Imelda Chukwu

I am a results-driven Senior Governance, Risk, and Compliance (GRC) Specialist with over 8 years of experience securing complex IT environments and leading compliance initiatives at Big Four firms. I specialize in implementing and auditing frameworks including PCI DSS, ISO 27001, SOC 2, and NIST to reduce operational risk.

At Deloitte Canada I spearheaded the PCI-DSS program, reduced audit findings by 40% year-over-year, led ISO 27001:2022 transition with 100% remediation completion, and orchestrated SOC 2 Type II audits delivering clean opinions. I also pioneered a quantitative IT risk assessment program using NIST CSF and directed a 3rd Party Risk Management program assessing 200+ vendors.

Previously at KPMG Canada I managed end-to-end ISO 27001 and SOC 2 engagements, built PCI DSS assessments that cut client compliance risks by ~30%, authored incident response plans, and delivered security awareness training to 500+ employees that improved phishing pass rates substantially. I consistently drove improvements in TRA, IT risk registers, and policy adoption.

I hold CRISC, CompTIA Security+, and PMP certifications, and I am seeking to leverage my audit, risk assessment, policy development, and stakeholder engagement expertise to help Canadian and international organizations strengthen security posture and maintain continuous compliance.