Summary
Overview
Work History
Education
Skills
Websites
Certification
Timeline
LEADERSHIP EXPERIENCE
Generic

Joshua Stevens

Raleigh,NC

Summary

Experienced Security Risk & Compliance professional with over 10 years in governance, risk, compliance (GRC), security engineering, and cloud security. Led risk assessments, third-party risk programs, and audits aligned with NIST 800-53, ISO 27001, SOC, and PCI standards. Translated complex security risks into actionable recommendations for executive leadership. Managed vulnerability assessments and enhanced organizational security posture through effective risk management strategies.

Overview

2027
2027
years of professional experience
1
1
Certification

Work History

Senior Security Risk & Compliance Analyst

XYLEM INC
Raleigh, NC
03.2022 - Current
  • Lead enterprise third-party risk management activities, conduct security assessments for 60+ vendors and ensure alignment with NIST 800-53, ISO 27001, and regulatory requirements.
  • Develop and present security risk assessments, findings, and recommendations to senior leadership and board stakeholders.
  • Build and automate compliance and risk reporting frameworks, improving executive visibility into enterprise risk.
  • Built and automated compliance and risk reporting frameworks, enhancing executive visibility into enterprise risk.
  • Lead government-focused security assessments utilizing NIST frameworks across multiple agencies.
  • Streamline audit processes and governance procedures, reducing audit cycle times by 20%.
  • Conducted system security assessments and provided actionable recommendations to strengthen control effectiveness and mitigate risk exposure.
  • Partnered with business and technology teams to develop risk-based remediation strategies that address identified vulnerabilities.
  • Design and deliver a security awareness and training program for 500+ employees, significantly increasing regulatory knowledge and strengthening security culture.
  • Deliver security guidance and best practices to internal stakeholders, translating technical risks into business-focused outcomes.

SECURITY CONSULTING ENGINEER

CISCO SYSTEMS
Raleigh, NC
07.2020 - 02.2022
  • Conducted enterprise security assessments and architecture reviews, identifying vulnerabilities and mitigating potential threats by 50%.
  • Conducted enterprise security assessments and architecture reviews, identifying vulnerabilities and reducing potential threats by up to 50%.
  • Led vulnerability management initiatives that significantly reduced critical security findings across enterprise environments.
  • Implemented advanced security solutions and validation processes, achieving a 99.9% delivery success rate.
  • Delivered client-facing security guidance aligned with business objectives and risk management goals.
  • Delivered security guidance to clients, aligning recommendations with business objectives and risk management goals.

Risk Manager

CISCO SYSTEMS
Raleigh, NC
02.2019 - 07.2020
  • Developed risk mitigation strategies that reduced potential financial exposure by more than $2M.
  • Led enterprise risk assessments across supply chain, extranet, cloud, and data center environments.
  • Directed internal audit and compliance initiatives aligned with ISO 27001, SOC 1, SOC 2, and PCI requirements.
  • Managed end-to-end SOC 2 audit activities, guiding engineering teams through evidence collection and audit readiness.
  • Conducted PCI audits and reviewed 50+ third-party SOC reports to strengthen vendor risk management controls.
  • Led annual certification and compliance programs, ensuring successful audit outcomes.

SECURITY ENGINEER/PARTNER SECURITY ARCHITECT

CISCO SYSTEMS
Raleigh, NC
09.2016 - 02.2019
  • Led security assessments for more than 200 applications, including architecture reviews, code analysis, and penetration testing.
  • Executed vulnerability assessments across 50+ applications, addressing 90% of critical findings within tight deadlines.
  • Performed cloud security architecture reviews for 50+ vendors, reducing risk exposure by 40%.
  • Delivered cloud governance and security best-practice guidance, enhancing regulatory compliance by 30%.
  • Partnered with engineering teams to enhance application and infrastructure security controls.
  • Awarded the GATS Horizon Award for outstanding contributions to enterprise security improvements.

Park Ranger

City Of Miami Beach
Miami Beach, FL

Protective Security Officer

Alutiiq Security
Miami, FL

Security Officer

G4S Secure Solutions USA
Miami, FL

Field Radio Operator

US Marines Corps
Miami, FL

Education

Master of Science - SOFTWARE ENGINEERING SPECIALIZING CYBERSECURITY

San Jose State University
San Jose, CA
12-2019

BS - INFORMATION TECHNOLOGY, MINOR, ADMINISTRATION TECHNOLOGY

Barry University
Miami, FL
12-2015

Skills

  • Risk Assessment
  • Security Audits
  • Vulnerability Assessment
  • Network Security
  • Cloud Security
  • Burp Suite
  • Security Architect
  • Kali Linux
  • Compliance Management
  • Auditing techniques
  • Documentation review
  • Physical Security
  • Logistics and Planning
  • Cybersecurity Governance
  • Stakeholder Engagement
  • Compliance auditing
  • Documentation analysis

Certification

  • Certificate in Secure Test
  • Advanced Certificate in Secure Software Engineering
  • Advanced Certificate in Cybersecurity Engineering
  • WhiteHat Security Certified Secure Developer
  • Amazon Web Service Cloud Practitioner
  • Network Pro
  • Security Pro
  • Python 3
  • Amazon Certified Security
  • Cisco Certified DevNet Associate
  • ISO 27001 Lead Auditor Certified
  • Qualys Certified Specialist
  • Cisco Certified Network Associate
  • Cisco Cybercops Associate
  • Certified Information Security Manager
  • Exercising Leadership: Foundational Principles
  • Cisco Certified Specialist- Security Core
  • Certified Information Systems Auditor
  • Advanced in AI Audit
  • Business Leadership

Timeline

Senior Security Risk & Compliance Analyst

XYLEM INC
03.2022 - Current

SECURITY CONSULTING ENGINEER

CISCO SYSTEMS
07.2020 - 02.2022

Risk Manager

CISCO SYSTEMS
02.2019 - 07.2020

SECURITY ENGINEER/PARTNER SECURITY ARCHITECT

CISCO SYSTEMS
09.2016 - 02.2019

Protective Security Officer

Alutiiq Security

Security Officer

G4S Secure Solutions USA

Field Radio Operator

US Marines Corps

BS - INFORMATION TECHNOLOGY, MINOR, ADMINISTRATION TECHNOLOGY

Barry University

Park Ranger

City Of Miami Beach

Master of Science - SOFTWARE ENGINEERING SPECIALIZING CYBERSECURITY

San Jose State University

LEADERSHIP EXPERIENCE

  • SUNCREST VILLAGE HOA Raleigh, NC President Jan 2021 - Present
  • Chaired monthly meetings, provide feedback to enhance future performance and outcome
  • Improved operations by working with team members and customers to find workable solutions.
  • Achieved cost savings by developing functional solutions to current contract problems.
  • Improved Association budget by streamlining operations and workflow and negotiating competitive vendor contracts.
  • Improve customer satisfaction by finding creative solutions to problems.
  • Approve agendas and communication materials for planning/training meetings.
  • Provided excellent service and attention to customers when face-to-face or through phone conversation.
  • Worked closely with the board of directors and management team members to deliver project requirements, and develop solutions. and meet deadlines.
Joshua Stevens