GRC Specialist

Senior Risk Professional with extensive experience in Governance, Risk, and Compliance within the financial sector. I specialize in assessing risk, developing controls, and conducting independent testing across standards including SOC, SOX, GLBA, PCI DSS, GDPR, NIST, COSO, and ISO 27001.

AI Specialist

I build AI-powered tools to automate compliance tasks and improve efficiency — including Model Context Protocol servers, RAG pipelines, vector databases, and automated AI-based control assessments.

Experience

I hold a Bachelor of Science in Information Systems from the Marriott School of Business at BYU, and hold four active certifications: CISSP, CRISC, CISA, and Security+.

I spent over six years at Zion's Bancorporation as an Internal Control Testing Lead, where I led a team of testers conducting SOX and GLBA audits, built compliance automation tools end-to-end, and owned the entire control testing process.

I then joined Shopify as a Senior Security Engineer, where I developed AI solutions for SOC control operation, managed the annual SOC audit, and built automation to support the Trust Assurance program.

I currently work at Redo as a Principal AI Operations Engineer, where I build and maintain MCP server infrastructure, RAG pipelines, and automated AI-based control assessments — while also maintaining SOC 1, SOC 2, and GDPR compliance.

My Work

Take a look at some examples of my work

AI Agent: Fai

See the impact a well-built MCP tools can make by talking with a chatbot I built to answer questions about my career.

See the codebase

See the public codebase for this website and the tools that power it.

Model Context Protocol

Learn about Model Context Protocol and how it can improve your AI applications.

Questions?

If you have any questions, please feel free to reach out to me.