A community-driven directory of Governance, Risk, and Compliance (GRC) engineers.
Browse the Directory — search by specialization, framework, language, and availability.
| Name | Specializations | Frameworks | Links |
|---|---|---|---|
| Luigi Carpio | Compliance Automation, Cloud Security, Identity & Access Management | CJIS, FedRAMP, NIST 800-53, NIST CSF | GitHub, LinkedIn, Website |
| Anand Sundar | Cloud Security, Audit & Assurance, Compliance Automation, Identity & Access Management, Incident Response, Offensive Security, Privacy, Risk Management, Security Architecture, Security Governance, Security Operations, Third-Party Risk, Vulnerability Management | SOC 2, FedRAMP, CCPA, CJIS, CMMC, CMS ARC-AMPE, COBIT, CSA STAR, EU AI Act, GAO Green Book, GDPR, GovRAMP, HIPAA, HITRUST, IRS Pub 1075, ISO 27001, ISO 27017, ISO 27018, ISO 42001, NIST 800-53, NIST 800-171, NIST AI RMF, NIST CSF, NIST RMF, PCI-DSS, StateRAMP | GitHub, LinkedIn |
| Omiodjo Donadje | Cloud Security, Compliance Automation, Security Architecture | NIST 800-53, NIST CSF | GitHub, LinkedIn, Website |
| Jonathan Perez | Vulnerability Management, Cloud Security, Compliance Automation | NIST RMF, NIST CSF, NIST 800-53, FedRAMP, SOC 2, ISO 27001, IRS Pub 1075, COBIT, GAO Green Book, CMS ARC-AMPE, CMMC | GitHub, LinkedIn |
| Jessica Barnwell | Audit & Assurance, Cloud Security, Compliance Automation, Identity & Access Management, Incident Response, Risk Management, Security Operations | HIPAA, HITRUST, ISO 27001, NIST 800-53, NIST 800-171 | GitHub, LinkedIn |
| John Bommeraveni Joseph | Audit & Assurance, Compliance Automation, Identity & Access Management, Privacy, Risk Management, Security Governance, Third-Party Risk, Vulnerability Management, AI Governance, Cloud Governance | GDPR, HIPAA, ISO 27001, ISO 42001, NIST AI RMF, NIST CSF, NIST RMF, PCI-DSS, SOC 2 | GitHub, LinkedIn |
| Sharaden Cole | Audit & Assurance, Cloud Security, Compliance Automation, Identity & Access Management, Privacy, Risk Management, Security Architecture, Security Governance, Third-Party Risk | FedRAMP, HIPAA, HITRUST, ISO 27001, NIST 800-53, NIST 800-171, NIST CSF, NIST RMF, PCI-DSS, SOC 2 | GitHub, LinkedIn |
| Mamta Sakuja | Audit & Assurance, Cloud Security, Security Governance, AI Governance, Cloud Governance | FedRAMP, GovRAMP, HIPAA, HITRUST, ISO 27001, ISO 27017, ISO 27018, NIST 800-53, NIST 800-171, NIST CSF, NIST RMF, PCI-DSS, SOC 2, StateRAMP | GitHub, LinkedIn |
| MaryAnna Moore | Identity & Access Management, Incident Response, Security Operations, Vulnerability Management | GDPR, HIPAA, NIST 800-53, NIST 800-171, NIST RMF, PCI-DSS, SOC 2 | GitHub, LinkedIn |
| Orlando Pizarro | Audit & Assurance, Compliance Automation, Risk Management, Security Governance, AI Governance, Cloud Governance | CMMC, FedRAMP, NIST 800-53, NIST 800-171, NIST AI RMF, NIST CSF, NIST RMF | GitHub, LinkedIn |
| Steven Smith | Privacy, Risk Management, Security Architecture, Security Governance, Data Protection, Encryption & Masking | CMMC, HIPAA, HITRUST, ISO 27001, NIST 800-53, NIST 800-171, NIST CSF, NIST RMF, PCI-DSS, SOC 2 | GitHub, LinkedIn |
| Toyeeb Atanda | AI Governance, Audit & Assurance, Cloud Security, Compliance Automation, DevSecOps, Identity & Access Management, Privacy, Risk Management, Security Governance, Third-Party Risk | CMMC, COBIT, EU AI Act, FedRAMP, GDPR, HIPAA, HITRUST, ISO 27001, ISO 42001, NIST 800-53, NIST 800-171, NIST AI RMF, NIST CSF, NIST RMF, PCI-DSS, SOC 2 | GitHub, LinkedIn |
| Tynesha Cross | Audit & Assurance, Compliance Automation, Identity & Access Management, Risk Management, Security Governance, Third-Party Risk | GDPR, HIPAA, ISO 27001, ISO 27017, NIST 800-53, NIST AI RMF, NIST CSF, NIST RMF, PCI-DSS, SOC 2 | GitHub, LinkedIn |
| Zahid Kamil | Cloud Security, Compliance Automation, Risk Management, Security Governance | CJIS, CMS ARC-AMPE, IRS Pub 1075, NIST 800-53 | GitHub, LinkedIn |
| Akeem Williams | GRC Engineering, AI Governance, Compliance Automation, Cloud Security, Risk Management, Audit & Assurance, Third-Party Risk, Privacy | ISO 42001, ISO 27001, SOC 2, PCI-DSS, NIST CSF, NIST RMF, NIST 800-53, GDPR, CCPA, HIPAA, NIST AI RMF, EU AI Act | GitHub |
| AJ Yawn | Audit & Assurance, Cloud Security, Compliance Automation, Risk Management, Security Governance, AI Governance | CCPA, CSA STAR, FedRAMP, HIPAA, HITRUST, ISO 27001, ISO 27017, ISO 27018, ISO 42001, NIST 800-53, NIST 800-171, NIST AI RMF, NIST CSF, NIST RMF, SOC 2 | GitHub, LinkedIn |
| ANDERSON ANTHONY | Cloud Security, Compliance Automation, Identity & Access Management, Incident Response, Privacy, Risk Management, Security Architecture, Security Governance, Third-Party Risk, Cloud Governance, Salesforce Security, Salesforce Compliance | GDPR, HIPAA, ISO 27001, NIST 800-53, NIST CSF, NIST RMF, SOC 2 | GitHub, LinkedIn |
| Angeline Williams | Audit & Assurance, Cloud Security, Compliance Automation, Privacy, Risk Management, Security Governance, Third-Party Risk | GDPR, ISO 27001, ISO 42001, NIST 800-53, NIST CSF, PCI-DSS, SOC 2 | GitHub, LinkedIn |
| Ashley Pearce | Compliance Automation, Risk Management, Security Governance | CMMC, FedRAMP, GovRAMP, ISO 27001, NIST 800-53, NIST 800-171, NIST AI RMF, NIST CSF, NIST RMF | GitHub, LinkedIn |
| Arian Sheremeti | Audit & Assurance, Cloud Security, Incident Response, Offensive Security, Risk Management, Security Architecture, Security Governance, Security Operations, Third-Party Risk, Vulnerability Management, AI Governance, Cloud Governance | COBIT, CSA STAR, EU AI Act, ISO 27001, ISO 42001, NIST 800-53, NIST AI RMF, NIST CSF, NIST RMF, PCI-DSS, SOC 2 | GitHub, LinkedIn |
| James Gilchrest | Security Operations, Risk Management, Security Governance | NIST 800-53, CMMC | GitHub, LinkedIn |
| Debjyoti Mukherjee | Cloud Governance, Cloud Security, Compliance Automation, Risk Management, Security Governance | CSA STAR, EU AI Act, FedRAMP, ISO 27001, ISO 42001, NIST 800-53, NIST AI RMF, NIST CSF, NIST RMF | GitHub, LinkedIn |
| Dex-Xavier Copeland | Cloud Security, Compliance Automation | IRS Pub 1075, NIST 800-53, NIST CSF, NIST RMF, NIST AI RMF, ISO 27001, ISO 42001 | GitHub, LinkedIn, Website |
| Danielle Koppel | Audit & Assurance, Privacy, Risk Management, Security Architecture, Security Governance, Security Operations, Third-Party Risk, Vulnerability Management | HIPAA, HITRUST, NIST 800-53, NIST RMF, PCI-DSS | GitHub, LinkedIn |
| Ethan Troy | Compliance Automation, Cloud Security, Security Architecture, Offensive Security | FedRAMP, NIST 800-53, NIST CSF, SOC 2, CMMC | GitHub, LinkedIn |
| Funke Omolere | Audit & Assurance, Compliance Automation, Incident Response, Offensive Security, Privacy, Risk Management, Security Governance, Third-Party Risk, AI Governance, Cloud Governance | EU AI Act, GDPR, ISO 27001, ISO 27017, ISO 27018, ISO 42001, NIST 800-53, NIST 800-171, NIST AI RMF, PCI-DSS, SOC 2 | GitHub, LinkedIn |
| Garima Kakkar | Audit & Assurance, Compliance Automation, Privacy, Risk Management, Security Governance, Third-Party Risk, AI Governance, Cloud Governance | CCPA, EU AI Act, GDPR, ISO 27001, ISO 42001, NIST 800-53, NIST AI RMF, SOC 2 | GitHub, LinkedIn |
| Gregory Wilson | Audit & Assurance, Cloud Security, Compliance Automation, Identity & Access Management, Security Architecture, Security Operations, Vulnerability Management, DevSecOps, Zero-Touch Compliance | CSA STAR, ISO 27001, NIST 800-53, PCI-DSS | GitHub, LinkedIn |
| Pradeep Reddy | Audit & Assurance, Compliance Automation, Risk Management, Security Governance, Third-Party Risk, AI Governance, Cloud Governance | FedRAMP, GDPR, HIPAA, HITRUST, ISO 27001, ISO 42001, NIST 800-53, NIST 800-171, NIST AI RMF, NIST CSF, NIST RMF, PCI-DSS, SOC 2, StateRAMP | GitHub, LinkedIn |
| Ruben Clarke | Audit & Assurance, Risk Management, Security Governance, Vulnerability Management | GDPR, ISO 27001, ISO 42001, NIST 800-53 | GitHub, LinkedIn |
| Jonathan Steward | Audit & Assurance, Compliance Automation, Risk Management, Third-Party Risk, AI Governance | ISO 27001, NIST CSF, NIST RMF, SOC 2 | GitHub, LinkedIn |
| Jose Rodriguez | Audit & Assurance, Cloud Security, Compliance Automation, Identity & Access Management, Incident Response, Privacy, Risk Management, Security Architecture, Security Governance, Security Operations, Third-Party Risk, Vulnerability Management, AI Governance, Cloud Governance, DevSecOps | CMMC, FedRAMP, HIPAA, NIST 800-53, NIST 800-171, NIST AI RMF, NIST RMF | GitHub, LinkedIn |
| John Flack | Audit & Assurance, Cloud Security, Compliance Automation, Risk Management, Security Architecture, Security Governance, Third-Party Risk, Vulnerability Management, AI Governance, IBM i, AIX, Solaris 11, Linux, VMWare, COBOL, Financial Modeling | COBIT, CSA STAR, HIPAA, HITRUST, ISO 27001, ISO 27701, ISO 31000, ISO 42001, NIST AI RMF, NIST RMF, PCI-DSS, SOC 2 | GitHub, LinkedIn |
| Kyle Cain | Cloud Security, Compliance Automation, Identity & Access Management, Risk Management, Security Architecture, Security Governance, Security Operations, Third-Party Risk, Vulnerability Management | CMMC, FedRAMP, GovRAMP, ISO 27001, ISO 42001, NIST 800-53, NIST 800-171 | GitHub, LinkedIn |
| Fola Falusi | Audit & Assurance, Cloud Security, Compliance Automation, Offensive Security, Risk Management, Security Architecture, Security Governance, Security Operations, Vulnerability Management | ISO 27001, NIST 800-53, NIST CSF, NIST RMF, PCI-DSS | GitHub, LinkedIn |
| Kurtes Allen | Audit & Assurance, Cloud Security, Compliance Automation, Privacy, Risk Management, AI Governance, Cloud Governance, GRC Engineering | ISO 27001, ISO 42001, NIST 800-53, NIST CSF, NIST RMF, PCI-DSS, SOC 2 | GitHub |
| Laithe Jamal Reece | Compliance Automation, Risk Management, Third-Party Risk | NIST 800-53, NIST RMF, PCI-DSS | GitHub, LinkedIn |
| Nelson Rosario | Audit & Assurance, Cloud Security, Compliance Automation, Identity & Access Management, Risk Management, Security Governance | ISO 27001, ISO 42001, NIST 800-53, PCI-DSS, SOC 2 | GitHub, LinkedIn |
| Brian Montiel | Cloud Security, Compliance Automation, Offensive Security | SOC 2, FedRAMP, GovRAMP, NIST 800-53 | GitHub, LinkedIn, Website |
| Robert E. Wiley Jr. | Risk Management, Security Governance, Third-Party Risk | CJIS, CMMC, FedRAMP, GovRAMP, IRS Pub 1075, ISO 27001, ISO 42001, NIST 800-53, NIST 800-171, NIST AI RMF, NIST CSF, NIST RMF, StateRAMP | GitHub |
| Jeffrey Collins | Audit & Assurance, Cloud Security, Compliance Automation, Incident Response, Privacy, Risk Management, Security Architecture, Security Governance, Security Operations, Third-Party Risk, AI Governance, Cloud Governance | CMMC, EU AI Act, FedRAMP, GDPR, ISO 27001, ISO 42001, NIST 800-53, NIST 800-171, NIST AI RMF, NIST CSF, NIST RMF | GitHub, LinkedIn |
| Shayl Taveras | Audit & Assurance, Cloud Security, Compliance Automation, Privacy, Risk Management, Security Governance, Vulnerability Management, AI Governance, Cloud Governance | CMMC, FedRAMP, GovRAMP, HIPAA, HITRUST, ISO 27001, NIST 800-53, NIST 800-171, NIST RMF, PCI-DSS, SOC 2 | GitHub, LinkedIn |
The easiest way is to use the submission form on the site — it walks you through creating your profile and opens a PR automatically.
You can also fork this repo, copy engineers/_template.md to engineers/{your-github-username}.md, fill it out, and submit a PR. See CONTRIBUTING.md for details.
- Validation — PRs with new engineer profiles are automatically validated for required fields
- README — the engineer table above is auto-generated from profile files on each push
- Deploy — the site rebuilds and deploys to GitHub Pages automatically
Built with Eleventy and deployed on GitHub Pages.
CC0 1.0 Universal — Public Domain Dedication. See our Code of Conduct.