Open to opportunities

Philomena Hall

@philomenahall

Message

Certified Information Systems Auditor with expertise in cybersecurity compliance.

United States

Message

What I'm looking for

I am seeking a role that fosters growth in cybersecurity compliance and risk management, with a focus on collaboration and innovation.

I am a Certified Information Systems Auditor (CISA) and Governance, Risk, and Compliance Analyst with over three years of experience in cybersecurity compliance, risk assessments, and enterprise audit programs. My journey in this field has been marked by a demonstrated success in leading ISO 27001 audits and conducting third-party risk assessments, ensuring that organizations meet stringent compliance standards.

At UCLA Health, I led internal audits and risk assessments, creating dashboards in Power BI to provide leadership with oversight metrics. My hands-on experience with ServiceNow GRC modules and Diligent One for compliance reporting has equipped me with the skills to translate complex risk and compliance requirements into actionable workflows. I thrive in collaborative environments, working closely with IT, Legal, and Procurement teams to embed controls into contracts and enhance compliance evaluations.

Experience

Work history, roles, and key accomplishments

Information Security Compliance Analyst

UCLA Health

Apr 2022 - Jan 2025 (2 years 9 months)

Led ISO 27001:2022 internal audits, risk assessments, and Statement of Applicability documentation. Performed third-party risk assessments and supported vendor onboarding reviews aligned with internal controls and privacy requirements.

ISO 27001 Risk Assessment Third Party Risk Management Power BI Diligent One HIPAA)GDPR

Security Control Assessor (IT Auditor)

Lumen Technologies

Mar 2020 - Apr 2022 (2 years 1 month)

Performed security control assessments aligned with NIST 800-53 and ISO 27001 frameworks. Assisted in POA&M management, SSP reviews, and remediation planning to support continuous monitoring.

NIST 800 53 ISO 27001 Security Control Assessment

Cybersecurity Intern

Cybersecurity Information Systems University

Jan 2021 - Jun 2021 (5 months)

Participated in projects including policy development, audit preparation, onboarding/offboarding, and vulnerability remediation. Covered ISO 27001 controls, ITGC audits, privacy frameworks, incident response, business continuity, and control mapping.

Risk Management Policy Development ISO 27001 ITGC

Information Security Analyst

Zolon Tech Inc

Jan 2019 - Mar 2020 (1 year 2 months)

Contributed to ISO 27001 readiness including ISMS policy updates, asset classification, and internal audit support. Executed onboarding/offboarding access reviews and least privilege evaluations.

ISO 27001 ISMS ISO 27701

Cybersecurity and Risk Compliance Training & Internship

Hikima Academy

Jan 2018 - Jan 2019 (1 year)

Completed structured training in cybersecurity fundamentals, risk management, and compliance frameworks. Participated in projects including policy development, audit preparation, onboarding/offboarding, and vulnerability remediation.

Risk Management Policy Development ISO 27001

Education

Degrees, certifications, and relevant coursework

Cybersecurity Information Systems University

Internship, Cybersecurity Information Systems

Participated in a cybersecurity internship focusing on information systems. Gained practical experience in various aspects of cybersecurity.

Hikima Academy

Training & Internship, Cybersecurity and Risk Compliance

University of West London

Bachelor's Degree, Nursing

Completed a Bachelor's Degree in Nursing. Studied various aspects of nursing and healthcare.

Kingston University

Bachelor's Degree, Design & Architecture – Property Planning & Development

Completed a Bachelor's Degree in Design & Architecture with a focus on Property Planning & Development. Gained knowledge in design principles and property development.