diff --git a/engineers/neviarrawlinson.md b/engineers/neviarrawlinson.md new file mode 100644 index 0000000..64f3e69 --- /dev/null +++ b/engineers/neviarrawlinson.md @@ -0,0 +1,78 @@ +--- +name: "Neviar Rawlinson" +github: "neviarrawlinson" +specializations: + - "Audit & Assurance" + - "Compliance Automation" + - "Risk Management" + - "Security Governance" + - "Third-Party Risk" + - "AI Governance" + - "Cloud Governance" +title: "IT Governance Manager" +company: "ClearCaptions" +location: "Remote" +linkedin: "https://www.linkedin.com/in/neviarr/" +frameworks: + - "CMMC" + - "COBIT" + - "FedRAMP" + - "HIPAA" + - "ISO 27001" + - "NIST 800-53" + - "NIST AI RMF" + - "NIST CSF" + - "NIST RMF" + - "PCI-DSS" + - "SOC 2" +languages: + - "Bash" + - "Go" + - "JavaScript" + - "OSCAL" + - "PowerShell" + - "Python" + - "SQL" + - "Terraform" +available_for: + - "mentoring" + - "speaking" + - "consulting" + - "open-source" + - "freelance" + - "collaboration" +projects: + - name: "Enterprise GRC Library" + url: "https://github.com/neviarrawlinson/enterprise-grc-library" + description: "Developed a GitHub-based library of GRC templates, control mappings, glossaries, risk registers, and training resources for career changers and practitioners." + - name: "Enterprise Risk Acceptance Model" + url: "https://github.com/neviarrawlinson/enterprise-risk-acceptance-model" + description: "A practical, enterprise-ready unified risk acceptance framework designed for complex organizations. This model balances operational agility with structured governance, enabling organizations to simplify exception management while maintaining executive visibility and accountability." + - name: "Governance Systems Skills Library" + url: "https://github.com/neviarrawlinson/governance-systems-skills-library" + description: "Practical Claude-compatible skill packs for Governance Systems Engineering, change governance, RCA analysis, audit evidence, risk documentation, vendor risk, AI governance intake, and executive GRC reporting." +--- + +## About Me + +I got into GRC because I saw how often organizations had policies, frameworks, and audit requirements documented, but not always operationalized in a way that teams could consistently follow. I became interested in the space where governance meets real systems, workflows, evidence, and accountability. + +My current work focuses on IT governance, change management, RCA, audit readiness, compliance documentation, and building governance processes that are practical, measurable, and enforceable. I have hands-on experience creating SOPs, readiness checklists, governance dashboards, control documentation, and Jira-based workflows that support stronger decision-making and traceability. + +I am especially passionate about GRC Engineering, governance systems, and helping organizations move beyond static documentation into repeatable processes that generate evidence by design. I also enjoy helping career changers break into GRC by making complex frameworks, audit concepts, and compliance responsibilities easier to understand and apply. + +## Experience Highlights + +- Built and operationalized a Jira-based change management governance process +- Led CAB readiness reviews and enforced change approval criteria +- Created SOPs, governance standards, RCA templates, and audit-ready documentation +- Developed governance dashboards, reporting formats, and executive summaries +- Supported ITGC, audit evidence collection, access review follow-ups, and compliance documentation +- Created practical GRC portfolio projects focused on change management, risk, RCA, and governance systems +- Founded GRC-focused learning resources to help career changers build confidence and practical skills +- Focused on bridging traditional GRC with automation, workflow design, and evidence engineering + +## Get in Touch + +DM me on LinkedIn: https://www.linkedin.com/in/neviarr/ +You can also follow my work on GitHub: https://github.com/neviarrawlinson