Arian Sheremeti

Principal GRC Architect

Bitsecura

GitHub LinkedIn Blog

About Me

I help organisations make sense of governance before it becomes a headline. Whether it's ISO certification, NIS2, DORA, SOC 2, or AI governance, my role is to turn complex frameworks into practical decisions and audit-ready proof.

I work with founders, security leaders, and boards to build governance that is defensible under scrutiny. That includes supporting certification and compliance outcomes, but without "compliance theatre". The aim is simple: controls that work in real life, risks that are understood, and documentation that tells a coherent story.

With 15+ years across start-ups, financial institutions, and critical-sector operators, I align technology, governance, and regulation so leaders can act with confidence and demonstrate progress. After years at PwC and Deloitte, I now run Bitsecura independently, which means you work directly with the person who owns the outcome.

Specializations

Audit & AssuranceCloud SecurityIncident ResponseOffensive SecurityRisk ManagementSecurity ArchitectureSecurity GovernanceSecurity OperationsThird-Party RiskVulnerability ManagementAI GovernanceCloud Governance

Languages & Tools

PowerShellPythonSQL

Frameworks

COBITCSA STAREU AI ActISO 27001ISO 42001NIST 800-53NIST AI RMFNIST CSFNIST RMFPCI-DSSSOC 2

Certifications

CISMCISAISO/IEC 42001:2023 Lead AuditorISO/IEC 27001:2022 Lead AuditorISO/IEC 27001:2022 Lead Implementer

Interested in working with Arian Sheremeti?

GitHub Profile Connect on LinkedIn Visit Blog