Candidate 023
Policy & Cybersecurity Compliance Analyst
Lansdowne, PA
Summary
Analytical cybersecurity governance professional with 8+ years of experience developing, maintaining, and enforcing
cybersecurity and compliance policies within regulated environments. Proven expertise in policy lifecycle management,
regulatory gap analysis, audit coordination, and cross-functional risk alignment. Experienced aligning cybersecurity
frameworks to NIST, ISO 27001, HIPAA, PCI DSS, and privacy requirements. Strong communicator and compliance
advocate who partnered effectively with IT, HR, Legal, and business leadership to ensure policies support operational
objectives and enterprise risk appetite.
Professional Experience
Lead GRC Analyst
Diaspocare
07/2023 – Present
- Lead the development and revision of cybersecurity policies and procedures aligned with NIST CSF and ISO 27001 to meet evolving healthcare regulatory requirements
- Conducted regular policy gap analysis to identify deficiencies; developed remediation strategies that improved compliance scores by 25%
- Partnered with Legal, IT, and operational leaders to ensure policy documentation reflects current legal, regulatory, and business requirements
- Monitored compliance with internal security policies; performed periodic control assessments to evaluate effectiveness
- Maintained centralized repository of cybersecurity documentation, ensuring version control and archival of historical policies
- Generated dashboards and compliance metrics to track adherence, remediation status, and audit outcomes
- Coordinated evidence gathering for external audits, reducing auditor inquiry turnaround time through organized documentation management
- Provided policy guidance during new system implementations, vendor onboarding, and operational changes
Cybersecurity Analyst
Breezeline
01/2022 – 06/2023
- Drafted and maintained information security standards and procedures for a multi-facility enterprise, ensuring consistency across business units
- Conducted compliance assessments and documented policy gaps across business units
- Collaborated with audit teams to prepare evidence and remediation plans for regulatory reviews
- Developed communication plans to ensure the timely dissemination of policy updates to 500+ employees
- Served as point of contact for internal inquiries related to cybersecurity compliance requirements
IT Compliance Specialist
Aegon Global Technology
06/2018 – 12/2021
- Supported cybersecurity governance programs through the maintenance of structured policy documentation and regulatory mapping
- Evaluated internal controls against regulatory requirements, including HIPAA-aligned security environments
- Assisted in the archival and version control of historical policy documents to ensure a complete audit trail
- Contributed to process improvement efforts by standardizing the intake process for policy-related inquiries
Project Experience
No items found.
Technical Skills
No items found.
Certifications
CompTIA CySA+
Cybersecurity Analyst
CompTIA Project+
CompTIA PenTest+
ITIL 4 Foundation
CompTIA Security+
CISSP
In Progress
CCSP
Scheduled for April 2026
Education
Western Governors University
Bachelor of Science in Cybersecurity and Information Assurance
05/2013
Delaware County Community College
Associate Degree in Network Engineering
03/2025
References
No items found.
