Summary
Overview
Work History
Education
Skills
Timeline
Generic

Nnenna Chukwulebe

Rosedale

Summary

Experienced and results-driven GRC Consultant with a strong track record of designing and implementing robust governance, risk management, and compliance frameworks across diverse industries. Adept at aligning GRC strategies with organizational objectives to enhance operational efficiency, regulatory compliance, and risk mitigation. Demonstrated expertise in regulatory standards such as SOX, ISO 27001, NIST, and GDPR, with a deep understanding of enterprise risk management and internal controls. Skilled in conducting risk assessments, developing policies and procedures, and advising on audit readiness and remediation. Known for strong stakeholder engagement, strategic thinking, and a proactive approach to identifying emerging risks and compliance challenges.

Overview

8
8
years of professional experience

Work History

GRC Consultant

Fire Shot USA
03.2022 - Current
  • Developed and implemented GRC frameworks aligned with regulations (SOX, GDPR, ISO 27001, NIST).
  • Facilitated cross-functional collaboration to deliver enterprise-wide GRC programs.
  • Conducted risk assessments and gap analyses to identify compliance weaknesses and mitigate risks.
  • Championed a culture of continuous learning through training, workshops, and knowledge-sharing.
  • Supported clients in establishing governance structures that improved decision-making and reduced compliance risk.
  • Delivered audit findings and actionable insights to strengthen internal controls.
  • Led internal/external audits and supported remediation efforts.
  • Used tools like RSA Archer, ServiceNow GRC, and MetricStream for risk management and reporting.
  • Created executive reports and dashboards to communicate compliance and risk posture.

GRC Risk Manager

Ray Parker
08.2019 - 01.2022
  • Lead the development, implementation, and continuous improvement of enterprise-wide Governance, Risk, and Compliance (GRC) frameworks, ensuring alignment with regulatory requirements and business objectives.
  • Oversee risk identification, assessment, mitigation, and reporting processes across operational, IT, and third-party risk domains.
  • Develop and maintain policies, procedures, and internal control frameworks in compliance with SOX, ISO 27001, NIST, and GDPR standards.
  • Collaborate with senior leadership, business units, and external auditors to ensure audit readiness and manage regulatory inspections.
  • Drive risk awareness and compliance culture through training programs, policy updates, and stakeholder engagement.
  • Utilize GRC platforms such as RSA Archer, ServiceNow GRC, and MetricStream for risk monitoring, control testing, and reporting.
  • Deliver risk reports, dashboards, and key risk indicators (KRIs) to executive leadership and board committees.
  • Support incident response, remediation planning, and root cause analysis for risk and compliance events.

GRC Analyst

Stream Technologies
04.2017 - 07.2019
  • Collaborated with cross-functional teams to identify opportunities for process improvement and increased efficiency.
  • Improved internal knowledge sharing by developing comprehensive documentation outlining standard operating procedures for various tasks.
  • Enhanced team collaboration by providing clear communication of complex findings through visualizations and reports.
  • Implemented predictive analytics techniques that enabled proactive adjustments to business strategies based on emerging trends.
  • Supported the implementation and maintenance of GRC frameworks aligned with regulatory and industry standards (e.g., SOX, ISO 27001, NIST, GDPR).
  • Assisted in conducting risk assessments, control testing, and compliance reviews across business units.
  • Maintained risk registers, tracked remediation activities, and monitored compliance metrics using GRC platforms such as RSA Archer and ServiceNow GRC.
  • Participated in internal and external audit processes, gathering evidence and ensuring timely resolution of findings.
  • Collaborated with stakeholders to develop and update policies, procedures, and compliance documentation.
  • Helped identify control gaps and supported the development of mitigation plans.
  • Generated reports and dashboards to support management decisions on risk posture and compliance status.
  • Contributed to awareness campaigns, training sessions, and workshops to promote a risk-aware culture.

Education

John Hopkin University
Baltimore

Skills

  • GRC Platforms: RSA Archer, ServiceNow GRC, MetricStream, LogicManager, SAP GRC, OneTrust, Riskonnect
  • Risk & Compliance: Enterprise Risk Management (ERM), internal controls, SOX, GDPR, ISO 27001, NIST, policy development, risk assessments, audit readiness
  • Technical Tools: Microsoft Excel (Advanced), Power BI, Tableau, AuditBoard, NAVEX, Galvanize
  • Frameworks & Standards: ISO 27001, NIST CSF, COBIT, CIS Controls, PCI-DSS, HIPAA
  • Soft Skills: Stakeholder engagement, analytical thinking, regulatory reporting, training delivery, project management

Timeline

GRC Consultant

Fire Shot USA
03.2022 - Current

GRC Risk Manager

Ray Parker
08.2019 - 01.2022

GRC Analyst

Stream Technologies
04.2017 - 07.2019

John Hopkin University

Similar Profiles

  • Tammy T

    Tammy TTammy T

    CAPA Engineer at Fire Shot USACAPA Engineer at Fire Shot USA

    View Profile
  • YETUNDE JUNAID

    YETUNDE JUNAIDYETUNDE JUNAID

    Laboratory Research Assistant at Fire ShotLaboratory Research Assistant at Fire Shot

    View Profile
  • Savanna Colligan

    Savanna ColliganSavanna Colligan

    Part-Time Volunteer Assistant at Control Fire USAPart-Time Volunteer Assistant at Control Fire USA

    View Profile
Nnenna Chukwulebe