Joi Frederick
@joifrederick
Security, privacy, and GRC leader scaling enterprise controls across regulated, cloud-native platforms.
United StatesWhat I'm looking for
I’m a Security, Privacy, and Compliance Manager who builds, owns, and scales enterprise security, risk, and compliance programs in regulated, high-growth environments. I lead hands-on ISO 27001:2022, SOC 2 Type II, CMMC Level 2, FedRAMP Low/Moderate, UK Cyber Essentials+, and FIPS 140-3 audit preparation, evidence management, remediation tracking, and ongoing compliance maintenance.
I partner deeply with engineering, product, legal, finance, and operations to translate regulatory and customer requirements into pragmatic controls—designing security, privacy, risk, and AI governance frameworks with policies, standards, risk assessments, and control testing methodologies. From threat models and impact assessments to third-party risk management (including BIAs/PIAs), executive & board-level risk reporting, and incident response governance, I help teams stay audit-ready and improve residual risk with clarity and operational focus.
Experience
Work history, roles, and key accomplishments
Owned enterprise security governance, risk, privacy, and AI governance for a cloud-native Kubernetes management platform; led ISO 27001:2022, SOC 2 Type II, CMMC Level 2, FedRAMP Low/Moderate, UK Cyber Essentials+, and FIPS 140-3 audit preparation, evidence management, and remediation tracking. Partnered with engineering and product to perform threat modeling and translate regulatory requirements
Governance Risk & Compliance Director
Drake Software, LLC
May 2022 - Nov 2023 (1 year 6 months)
Built and led the company’s first enterprise GRC and privacy programs for regulated financial and tax software, serving as executive owner for SOC 2 Type II audit readiness and successful outcomes. Designed governance frameworks for policies, risk management, and third-party oversight; managed customer security questionnaires and contract reviews, addressing GLBA, FTC, and CCPA/CPRA requirements.
Corporate Paralegal
Drake Software, LLC
Feb 2019 - May 2022 (3 years 3 months)
Led CCPA-to-CPRA implementation initiatives and developed the first DSAR and privacy program for regulated financial and tax software. Managed PCI and GDPR compliance, assisted with incident response from a policy/legal perspective, and supported supply-chain and customer contract reviews.
Education
Degrees, certifications, and relevant coursework
University of New Hampshire
Master of Science, Cybersecurity Policy & Risk Management
Completed an M.S. in Cybersecurity Policy & Risk Management.
Coastal Carolina University
Bachelor of Arts, Sociology
Completed a B.A. in Sociology.
Horry-Georgetown Technical College
Associate of Science, Paralegal Studies
Completed an A.S. in Paralegal Studies.
Tech stack
Software and tools used professionally
Availability
Location
United StatesAuthorized to work in
Job categories
Skills
Interested in hiring Joi?
You can contact Joi and 90k+ other talented remote workers on Himalayas.
Message JoiFind your dream job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
