Yong "Bruce" Shim

Greetings,

I'm a seasoned (CISSP) Information Assurance /Cybersecurity/GRC/Privacy/Compliance Risk professional who has worked at Big 4 companies and SMBs performing risk management and compliance/regulatory work related to FedRAMP, SOC 2, ISO, etc.  I've worked in Cybersecurity /Compliance/IA/Risk Management for nearly 18 years.  I've worked with executive leadership and Engineering teams (and organizational teams) to develop risk register, policies, procedures, standards and implement security safeguard/controls.  I have also helped define the roadmap for a privacy program (i.e., GDPR).  I’ve also done work as an ISSO and ISSM during my time at Deloitte and as a federal employee at the Transportation Security Administration (TSA).  I've successfully helped multiple organizations obtain FedRAMP authorization. I also have strong Project Management/leadership experience and interpersonal skills.  In addition, I have a working understanding of the Agile lifecycle, application security, and cloud computing.  I'm very excited for this Sr GRC Manager opportunity.  I look forward to hearing back from you and telling you more about myself.  I'm also very eager to learn more about Salesforce, the culture, and the team.  Thank you for your consideration.

Sincerely,

Yong  “Bruce” Shim

Project Management, Compliance (FISMA, FedRAMP, SOC 2, etc.), Privacy, CyberSecurity, GRC Strategy, Cloud computing, Auditor/Advisor, Big4, SMBs, etc.

MS in MIS/INFOSEC

BS in Psychology