Skip to content

Hi, I am a Governance, Risk & Compliance professional.

Ryan Kershaw

I help organizations navigate complex security and regulatory requirements by building practical governance programs, managing risk, improving audit readiness, developing policies, and delivering security awareness training that empowers employees to become an active part of an organization’s security culture.

Governance. Risk. Compliance. Built on real-world IT experience.

Areas of Expertise

Compliance & Audit Readiness

Project Leadership

Preparing organizations to demonstrate compliance with confidence.

Governance & Policy

Program Development

Translating security requirements into practical business processes.

Leadership

Chair of Information Security Management Committee

Uniting stakeholders to strengthen governance and foster a culture of security.

Third-Party Risk Management

Process Improvement

Identifying and reducing vendor risk before it becomes a business problem.

My Journey

From Systems to Strategy

I started by understanding how businesses operate and the technology that enables them. I evolved into helping organizations protect, govern, and prove trust in that technology.

Business

Before technology, I learned the importance of understanding people, processes, and business objectives.

My experience in business development helped me develop the ability to communicate with stakeholders, understand organizational needs, and connect solutions to real-world challenges.

Foundation Built:

    • Relationship management
    • Business needs analysis
    • Stakeholder communication
    • Understanding customer priorities

Associated Role: Business Development Assistant (2016-2021); CMC Energy Services

Technology

I transitioned into IT to gain a deeper understanding of the systems that power modern organizations.

Supporting enterprise technology environments gave me hands-on experience with infrastructure, identity, applications, and the people who rely on them every day.

Foundation Built:

  • Systems administration
  • Microsoft 365 & Azure
  • Identity and access management
  • Enterprise support operations

Associated Role: Junior Systems Administrator (2021-2024); CMC Energy Services

Security

As my career progressed, I became focused on protecting the systems and information organizations depend on.

My IT background provided the technical foundation to understand security controls, assess risk, and support cybersecurity initiatives.

Focus Areas:

  • Security controls
  • Risk assessment
  • Data protection
  • Security awareness

Associated Role(s): Junior Systems Administrator (2021-2024); CMC Energy Services

Information Security Audit and Compliance Administrator (2024-Present); TRC Insights, LLC

Governnance
Building Trust

Today, I help organizations strengthen security, manage risk, and demonstrate compliance through practical governance.

By combining business understanding, technical knowledge, and security principles, I help translate requirements into actionable programs.

Current Focus:

  • HITRUST & SOC 2
  • Security governance
  • Policy development
  • Third-party risk management

Associated Role: Information Security Audit and Compliance Administrator (2024-Present); TRC Insights, LLC

Skills

🔍 Security Control Testing

Description

Evaluate and verify security controls to ensure they are effective, robust, compliant, and audit-ready.

📑 Security Policy Development

Description

Create and maintain clear, practical policies that align business operations with security and regulatory requirements.

📂 Audit Evidence Management

Description

Collect, organize, and validate defensible evidence to support successful internal and external audits.

🤝 Vendor Risk Assessments

Description

Assess third-party security practices and identify risks to help protect organizational data and operations.

🔐 Access Governance

Description

Manage user access and permissions to safeguard sensitive information and support least-privilege principles.

🎓 Security Awareness & Training

Description

Building a culture of security through engaging education and measurable improvements in user behavior.

You’ve reached the end. ⭐⭐⭐⭐⭐

✅ Resume reviewed
✅ Skills assessed
✅ Experience verified

Additional profile information available.

© 2026 Ryan Kershaw. All rights reserved