You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Magdalena KowalikMK

Magdalena Kowalik

ISO 27001 & SOX GRC Specialist

€350/day
Zielona Góra, PL
3-7 years

Average response time: 1 hour

About Magdalena

I help organisations bring clarity to cybersecurity, risk, and compliance - without overcomplicating it.

I’m an ISO 27001 & SOX-focused GRC specialist with hands-on experience supporting risk assessments, internal controls, audit readiness, and security governance in complex, regulated environments. My work sits at the intersection of technical risk and business decision-making: translating frameworks like ISO 27001, NIST, and SOX into clear, practical actions teams can actually implement.

Typical engagements include risk and control assessments, policy and framework development, audit preparation, evidence structuring, and executive-level summaries that support informed decision-making. I’m especially effective in environments that need structure, prioritisation, and calm guidance rather than noise or fear-driven security.
  • English

    Native or bilingual

  • Italian

    Fluent

  • Spanish

    Conversational

Remote only
Primarily works remotely

Experience

  • Qurate Retail Group
    Cybersecurity & IT Compliance Analyst
    September 2023 - Today (2 years and 11 months)
    Remote South, Euless, TX, USA
    Conducted risk assessments using the NIST Cybersecurity Framework, identifying and addressing critical security gaps, improving the organization's overall risk posture. Owned and maintained ISO 27001 -aligned ISMS components, including risk assessments, control mapping, evidence collection, and audit readiness, supporting successful internal and external audits. Achieved a 95% compliance rate through regular User Access Reviews (UAR) and Privileged Access Reviews (PAR), mitigating security risks in line with industry standards. Provided strategic insights to executive leadership on cybersecurity risks, ensuring alignment with SOX, GDPR, and ISO 27001 requirements. Drove third-party/vendor risk assessments by reviewing SOC 2 reports, ISO 27001 certifications, penetration test findings, and cloud security configurations. Collaborated with cross-functional teams to develop cybersecurity best practices, improving security awareness across departments by 40%.
    ISO 27001 SOX UAR ISMS SOC 2
  • Fluor Corporation
    IT Compliance Analyst
    December 2022 - August 2023 (8 months)
    Conducted security risk assessments and control testing, identifying and addressing 30 critical vulnerabilities, enhancing the company's risk management processes. Developed and facilitated security training programs, increasing awareness and adherence to security best practices by 25%. Coordinated SOX compliance audits with a 100% success rate, ensuring full regulatory compliance and mitigating operational risks. Monitored and reported on cybersecurity risk remediation efforts, ensuring timely resolution of identified vulnerabilities and compliance issues. Partnered with development teams to integrate Secure Development Lifecycle (SDLC) practices, reducing security vulnerabilities by 20%.
    Risk Management Vulnerability Management SOX SOC 2 Audit readiness

Recommendations

Be the first to recommend Magdalena

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Coventry University
    2019
  • WSB School of Banking
    2021

Skill set

Categories