TemplateA ready-made website. Make it yours in a click.
Copy this website

Daniel Kim

Senior GRC Analyst at Salesforce

Summary

Experience

Senior GRC AnalystSalesforce
San Francisco, CAJul 2020Present
  • Led SOC 2 Type 2 audits for 5+ product lines, reducing audit findings by 30% through proactive control implementation and evidence collection.
  • Developed and managed the enterprise risk register, identifying 75+ critical risks and implementing mitigation strategies that decreased overall risk exposure by 25%.
  • Automated compliance reporting processes using ServiceNow GRC, cutting weekly reporting time by 15 hours and improving data accuracy by 90%.
  • Authored and updated 10+ security policies and standards aligned with NIST CSF, ensuring compliance across 3000+ employees.
  • Conducted 20+ vendor security assessments annually, ensuring third-party compliance with internal security requirements and reducing supply chain risk.
GRC AnalystCisco
San Jose, CAJul 2018Jun 2020
  • Supported HIPAA and GDPR compliance initiatives for cloud services, contributing to a 100% successful external audit rate for regulated products.
  • Assisted in the design and implementation of security controls, resulting in a 15% improvement in vulnerability remediation rates.
  • Maintained security awareness training for 5000+ employees, achieving a 95% completion rate and a 10% reduction in phishing incident reports.
  • Performed quarterly internal audits of critical infrastructure, identifying and documenting 25+ control gaps and recommending remediation actions.

Projects

Education

University of California, BerkeleyB.S. in Cybersecurity & Privacy
Berkeley, CASep 2013May 2017
  • Graduated Cum Laude with a GPA of 3.7/4.0.
  • Relevant coursework included Information Security Management, Network Security, and Cryptography.
  • Participated in the Cyber Defense Club, securing 3rd place in the regional collegiate competition.

Skills

GRC Frameworks
NIST CSFISO 27001SOC 2HIPAAGDPRPCI DSSSOX
Risk Management
Enterprise Risk ManagementThird-Party Risk ManagementSecurity AssessmentVulnerability ManagementBusiness Continuity Planning
Compliance Tools
ServiceNow GRCArcherLogicManagerJiraConfluence
Security Controls
Access ControlData Loss PreventionIncident ResponseSecurity ArchitectureCloud Security (AWS, Azure)
Audit & Reporting
Internal AuditExternal Audit LiaisonCompliance ReportingPolicy DevelopmentRemediation Planning