Jonathan Perez
Senior Cybersecurity Specialist, GRC Engineer
Assurit
Virginia, USA
Specializations
Languages & Tools
Frameworks
Certifications
Projects
Ingests raw vulnerability scan data, normalizes findings, maps to controls, and automates POA&M generation and lifecycle tracking.
About Me
I am a GRC engineer focused on building systems that reduce real security risk while minimizing compliance overhead. My work sits at the intersection of vulnerability management, cloud security, and control governance, with an emphasis on automation, data normalization, and repeatable workflows.
Rather than treating compliance as a documentation exercise, I design solutions that treat controls as measurable, testable system behaviors. My approach is to integrate directly with scanning tools, cloud platforms, and APIs to eliminate manual analysis and shift effort toward remediation and risk reduction.
I spend most of my time engineering solutions that translate raw security data into control-aligned decisions that engineers, ISSOs, and leadership can act on without friction.
Experience Highlights
- Built automation-first workflows that translate scanner and cloud findings into control-mapped risk objects and POA&M updates.
- Improved vulnerability management execution by focusing on remediation-driving governance, measurable closure validation, and operational reporting.
- Designed repeatable compliance evidence approaches that treat artifacts as system outputs rather than manual documentation.
Get in Touch
Feel free to reach out if you want to discuss GRC engineering, vulnerability management automation, OSCAL, or building compliance systems that prioritize real security outcomes.
- LinkedIn: https://www.linkedin.com/in/cyberjp/
- Website: https://securitybyjp.com/
Interested in working with Jonathan Perez?