J Damien Scott
@jdamienscott
Cybersecurity GRC security analyst transforming executive security governance into audit-ready compliance and risk management.
What I'm looking for
I’m a U.S. Marine Corps and law enforcement veteran, transitioning from 18 years of executive-level security governance, risk management, and regulatory compliance leadership into cybersecurity GRC. I communicate risk in business terms and build audit-ready documentation at scale.
I’ve maintained ISO 27001, HIPAA, and NIST 800-series compliance in highly regulated, multi-state environments, while coordinating internal and external audit activity and serving as the compliance representative in client-facing reviews. I direct governance and compliance oversight through structured onboarding, renewal tracking, and exception escalation controls.
On the security operations side, I’ve directed 900+ formal investigations with root-cause discipline and evidentiary/legal defensibility. I also led incident reporting, escalation, and corrective-action tracking to improve incident response performance and strengthen executive visibility into high-consequence risk.
My credentials support emerging AI governance expectations as well as core GRC rigor, including four OCEG GRC credentials, an OCEG Integrated AI Professional credential, and an accredited ISO 27001 Lead Auditor certification. I focus on ISO/NIST-aligned control design, testing development, third-party/vendor risk management, and continuous compliance improvement.
Experience
Work history, roles, and key accomplishments
Chief Operations Officer
Sorsen Inc.
Jun 2024 - Feb 2026 (1 year 8 months)
Built and maintained audit-ready documentation and directed governance and compliance oversight for 127 client accounts across 5 states. Led incident reporting, escalation, and corrective-action tracking, and owned P&L and risk governance for the account portfolio.
Chief Security Officer
Bedrock Protection Agency LLC
Apr 2014 - May 2024 (10 years 1 month)
Maintained ISO 27001, HIPAA, and NIST 800-series compliance across 238 sites and 37 states using a risk-based governance model. Authored enterprise cybersecurity policy, directed a 900+ case investigations program, and led client-facing governance, vendor risk oversight, and Google Workspace enterprise administration.
Country Security Manager
Tacforce International, Inc.
Dec 2007 - Jan 2013 (5 years 1 month)
Directed overseas ITAR compliance programs and led regulatory audits, policy corrections, and mandatory reporting to mitigate enterprise security risk. Managed country security plans and risk assessments, delivered GRC-aligned security awareness briefings, and led continuity-of-operations planning, crisis response, and after-action reviews across multiple operating environments.
Education
Degrees, certifications, and relevant coursework
University of Wales Trinity Saint David
Postgraduate Certificate, Business Administration
Completed a Postgraduate Certificate in Business Administration at the University of Wales Trinity Saint David. Specific dates were not provided.
Western Nevada College
Associate of Arts, General Studies
Earned an Associate of Arts in General Studies from Western Nevada College. Specific dates were not provided.
GRC Mastery
ISO/IEC 27001 Lead Auditor (Training & Certification), Information Security Management (ISO/IEC 27001)
Completed ISO/IEC 27001 Lead Auditor training and certification via GRC Mastery (Exemplar Global accredited).
University of South Florida
Certified CARVER Assessment Professional (CCAP), Security Risk Assessment
Completed training and earned the Certified CARVER Assessment Professional (CCAP) credential through the University of South Florida.
OCEG (Open Compliance and Ethics Group)
OCEG GRC Certifications (GRCP, GRCA, IT GRC, IAIP), Governance, Risk & Compliance (GRC)
Holds multiple OCEG GRC credentials, including GRCP (Certified GRC Professional), GRCA (Certified GRC Auditor), IT GRC (Certified IT GRC Professional), and IAIP (Certified Integrated AI Professional). Credentials support emerging AI governance standards and GRC best practices.
Tech stack
Software and tools used professionally
Availability
Location
Authorized to work in
Website
jdamienscottllc.comJob categories
Skills
Interested in hiring J Damien?
You can contact J Damien and 90k+ other talented remote workers on Himalayas.
Message J DamienGet matched with your dream remote job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
