You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
Rosemary A.RA

Rosemary A.

GRC Analyst | ISO27001,SOC 2 Compliance Specialist

€347/day
Sheffield, GB
3-7 years
ISO 27001
NIST
GRC (Governance, Risk and Compliance)
PCI DSS
Risk Management

Average response time: 1 hour

About Rosemary

I help businesses make sense of risk and compliance—without the jargon or unnecessary complexity. As a GRC analyst, I turn regulatory requirements into clear, practical actions so you can stay compliant and move forward with confidence.

From risk assessments and control testing to policy writing and audit readiness, I support organisations at every stage of their GRC journey. Whether you’re building a framework from scratch or tightening up existing processes, I focus on solutions that actually work in the real world.

What makes me different? I don’t just point out risks—I help you fix them in a way that fits your business. Clear, pragmatic, and aligned with your goals.
Banking and Financial Services
E-commerce
Healthcare Providers
Digital and IT Services
Telecommunications

  • English

    Native or bilingual

Remote only
Primarily works remotely

Experience

  • SecureNet Dynamics Ltd.
    Risk & Compliance Specialist
    October 2022 - August 2023 (10 months)
    • Led third-party risk assessments for over 15 vendors, reducing vendor-related security risks by 20% and ensuring contract compliance.
  • Freelancer
    GRC Analyst
    August 2023 - Today (2 years and 10 months)
    • Provided tailored GRC solutions for clients in e-commerce, finance and healthcare industries.
    • Developed a comprehensive risk assessment framework that reduced compliance gaps by 30%, improving audit scores.
    • Implemented automated compliance monitoring tools, enhancing reporting efficiency by 40% and reducing manual workload.
    • Conducted internal audits for regulatory frameworks (e.g., SOX, COBIT, PCI DSS), improving audit readiness and reducing findings by 25%.
    • Led a policy enhancement initiative, aligning corporate governance policies with ISO 27001 and improving security posture.
    • Collaborated with IT teams to strengthen data governance controls, reducing unauthorized access incidents by 20%.
    ISO 27001 SOC2 GRC (Governance, Risk and Compliance) Regulatory Compliance (ISO 27001, NIST, GDPR) Third-Party Risk Management (TPRM) & Vendor Due Diligence
  • PwC
    Compliance Analyst
    February 2022 - October 2022 (8 months)
    • Assessed policy effectiveness and recommended strategic improvements that increased regulatory compliance by 15%.
    • Developed compliance tracking dashboards, reducing reporting errors by 50% and improving leadership visibility on risk trends.
    • Reviewed data privacy policies to ensure alignment with GDPR and CCPA, mitigating data protection risks and strengthening customer trust.
    • Collaborated with legal teams to implement updated privacy controls, reducing potential legal risks by 30%.

Recommendations

Be the first to recommend Rosemary

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Master of Laws
    Sheffield Hallam University
    Master of Laws
  • Completion of Personalized Mentorship in GRC
    Bugfreak Academy.
    Completion of Personalized Mentorship in GRC
Check out Rosemary's education

Skill set

Regulatory Compliance (ISO 27001, NIST, GDPR)
Third-Party Risk Management (TPRM) & Vendor Due Diligence
IAM
Qualys
Risk analysis
Enterprise Risk Assessment & Risk Management
Risk and Vulnerability Assessment
SOC2

Categories