Ngwesse Ewane
Aspiring GRC Analyst | Risk & Compliance Professional
Calgary
Summary
Experienced GRC Analyst with a strong foundation in governance, risk management, compliance, and cybersecurity. Certified in GRCP, GRCA, CompTIA Security+, and Google Cybersecurity Professional Certificate. Proven ability to apply frameworks, manage risks, and ensure compliance. Skilled Scrum Master with leadership capabilities and a passion for enabling organizations to build resilient and secure operations. Eager to secure an entry-level GRC role to contribute to a company's risk and compliance objectives.
Overview
3
3
years of professional experience
3
3
years of post-secondary education
5
5
Certifications
2
2
Languages
Work History
Freelance GRC Analyst
Self-Employed
Calgary
07.2024 - Current
- Developed compliance documentation and conducted gap analysis using CIS Controls.
- Guided small businesses on privacy laws (PIPEDA) and risk registers.
- Conducted cybersecurity risk assessments for small businesses, focusing on identifying vulnerabilities, control gaps, and compliance risks.
- Developed and implemented security policies, procedures, and standards aligned with industry frameworks (ISO 27001, NIST CSF/RMF PCI DSS SOC 2).
- Assisted clients in building compliance documentation, including Acceptable Use Policies (AUP), Incident Response Plans, and Business Continuity Plans.
- Performed vendor risk assessments by evaluating third-party security practices and compliance with privacy regulations (PIPEDA, GDPR basics).
- Provided advisory on data protection best practices and conducted privacy impact assessments for small business clients.
- Facilitated security awareness training sessions for client teams, improving overall security posture and compliance readiness.
- Conducted gap analysis to benchmark existing controls against regulatory and framework requirements.
- Supported internal audit preparation by gathering evidence, documenting processes, and tracking remediation efforts.
- Assisted startups in understanding regulatory obligations (SOC 2 readiness, basic ITGC controls).
- Collaborated with cross-functional stakeholders to align security initiatives with business objectives.
President
SOBA Calgary
Calgary, Alberta
10.2023 - Current
- Lead a non-profit community organization, managing strategic initiatives and fostering inclusive programs.
- Organized outreach activities promoting well-being, inclusion, and community engagement.
- Directed fundraising efforts and coordinated with key stakeholders to enhance community support services.
Scrum Master
Tripnologies Inc
Calgary, Alberta
01.2022 - 07.2024
- Facilitated agile practices and continuous improvement for cross-functional teams.
- Supported project delivery through effective sprint planning, risk identification, and issue resolution.
- Coached teams on collaboration and transparency, improving delivery timelines and team morale.
- Exhibits the behaviors of a Lean-Agile Leader with a Lean-Agile Mindset. Helps the team embrace Agile and Scrum Values, adopt and apply Agile Principles, and implement Scrum practices.
- Support the teams’ rules of Scrum, Built-In Quality practices from Extreme Programming (XP), Work in Process (WIP) limits from Kanban, and any other process rules the team has agreed.
- Facilitated the team’s progress toward team goals.
- Lead team efforts in relentless improvement.
- Facilitated team events, including the Daily Stand-up, Sprint Planning, Sprint Review, and Sprint Retrospective, ensured they are productive and kept within the timebox.
- Supported the Product Owner in their efforts to manage the backlog and guide the team while facilitated a healthy team dynamic with respect to priorities and scope.
- Facilitated the removal of impediments.
- Build a high-performing team.
GRC Compliance Volunteer
Small Business / Nonprofit
Calgary, Alberta
02.2024 - 06.2024
- Conducted basic risk assessments aligned with ISO 27001 & NIST frameworks.
- Assisted in policy creation, internal audits, and awareness training.
Education
Some College (No Degree) -
Institutute of IT Training
Calgary, AB 08.2023 - 01.2024
Software Manual Testing - undefined
IOFIT
Cyber security foundations - Governance Risk and Compliance
Linkedln Learning
Calgary, AB 05.2025 - 05.2025
Implementing the NIST RISK management framework -
Linkedln Learning
Calgary, AB 05.2025 - 05.2025
Api security for PCI compliance -
APIsec University Online
Calgary, AB 07.2023 - 07.2025
OWASP Api Security Top 10 -
Apisec University Online
Calgary, AB 06.2023 - 07.2023
Skills
- Governance, Risk & Compliance (GRC) Fundamentals
- Cybersecurity Awareness & Risk Mitigation
- Policy & Compliance Documentation
- Risk Assessment & Audit Support
- Security Frameworks (NIST, ISO 27001, CIS Controls)
- Stakeholder Communication & Reporting
- Agile Methodologies & Scrum Practices
- Team Collaboration & Leadership
- Incident Response Basics
- Process Improvement & Documentation
- Stakeholder Engagement
- Agile GRC
- Compliance auditing
- Software Manual testing
Agile project management
Continuous improvement
Incident response planning
Certification
Governance, Risk, and Compliance Professional (GRCP), OCEG
Professional Development
Continuous self-learning in GRC, cybersecurity frameworks, and risk management through courses, webinars, and industry resources.
Tools
Jira & Confluence (Agile Project Management), Microsoft Office Suite (Excel for Risk Registers, PowerPoint for Reports), Google Workspace (Docs, Sheets for Compliance Documentation), Nessus Essentials (Vulnerability Scanning Basics), Nmap, Wireshark (Basic Network Traffic Analysis)
Accomplishments
Conducted cybersecurity risk assessments and gap analyses for small businesses, aligning with ISO 27001 and NIST CSF frameworks.
Developed and maintained risk registers, tracking mitigation actions and improving organizational risk visibility.
Assisted in drafting and updating security policies, ensuring compliance with data protection regulations (PIPEDA).
Facilitated security awareness training sessions, enhancing team understanding of cybersecurity best practices.
Supported audit preparation by organizing compliance documentation and coordinating with internal stakeholders.
Timeline
Cyber security foundations - Governance Risk and Compliance
Linkedln Learning
05.2025 - 05.2025
Implementing the NIST RISK management framework -
Linkedln Learning
05.2025 - 05.2025
Freelance GRC Analyst
Self-Employed
07.2024 - Current
GRC Compliance Volunteer
Small Business / Nonprofit
02.2024 - 06.2024
President
SOBA Calgary
10.2023 - Current
Some College (No Degree) -
Institutute of IT Training
08.2023 - 01.2024
Api security for PCI compliance -
APIsec University Online
07.2023 - 07.2025
OWASP Api Security Top 10 -
Apisec University Online
06.2023 - 07.2023
Scrum Master
Tripnologies Inc
01.2022 - 07.2024
Software Manual Testing - undefined
IOFIT
Similar Profiles
Aamuktha MadabhushiAamuktha Madabhushi
Singing teacher at Self-employedSinging teacher at Self-employed
Ava Jane Glenski VillanuevaAva Jane Glenski Villanueva
Translator at Self-employedTranslator at Self-employed
Bilal SadiqBilal Sadiq
Property Owner at Self-employedProperty Owner at Self-employed
Mike SjostromMike Sjostrom
Construction Worker at Self-employedConstruction Worker at Self-employed
Ethan KingEthan King
Founder at Aventro AIFounder at Aventro AI