JOEL FLOOD
CISSP • CISA • CRISC • PMP
San Diego, CA
joel.flood@gmail.com
linkedin.com/in/joelflood
github.com/JoelF-GRC
Security & GRC Leader specialized in building scalable governance frameworks, maturing privacy programs, and leading high-performing technical teams.
Strategic Expertise
Leadership & Strategy
IT Strategy • Budget & Vendor Stewardship • Team Management • AI Governance
Governance & Compliance
ISO 27001 • SOC 2 Type II • NIST CSF • Data Privacy (GDPR/CCPA) • Security Culture & Awareness • SOX
Cloud & Technical Ops
Cloud Security (AWS/Azure) • Identity Governance (IAM) • Incident Response
Professional Experience
Senior Information Security Compliance Manager
Totara Learning
2024 – Present
Senior Security & Compliance Manager
RegEd
2023 – 2024
IT Director
Corient / Dowling & Yahnke
2022 – 2023
IT Manager
Corient / Dowling & Yahnke
2021 – 2022
Information Security Analyst
Corient / Dowling & Yahnke
2017 – 2021
IT Technician
Corient / Dowling & Yahnke
2015 – 2017
Technical GRC Projects
AWS Cloud Resume Challenge
- Architected a secure, serverless portfolio site (joelflood.com) using AWS Lambda, API Gateway, and DynamoDB, fully documented in GitHub.
- Implemented defense-in-depth using CloudFront HTTPS, OAC for S3 isolation, and granular IAM permissions for Lambda execution.
AWS Security & GRC Portfolio
- A technical portfolio aligning AWS configurations (EC2, S3, IAM, VPC) directly to GRC frameworks.
- Includes a mapped Risk Register, evidence collection procedures, and control documentation for audit readiness.
SaaS Mini-ISMS Template
- Developed a fully documented, sanitized ISO 27001:2022 ISMS for a remote-first SaaS company.
- Includes governance policies, Annex A technical controls, and risk assessment methodologies.
Professional Certifications
Education
- M.S., Cybersecurity & Information Assurance — Western Governors University
- Micro-MBA — UC San Diego Rady School of Management
- B.F.A. — University of the Arts