AI GRC Professional
Connecticut, USA | Remote
I'm a Certified GRC Engineer – Practitioner (CGE-P) working at the intersection of AI governance, security, and privacy engineering. I build the tools GRC teams actually need: Python automation, policy-as-code pipelines, AI threat modeling skills, and runtime LLM governance — not slide decks about them. My background pairs legal and technical expertise across highly regulated environments, making governance work where the stakes are real.
Vendor risk and third-party security are core to how I think about this space: AI risk is vendor risk unless the model was built in-house, and most organizations consume AI rather than build it. I've helped organizations evaluate and govern external technology partners, pairing due diligence and framework alignment with practical controls — and I apply that same rigor to the tools I build, grounded in NIST AI RMF, the EU AI Act, and ISO 42001. I'm the 2026 IAPP Young Privacy Professional for the Connecticut chapter and am pursuing a Master of Science in Cybersecurity & Information Assurance.
A self-directed journey building 25+ Python automation tools for Governance, Risk, and Compliance — progressing from foundational scripts to a full-stack GRC framework across four phases. Built using AI-assisted development tools (Windsurf), demonstrating practical application of AI coding tools to GRC engineering workflows.
python -m grc_framework), and unit tests via pytest.
Supports audit, scan, report, monitor, and alert commands from a single interface.
AI Governance Professional (IAPP)
Certified GRC Engineer – Practitioner (GRC Engineering Club)
Cybersecurity Analyst (CompTIA)
Lead Auditor (Mastermind Assurance)
Penetration Testing+ (CompTIA)
Lead Auditor (Mastermind Assurance)
Lead Auditor (Mastermind Assurance)