Nelson Rosario
Los Angeles
About Me
Some people know me for my athletic prowess throughout the years, but what I try my best to embody is being reliable and thorough. I credit this mindset mostly to my military parents and to my time on various teams throughout my athletic career. A major thing that stuck with me from my time in the NFL is that the best ability is availability. As a GRC Engineer, my goal is to bring that same availability, reliability and discipline to automating cloud compliance for SaaS companies preparing for SOC 2, ISO 27001 & 42001, and PCI DSS audits. Bridging the gap between security frameworks and technical implementation by building automation that collects evidence from AWS, maps it to specific controls, and tracks remediation all in one place.
I am open to GRC Engineering, Security Compliance, and Cloud Security roles where I can help organizations automate their compliance programs.
I Am Based out of Los Angeles. UCLA Bruin Alumni. Avid fan of sports, tech, and all things knowledge. I am a very curious person who knows a lot of about seemingly random information. I love to help others understand things I may know from multiple perspectives. I can't help but to pass on what I know or how I process things.
Most of all I love genuine connections and value real quality time with loved ones. I have stories for days for a wide range of topics.
Outside of the obvious work related things, if you every want to talk sports and experiences feel free to hit me up and let's connect.
Get in Touch
Feel free to reach out through any of the links here or on my π Portfolio: nelsonrosariogrcportfolio.com
Specializations
Languages & Tools
Frameworks
Certifications
Projects
A portfolio-ready FastAPI application that helps SaaS teams and GRC consultants plan and track SOC 2 / ISO 27001 / PCI DSS readiness.
This lab implements a Python Lambda/script that validates every AWS region has at least one multi-region CloudTrail and writes a JSON evidence file to an S3 bucket.
Central dashboard orchestrating Config, Security Hub, and EventBridge rules for daily compliance evidence across accounts. Aggregates pass/fail data into an S3 compliance lake. Publishes executive-ready metrics to QuickSight. Extends automation suite toward ISO 42001 alignment.
This lab automates a recurring review of who can assume critical IAM roles across AWS accounts, using CloudTrail, Lambda, EventBridge, and S3 evidence reports. It supports ISO 27001 A.9.1.2 β Access to networks and network services by providing timestamped proof that only authorized principals can assume scoped roles.
This lab builds a monthly ZIP βaudit packβ of ISO 27001 evidence artifacts by collecting key reports from an S3 evidence bucket and packaging them into a single compressed file. The ZIP includes a README_AUDIT_PACK.txt that maps each file to the relevant ISO 27001 control. This supports ISO 27001 A.18.2.1 β Independent Review of Information Security by making it easy for auditors and management to review a consistent, timestamped bundle of technical evidence.
Interested in working with Nelson Rosario?