NOMINATION HIGHLIGHTS

With over 15 years in cybersecurity and IT governance, I have led strategic GRC programs that reduced enterprise risk, improved compliance maturity, and advanced cyber resilience across multiple industries. As a woman in cybersecurity, I have always combined technical leadership with a passion for empowering others and driving systemic change.
In my current and past roles, I successfully improved control effectiveness by 40% within 12 months by implementing automated testing and evidence collection for ISO 27001, NIST CSF, and CIS Controls across hybrid environments. At a major financial institution, I led a risk remediation initiative that reduced open high-risk audit findings by 60%, improving the organization’s risk posture and audit readiness.
I designed and operationalized enterprise-wide GRC frameworks that integrated policy management, risk assessment, and vendor governance, leading to a 30% reduction in policy violations and a 25% increase in timely third-party risk reviews. Through structured training and governance alignment, I enabled a 50% boost in first-line ownership of security controls—turning compliance from a checkbox to a culture.
In parallel with my professional journey, I am pursuing a master’s degree in cybersecurity and analytics while contributing to the cybersecurity community as a volunteer with Women in CyberSecurity (WiCyS).
This nomination is not just about what I’ve achieved, but how I’ve done it—with integrity, inclusivity, and a vision for making cybersecurity accessible and human-centered. I believe real GRC leadership goes beyond compliance; it’s about building trust, empowering people, and shaping the future of cyber risk management.