Cybersecurity GRC • AI Governance • Risk & Compliance
I combine legal reasoning, cybersecurity graduate studies, GRC documentation, Python automation, and hands-on portfolio projects to support security governance, vendor risk analysis, compliance workflows, and business-focused cyber risk decisions.
Best starting point: TrustShield GRC — my Python + Streamlit vendor risk and evidence engine.
Professional Story
I am building a career at the intersection of cybersecurity, governance, risk, compliance, and responsible AI. My legal background helps me analyze requirements, structure evidence, document controls, and translate complex risk issues into clear business decisions.
My current portfolio focuses on practical GRC tools, risk assessment frameworks, AI governance, vendor risk review, digital forensics, and Python-based automation.
My strongest value is connecting legal/compliance thinking with cybersecurity execution. I am especially focused on roles where security teams need documentation, risk analysis, audit readiness, framework mapping, control evidence, and clear reporting.
Experience
Manage time-sensitive availability and inventory data using PICAS, validate field inputs, identify discrepancies, update system records, and support accurate product visibility. This role strengthens my attention to detail, data validation, documentation, quality control, and operational accountability.
Led daily fulfillment operations, tracked order status, resolved workflow issues, coordinated across departments, documented operational gaps, and managed multiple priorities under time-sensitive conditions. This experience supports my ability to follow procedures, escalate issues, and maintain reliable records.
Supported remote insurance underwriting operations by reviewing, correcting, and validating customer data, policy information, identification details, addresses, and risk-related documentation. Processed support tickets and handled compliance-sensitive information with accuracy and discretion.
Provided remote support, documented customer interactions, followed structured procedures, escalated complex cases, and supported users in account, billing, reservation, and service-related issues. Built foundational help desk skills in issue intake, troubleshooting, documentation, and escalation.
Prepared, reviewed, and organized legal and administrative documentation for trademark registration processes. Developed transferable skills in research, regulatory interpretation, evidence organization, procedural accuracy, and compliance documentation.
Building practical cybersecurity projects focused on vendor risk, AI governance, risk scoring, incident response documentation, data validation, anomaly identification, governance documentation, and Python-based automation.
Featured Projects
Python and Streamlit-based GRC tool that evaluates vendor cybersecurity risk, identifies missing compliance evidence, maps control gaps to frameworks, and generates executive-style risk reports.
AI governance and compliance framework focused on risk exposure, bias considerations, institutional controls, and responsible AI documentation.
Digital forensics project analyzing an iOS backup in a data exfiltration scenario, demonstrating investigative documentation and evidence-based reasoning.
Cybersecurity risk assessment project focused on fintech environments, sensitive data, financial systems, and security control considerations.
Risk assessment framework demonstrating structured thinking around assets, threats, vulnerabilities, impact, likelihood, and remediation planning.
Governance framework exploring AI-enabled credit risk, model oversight, compliance exposure, and responsible decisioning considerations.
Independent cybersecurity GRC case study analyzing fintech risk areas, asset inventory, risk register, risk matrix, control mapping, remediation roadmap, and executive reporting.
GitHub RepoCybersecurity GRC documentation project demonstrating audit readiness, control evidence organization, access control policy documentation, vendor risk review, gap analysis, and remediation planning.
GitHub RepoSkills
Risk identification, vendor risk review, audit-ready documentation, control mapping, compliance support, remediation prioritization, evidence organization, and governance workflows.
Alert triage concepts, incident response concepts, false positive analysis, escalation logic, playbook-based response, case documentation, ticket handling, and security monitoring workflows.
NIST Cybersecurity Framework, NIST AI Risk Management Framework, access control, MFA, vulnerability awareness, endpoint security concepts, phishing awareness, malware awareness, DNS, TCP/IP, VPN, firewall and IDS/IPS concepts.
Python, Streamlit, Pandas, GitHub, Markdown, Excel, Microsoft 365, Google Workspace, Windows 10/11, CSV analysis, dashboards, structured documentation, and remote support environments.
Ticket management, SOP compliance, timestamped documentation, quality control, data validation, sensitive information review, record accuracy, workflow coordination, and operational escalation.
Bilingual English/Spanish communication, legal reasoning, structured thinking, research, coachability, attention to detail, common sense, persistence, and clear written communication.
Professional Focus
I build practical cybersecurity projects that show risk analysis, compliance documentation, control mapping, audit readiness, vendor risk review, and structured decision-making.
My portfolio includes Python, Streamlit, GitHub, and documentation-based projects that turn cybersecurity concepts into usable workflows, dashboards, reports, and review processes.
I am focused on remote Junior GRC Analyst, Cybersecurity Risk Analyst, SOC Support, Compliance Analyst, Vendor Risk, Security Documentation, and Audit Readiness roles.
My long-term direction is to grow in responsible AI governance, cyber risk, compliance, regulatory mapping, security controls, and business-focused cybersecurity decision-making.
Resume
I am seeking fully remote junior cybersecurity, SOC support, GRC, risk, compliance, security documentation, audit readiness, or incident response support roles. My background combines legal analysis, remote support, ticket handling, data validation, structured documentation, cybersecurity fundamentals, and Python-based portfolio projects.
Contact
I am focused on remote cybersecurity GRC, SOC support, risk, compliance, AI governance, audit readiness, security documentation, and incident response support roles.