You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Benita UdoekaBU

Benita Udoeka

Cyber Security GRC Analyst

€1,171/day
London, GB
0-2 years

Average response time: 1 hour

About Benita

I'm a Governance, Risk and Compliance (GRC) Analyst with hands-on experience supporting compliance programmes across multiple frameworks and sectors. I hold a BSc in Economics and Business Information Systems and an MSc in Investment and Finance from Middlesex University — giving me a strong foundation in both technical GRC practice and business risk.
My primary specialism is ISO/IEC 27001:2022 — from gap assessments and risk registers to policy suites and audit preparation. I also work across NIST CSF, ISO 22301, PCI DSS, and UK GDPR/DPA 2018.
What I can deliver:

ISO 27001 gap assessments and control mapping
Risk register development and maintenance
Policy and procedure drafting (AUP, IRP, BCDR, Access Control, Data Protection)
UK GDPR compliance documentation — RoPA, DPIAs, retention schedules
Third-party/supplier risk assessments
Internal audit preparation and evidence gathering
Compliance dashboards and control tracking

I work across healthcare, financial services, retail, education, energy, and technology sectors. The core disciplines transfer — I apply the right regulatory lens for each environment.
I have 0–2 years of specialist GRC experience. I'm not the right fit for senior CISO-level engagements, but if you need structured, accurate GRC documentation and compliance support delivered professionally, I can do that well — at a rate that reflects my career stage.
Fully remote. Average response time under one hour.
  • English

    Native or bilingual

Remote only
Primarily works remotely

Experience

  • Cozins
    Cyber Security GRC Analyst
    January 2024 - Today (2 years and 6 months)
    Developed a comprehensive GRC portfolio demonstrating hands-on capability across governance, risk, and compliance disciplines, aligned to recognised industry frameworks.
    Governance & Framework Alignment
    • • Aligned organisational controls to ISO/IEC 27001 Annex A, identifying gaps and recommending remediation.
    • • Mapped security posture against NIST CSF domains (Identify, Protect, Detect, Respond, Recover).
    • • Contributed to ISO 22301-aligned Business Continuity documentation and governance structures.
    • • Designed policy hierarchy frameworks, including standards and procedures documentation.
    Risk Management
    • • Conducted structured security risk assessments identifying threats, vulnerabilities, likelihood, and impact.
    • • Maintained risk registers using qualitative scoring methodology; developed risk treatment plans with defined ownership.
    • • Monitored Key Risk Indicators (KRIs) and reported risk trends to senior stakeholders.
    • • Performed control gap analysis and recommended targeted remediation actions.

    Compliance & Regulatory Support
    • • Produced PCI DSS readiness documentation, including control mapping and compliance tracking templates.
    • • Developed GDPR artefacts: data processing records, data retention schedules, and DPIA templates.
    • • Supported internal compliance audits, documented audit findings, and tracked remediation progress.
    Third-Party Risk Management (TPRM)
    • • Developed supplier due diligence questionnaires aligned to ISO 27001 and PCI DSS.
    • • Created supplier risk scoring methodology and third-party onboarding/review process documentation.
    • • Supported ongoing vendor security assurance reviews.

    Policy & Documentation
    • • Drafted and maintained: Information Security Policy, Risk Management Policy, Access Control Policy, Incident Response Plan, BC/DR Plan, Acceptable Use Policy, Data Protection & Privacy Policy.
    Gap Assessment Third-Party Risk Risk analysis Policy Drafting IT-Security
  • Cyber & Technology Environment
    Scrum Master / Delivery Lead —
    January 2022 - January 2026 (4 years)
    Led cross-functional teams within security-focused and regulated delivery environments, with direct contributions to governance, risk visibility, and compliance maturity.
    • • Embedded risk identification and mitigation tracking within delivery workflows.
    • • Facilitated collaboration between IT, security, and business stakeholders to ensure regulatory alignment.
    • • Supported audit readiness through improved documentation, traceability, and change management controls.
    • • Introduced reporting dashboards, improving transparency of operational and compliance risks.
    • • Strengthened change management controls in regulated environments.

Recommendations

Be the first to recommend Benita

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • MSc
    Middlesex University
    MSc
  • BSc
    Middlesex University
    BSc

Categories