevant coursework
Enugu State University
Bachelor's Degree, General Studies
Obtained a Bachelor's Degree from Enugu State University, Nigeria. This foundational education supported subsequent career development in Information Security Governance, Enterprise Risk Management, Compliance, and IT Audit.
Tech stack
Software and tools used professionally
Availability
Location
United StatesAuthorized to work in
Job categories
Interested in hiring Gabriel?
You can contact Gabriel and 90k+ other talented remote workers on Himalayas.
Message GabrielFind your dream job
Sign up now and join over 85,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
