Skip to main content

Hello, I am

Osen Osagie

Cybersecurity GRC professional.

I help teams turn security requirements into clear controls, evidence, and action.

Professional portrait representing Osen Osagie's cybersecurity brand

About Osen

Cybersecurity, explained through governance.

I focus on the documentation, evidence, controls, and risk decisions that help organizations mature their security programs.

My goal is to make security work easier to understand, easier to own, and easier to improve.

Clarity

Plain-language reports and recommendations.

Evidence

Framework-aligned artifacts and traceability.

Business Fit

Security work shaped around practical ownership.

9+

case studies

8

framework areas

6

GRC skill groups

2

completed credentials

Cybersecurity Workflow

A practical GRC operating rhythm

I use a simple workflow that keeps the work understandable: assess the situation, map it to frameworks, document the evidence, and recommend improvements.

01

Assess

I clarify business context, risks, controls, and evidence gaps.

02

Map

I connect findings to frameworks like ISO 27001, NIST CSF, and CIS Controls.

03

Document

I turn the work into reports, registers, policies, and decision-ready artifacts.

04

Improve

I recommend practical next steps that teams can own and maintain.

Core Competencies

What I can help your team evaluate

I focus on practical GRC work: the policies, assessments, evidence, and reports that help security programs move with confidence.

Cybersecurity Governance

Developing policies, control expectations, and governance artifacts that help security programs operate with clarity.

Risk Management

Assessing business risk, documenting impact, and translating findings into prioritized treatment plans.

Compliance Readiness

Mapping requirements to practical evidence, controls, documentation, and audit-friendly reporting.

Internal Audit Support

Reviewing controls, identifying gaps, and presenting remediation recommendations in professional formats.

Vendor Risk

Evaluating third-party risk through questionnaires, control reviews, and business impact analysis.

Incident Preparedness

Supporting incident response planning with roles, escalation paths, communications, and lessons learned.

GRC Dashboard

The controls view I keep in mind

Strong GRC work should help teams see ownership, risk, evidence, and resilience without digging through scattered documents.

Governance

Policy, ownership, controls

Risk

Assessment, registers, treatment

Compliance

Framework mapping, evidence

Resilience

Incident and continuity planning

Osen reviewing GRC documentation and cybersecurity evidence

Featured Projects

Review the evidence behind my experience

These case studies show how I move from business context to methodology, deliverables, outcomes, and lessons learned.

View case studies

Governance

Governance Policy Development

A structured policy development engagement aligning security expectations with business objectives and recognized frameworks.

ISO 27001NIST CSFCIS Controls
Policy DevelopmentControl MappingTechnical Writing
View case study

Internal Audit

Internal Cybersecurity Audit

An internal assessment that reviewed security controls, documented gaps, and produced a prioritized remediation roadmap.

NIST CSFCIS ControlsISO 27001
Internal AuditGap AnalysisRisk Reporting
View case study

Risk Management

Enterprise Risk Assessment

A risk assessment project documenting assets, threats, likelihood, impact, and treatment options for management review.

CIS RAMNIST CSFISO 27001
Risk AssessmentRisk RegisterBusiness Impact Analysis
View case study

Professional Journey

How I am building into cybersecurity governance

My path is intentionally GRC-focused: learn the frameworks, apply them through structured projects, and keep improving the way I communicate risk.

  1. 2024

    Cybersecurity Internship

    Eretmis Academy

    Completed structured GRC-focused projects covering governance, internal assessment, risk management, awareness, and incident preparedness.

  2. 2024

    Certification Milestones

    ISC2 and Google

    Built foundational cybersecurity knowledge across principles, operations, frameworks, incident response, and governance.

  3. Ongoing

    Continuous Learning

    Professional Development

    Expanding expertise in ISO 27001, IT audit, vendor risk, business continuity, and AI security governance.

Skills & Certifications

The quick signal recruiters usually need

Here is the compact view: completed credentials, current learning direction, and the GRC skill groups I apply throughout the case studies.

Completed2024

ISC2 Certified in Cybersecurity (CC)

ISC2

Foundational cybersecurity certification covering security principles, incident response, access controls, risk, and governance concepts.

Credential: Available on request

Verification information
Completed2024

Google Cybersecurity Professional Certificate

Google Career Certificates

Practical program covering security operations, network security, Linux, SQL, Python, incident response, and security frameworks.

Credential: Available on request

Verification information

Governance

Security policy developmentPolicy reviewGovernance framework alignment

Risk Management

Risk assessmentRisk register developmentRisk treatment planning

Compliance

ISO 27001 alignmentNIST CSF mappingCIS Controls

Documentation

Technical writingExecutive summariesProcedures

Security Operations Support

Incident response planningVulnerability reviewBusiness continuity planning

Professional Skills

Stakeholder communicationAnalytical thinkingPresentation

Ready to review practical GRC experience?

Explore my case studies or get in touch about cybersecurity governance, risk, compliance, and audit-focused opportunities.