Abdullah Siddiqi

Cybersecurity and Compliance Analyst

Security+ BTL1 CMMC Registered Practitioner (RP)
Download Resume Get In Touch

About Me

I'm a dedicated GRC Analyst with hands-on experience in governance, risk, and compliance programs across diverse industries. My expertise spans risk assessments, policy development, control testing, and aligning organizations with security frameworks such as NIST 800-53, NIST 800-171, ISO 27001, and CMMC.

My mission is to strengthen organizational resilience by ensuring regulatory compliance, reducing risk exposure, and building security governance that enables business success. I believe in bridging the gap between business objectives and cybersecurity requirements through continuous learning and proactive risk management.

150+

Controls Tested

40+

Risk Assessments

25+

Policies Developed

100+

Staff Trained on Compliance

Skills & Expertise

GRC Skills

Risk Assessment & Mitigation 95%
Policy Development & Governance 92%
Audit Support & Control Testing 90%
Third-Party/Vendor Risk Management 88%

Compliance Frameworks

CMMC (Cybersecurity Maturity Model Certification) 95%
SOC 2 (System & Organization Controls) 92%
NIST 800-171 90%
ISO 27001 88%

Tools & Platforms

ServiceNow GRC
Archer GRC
OneTrust
MetricStream
Jira / Confluence
AWS / Azure Compliance Tools

Professional Experience

GRC Analyst

Jün Cyber

Jan 2025 – Present
  • Assisted in developing and maintaining security policies, standards, and procedures to ensure compliance with NIST 800-53 and NIST 800-171 frameworks
  • Performed security risk assessments on internal systems and third-party vendors, providing detailed reports with mitigation recommendations
  • Monitored compliance with cybersecurity frameworks and regulatory requirements, supporting audit preparation and documentation
  • Participated in enterprise security awareness training initiatives to educate over 100 employees on cybersecurity best practices

Security Analyst

UST Global

Jun 2024 – Dec 2024
  • Triaged over 200 security incidents using enterprise SIEM technologies like Splunk and Velociraptor
  • Performed 15+ comprehensive security reviews, leveraging threat attribution and OSINT to enhance security posture
  • Developed 10+ detailed threat advisories using the MITRE ATT&CK framework to mitigate identified risks
  • Managed security controls for 50+ firewalls and endpoint protection platforms (EPP) to ensure system confidentiality and integrity

SOC Analyst

CyberFlorida

Dec 2022 – May 2024
  • Managed weekly security operations including phishing alerts, SOC alerts, and over 40 other security events
  • Conducted technical evaluations and penetration tests on more than 30 web applications and mobile systems
  • Implemented a monthly education plan to enhance the IT skills and knowledge of over 50 staff members
  • Created a virtual desktop environment, allowing 100 users to access applications through CF's cloud network

Education

Bachelor of Science in Cybersecurity

University of South Florida

Tampa, FL

Dec. 2024
GPA: 3.7/4.0
Relevant Coursework: Risk Management, Security Policies, Compliance Frameworks, Digital Forensics
Focus Areas: Governance, Risk Management, and Compliance (GRC)

Certifications

Security+

CompTIA

Certified
Verify Credential

Blue Team Level 1

Security Blue Team

Certified
Verify Credential

Registered Practitioner (RP)

Cybersecurity Maturity Model Certification

Certified
Verify Credential

Authorized to provide CMMC consulting and implementation services for DoD contractors

Let's Connect

Ready to secure your organization? Let's discuss how I can help.

Email InfoSecAbdullah@gmail.com LinkedIn Connect with me