ERIC BANGA
Woodbridge,VA
Summary
Detail-oriented GRC Analyst with 5 years of experience in developing, implementing, and managing comprehensive governance, risk, and compliance frameworks. Proven expertise in ISO 27001, NIST, and CIS standards, with a strong background in risk assessment, audit management, and regulatory compliance. Adept at enhancing organizational security posture through effective policy development and compliance initiatives.
Overview
6
6
years of professional experience
1
1
Certification
Work History
GRC Analyst
Deltek
01.2023 - 04.2024
- Develop and implement GRC frameworks in alignment with ISO 27001, NIST, and CIS standards
- Conduct comprehensive risk assessments and identify potential vulnerabilities and compliance gaps
- Coordinate and execute internal and external audits to ensure regulatory compliance
- Develop and maintain policies, procedures, and controls to mitigate risks and ensure compliance
- Monitor and report on the effectiveness of GRC programs to senior management
- Collaborate with cross-functional teams to enhance security posture and achieve compliance objectives.
GRC Specialist
Ginnie Mae
02.2021 - 01.2023
- Assisted in the development and maintenance of GRC policies and procedures
- Conducted risk assessments and developed risk mitigation plans
- Supported internal and external audit processes and compliance assessments
- Provided training and awareness programs to staff on compliance requirements and best practices
- Monitored regulatory changes and updated policies and procedures accordingly.
Cybersecurity Analyst
Transamerica Life Insurance Company
06.2018 - 12.2020
- Work within the Governance, Risk, and Compliance team to maintain security policies and standards
- Provide subject matter expertise in support and development of improved security policies and threat models
- Implement and manage solutions and processes to manage, track, and report on control activities
- Prepare reports for leadership to communicate risk, risk treatments and control effectiveness
- Helped users with all system capabilities including office programs, scanning, printing, and file recovery
- Reset users account and password using Active Directory Users and Computers
- Patched software and installed new versions to eliminate security problems and protect data
- Walked user through series of steps to determine problem and implement likely solution.
Education
Bachelor of Science - Cybersecurity and Information Assurance
Western Governors University
Utah 03.2025
BoothCamp - Cybersecurity
American University
Washington, DC09.2021
Skills
- GRC Frameworks: ISO 27001, NIST, CIS
- Risk Assessment and Management
- Audit Management
- Regulatory Compliance
- SSAE18 (SOC 1 AND SOC2)
- Incident Response and Management
- Security Awareness Training
- Data Analysis and Reporting
- Strong Communication and Interpersonal Skills
- Policy Development and Implementation
- Risk Analysis
- Audit Support
- Intrusion Detection
- Disaster Recovery Planning
Certification
- CRISC – Certified Information System Auditor.
- CompTIA Security+ - CompTIA.
- CISA – Certified Information System Auditor.
Timeline
GRC Analyst
Deltek
01.2023 - 04.2024
GRC Specialist
Ginnie Mae
02.2021 - 01.2023
Cybersecurity Analyst
Transamerica Life Insurance Company
06.2018 - 12.2020
Bachelor of Science - Cybersecurity and Information Assurance
Western Governors University
BoothCamp - Cybersecurity
American University
Similar Profiles
Jake MeadowsJake Meadows
Consultant at DeltekConsultant at Deltek
Anne-Marie DrakeAnne-Marie Drake
Senior Technical Consultant at DeltekSenior Technical Consultant at Deltek
Mara EllisMara Ellis
Sr. Customer Success Manager at DeltekSr. Customer Success Manager at Deltek