Open to opportunities

Ryan Gingery

@ryangingery

Message

GRC-focused information security analyst specializing in audit-ready compliance.

United States

Message

What I'm looking for

I seek a GRC or compliance role where I can lead audit readiness, strengthen IAM and vulnerability programs, and improve security posture within a collaborative, growth-focused team.

I am a results-driven cybersecurity and GRC professional with 3+ years of experience in IT compliance, internal audit, and risk management. I have proven expertise in PCI DSS compliance, NIST Cybersecurity Framework, control testing, and preparing organizations for successful audits with zero findings.

I have developed DR and BC plans aligned to NIST SP 800-34, implemented organization-wide security awareness training that reduced phishing click rates by 40%, automated access certification reviews to cut manual oversight by 70%, and remediated critical vulnerabilities to achieve 99.5% patch compliance.

Experience

Work history, roles, and key accomplishments

Current

Compliance Specialist

Current

Lasting Change, Inc.

Dec 2023 - Present (1 year 11 months)

Developed the organization's first DR and BC plans aligned to NIST SP 800-34, performed internal control testing against NIST CSF, and implemented KnowBe4 training for 500+ employees reducing phishing click rates by 40%.

NIST CSF KnowBe4 MFA Controls Testing Disaster Recovery

Compliance Specialist

Brotherhood Mutual Insurance Company

Feb 2022 - Mar 2023 (1 year 1 month)

Remediated critical vulnerabilities across 100+ devices to achieve 99.5% patch compliance, designed a centralized IT asset inventory reducing audit prep time by 40%, and created standardized audit documentation for regulatory compliance.

PCI DSS Vulnerability Management Asset Inventory Patch Management Internal Audit Compliance Reporting