Open to full-time & consulting

Making compliance click into place.

Cybersecurity GRC Analyst with hands-on experience across governance frameworks, enterprise risk, third-party risk, and privacy compliance in healthcare, SaaS, and legal environments.

๐Ÿ“ Hamilton, ON ndomaegbastanley@gmail.com linkedin.com/in/stanleyegba
0
Frameworks & regulations
0
Certifications
0
GRC engagements & projects
0
Industries: healthcare, SaaS, legal

Selected work

Real engagements โ€” from consulting to capstone

PIPEDA ยท Bill S-5
MD Pharma Consulting Group

Platform Privacy & Compliance Audit

Audited genzapp.com and mapped controls to PIPEDA and Bill S-5 data-blocking rules, producing a gap remediation roadmap ahead of public launch.

Complete
โ†’
ISO 27001 ยท SOC 2
MD Pharma Consulting Group

Risk Register & Compliance Checklists

Maintained risk registers and compliance checklists aligned to ISO 27001 and SOC 2 control objectives, reducing pre-launch compliance gaps.

Complete
โ†’
PIPEDA ยท GDPR
Digital Health Capstone

Clinical Platform Privacy Framework

Designed a PIPEDA & GDPR compliance framework for a clinical mental-health platform โ€” policies, data processing agreements, and PIAs to protect PII/PHI.

Complete
โ†’
CIS Controls ยท NIST CSF
Akinyemi Law Office

Vulnerability & Vendor Risk Reviews

Ran quarterly vulnerability assessments and vendor reviews, tracking 15+ critical misconfigurations in a risk register with prioritized remediation.

Complete
โ†’
ISO 27001 ยท SOC 2 Type II
Consulting Simulation

GRC Assessment & Audit Readiness

Mapped organizational controls against ISO 27001 and SOC 2 Type II, producing gap analysis, remediation priorities, and an audit evidence inventory.

Complete
โ†’
NIST CSF
Mohawk College

Incident Response Team Lead

Led a 5-analyst team through a simulated multi-stage breach, applying NIST CSF-aligned containment and recovery, plus a board-level executive summary.

Complete
โ†’

Frameworks & competencies

Grouped the way I actually work with them

Governance & Frameworks

CIS Controls NIST CSF ISO 27001 SOC 2 COBIT

Privacy & Data

GDPR PIPEDA CCPA/CPRA HIPAA PIA / DLP

Risk & Third-Party

Risk Registers KRI / KPI Dashboards TPRM Vendor Risk FINTRAC

Identity & Threat

Entra ID (Azure AD) Access Reviews MITRE ATT&CK SIEM / SOAR

Audit & Compliance

Evidence Coordination Gap Analysis Security Questionnaires PCI DSS

AI & Automation

AI Governance n8n Automation Python Scripting Compliance Automation
OneTrust Drata Hyperproof Tableau SQL Splunk Nmap Wireshark

Certifications

S+
CompTIA Security+
CompTIA
C
CIPP/C
IAPP โ€” Privacy Professional, Canada
SC
SC-900
Microsoft โ€” Security, Compliance & Identity
AZ
AZ-900
Microsoft โ€” Azure Fundamentals
DA
Data Analytics
Google Professional Certificate

Other projects

Side experiments, outside the GRC lane

Notion ยท External

XTAN's Playground

A separate space for side projects and experiments outside GRC work.

Visit playground โ†’

Let's talk about your compliance program.

Open to full-time GRC roles and select consulting engagements โ€” audits, framework buildouts, and privacy program design.

Email me LinkedIn Resume (PDF)