JWJ W
@jw01
I am an Information Security Risk Manager specializing in GRC, ISO 27001, and NIST CSF.
United StatesWhat I'm looking for
I am an information security risk manager with over nine years of experience in Governance, Risk, and Compliance (GRC), focused on building and running enterprise-wide risk programs aligned to NIST CSF and ISO 27001.
I have developed and implemented risk management frameworks, led comprehensive risk analyses, and produced executive-level summaries, KRIs, and dashboards to inform senior leadership. I manage risk registers and reporting functions using ERamba and drive remediation through the full mitigation lifecycle.
I ensure regulatory and standards alignment, including HIPAA, CCPA, and PCI-DSS, author internal policies and SOPs, and execute internal audit and ISMS processes such as data classification and incident response. I have supported audit readiness and the PDCA compliance cycle across global operations.
I partner with stakeholders across functions to prioritize risk, support risk-aware culture through training and communications, and guide risk decisions during M&A and third-party engagements. I hold ISO/IEC 27001 Lead Auditor certification and bring a results-driven, compliance-focused approach to security risk management.
Experience
Work history, roles, and key accomplishments
Information Security Risk Manager
Woven by Toyota
Sep 2022 - Present (3 years 1 month)
Managed development and implementation of enterprise-wide security risk assessment and management frameworks aligned with NIST CSF and ISO 27001, and led risk analyses, KRI dashboards, and remediation to inform senior leadership.
IT Risk Manager
Inari Medical
Oct 2021 - Aug 2022 (10 months)
Ensured systems and technologies aligned with HIPAA, CCPA, ISO 27001, and PCI-DSS through proactive risk reviews; authored policies and led security awareness training to embed compliance.
GRC Compliance Analyst
Panasonic Avionics Corporation
Mar 2016 - Jan 2021 (4 years 10 months)
Executed internal audit engagements across ISO 27001 domains, managed ISMS processes including data classification and incident response, and drove remediation tracking and annual risk reviews.
Education
Degrees, certifications, and relevant coursework
J hasn't added their education
Don't worry, there are 90k+ talented remote workers on Himalayas
Tech stack
Software and tools used professionally
Availability
Location
United StatesAuthorized to work in
Job categories
Interested in hiring J?
You can contact J and 90k+ other talented remote workers on Himalayas.
Message JFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
