Ottawa, Ontario, Canada
Eight years ago, I walked into my first GRC audit and realized something nobody in the room wanted to say out loud: the program looked great on paper and was barely functioning in practice. That gap between compliance theatre and real risk management is what I've spent my career closing! Today, I work as a Head of GRC Director and DPO for organizations that want compliance programs built for reality, not just regulators. I specialize in ISO certifications, data privacy, and audit management, but what I'm really doing is helping leadership teams understand what they actually control, and what they don't. I work globally across industries. I say the things the room doesn't want to hear. And I build programs that still work when nobody's watching. If that sounds like what your organization needs — let's connect!
● Working on managing several major projects including ISO 27001, B-Corp Certification, and Managed a team of Compliance and documentation specialists. ● Designed, implemented, and maintained Quality Management System (QMS) for internal processes and product releases. ● Worked on Tracking, monitoring, and controlling the product compliance and validation processes and the associated deliverable, also overseeing audits processes. ● Provided regulatory interpretation and direction in regards to ISO 9001 & 27001, federal regulations including FDA, 21 CFR Part 11, Annex 11, and other requirements.
Governance, Risk Management, Audit Management & Reporting, System Implementation and Management, Cross-functional Collaboration.
• Worked with Cyber-Security and Operations team of 10+ to ideate, create, maintain, and update Cyber-Security Processes, Procedures, Playbooks, Runbooks and several documentations, working primarily with Office 365 (ex: SharePoint, Excel, Visio, etc.) • Increased Incident Response efficiency by 20% through the strategic minimization of bottlenecks. • Worked with Cyber-Security, Identity and Access Management, Global, IT acceptable, Data Strategy, etc. related policies, and Compliance documents. • Trained 1-2 employees/year in Cyber-Security Processes, Procedures, Plans, and multiple strategies. • Ensured strict adherence to ISO 270001 and ISO 9001.
• Worked with several Internal teams (Dev/QA/Sales/Marketing) to obtain an in-depth understanding of the Ark-Angel platform and the documentation requirements. • Authored High-quality documentation that meets Hitachi Systems Security and ISO 90001 standard, appropriate for the audience. • Drafted easy-to-understand user interface text, online help, and user guides. • Investigated existing and potential content, focusing on reuse and single-sourcing opportunities.
• Assisted in designing and conducting research projects, including data collection and analysis. • Supported faculty with course preparation, grading, and managing learning materials. • Provided academic assistance to students during office hours or study sessions. • Conducted literature reviews and prepared summaries or reports on findings. • Coordinated administrative tasks, such as scheduling and maintaining records for research or teaching activities.