Governance-Focused Cybersecurity & Compliance Professional

Kimberly Liora

Cybersecurity & Compliance Associate CMMC / NIST 800-171 Governance Support

Governance-minded cybersecurity professional uniting audit readiness, risk management, and technical fluency to build sustainable compliance programs.

Atlanta, GA ********.*****@*******.*** 678-***-**** LinkedIn

PROFESSIONAL SUMMARY

Governance-minded cybersecurity professional with hands-on experience supporting NIST 800-171, CMMC Level 2 concepts, audit readiness, Windows Server hardening, and technical control documentation. Strong background in evidence collection, policy development, and remediation tracking with exposure to federal compliance environments. Skilled in translating technical information into clear, audit-ready documentation. Seeking a CMMC internship to build deeper real-world defense cybersecurity expertise while contributing strong documentation and analytical capability.

AREAS OF EXPERTISE

NIST 800-171 & CMMC Level 2

Security Control Documentation

Audit Readiness & Evidence Collection

Policy Development & SOP Drafting

Compliance Monitoring & Remediation Tracking

Internal Audit & Gap Analysis

Risk Identification & Issue Tracking

Windows Server, AD & Group Policy

GRC Platforms & Tools

Excel Reporting & Compliance Dashboards

Stakeholder Engagement & Reporting

Continuous Improvement & Performance Metrics

TECHNICAL TOOLS:

F Frameworks: NIST 800-171, NIST 800-53, CMMC Level 2

Systems: Windows Server, Active Directory, Group Policy

Security Tools: Nessus Essentials (lab), Event Viewer

Compliance Tools: ServiceNow GRC, SharePoint

Documentation & Reporting: Excel (PivotTables/VLOOKUP), Word, Confluence

Scripting: PowerShell

BUSINESS IMPACTS & ACHIEVEMENTS (Projects)

eGain Compliance Documentation Support (IRS) 2024 – 2025

Selected by leadership to modernize federal compliance and support workflows, aligning daily operations with NIST and ISO standards.

Updated compliance documentation and SOPs to align IRS processes with NIST requirements.

Reviewed authentication and encryption workflows for adherence to federal security standards.

Developed structured documentation templates improving audit consistency and onboarding.

Key Value: Elevated day-to-day technical operations into structured, auditable processes under a recognized compliance framework.

Tech Enablement Dashboard (IRS) 2024 – 2025

Developed a cross-departmental GRC dashboard initiative to improve visibility into audit evidence, risk status, and remediation progress.

Assisted in gathering audit and compliance data for Power BI dashboards that tracked control status and remediation progress.

Helped identify compliance gaps and supported documentation updates to strengthen overall audit readiness.

Key Value: Translated fragmented risk data into actionable compliance intelligence for leadership.

PROFESSIONAL EXPERIENCE

Security & Compliance Analyst, Department of the Treasury - IRS 2024 – Present

Supported compliance evidence collection for NIST 800-53 and NIST 800-171 control families.

Prepared audit-ready documentation (SOPs, configuration notes, system details).

Maintained and mapped control records in ServiceNow GRC to evidence repositories.

Participated in internal compliance checks with ISSOs aligned to CMMC Level 2 requirements.

Drafted monthly summaries highlighting control status, documentation needs, and remediation progress.

GRC & Security Support Specialist, ABBTECH Professional (IRS Contractor) 2023 – 2024

Assisted in internal control testing and documentation review for federal NIST 800-53 requirements.

Managed compliance artifacts and tracked remediation steps in ServiceNow GRC.

Prepared evidence packets and updated audit documentation for ISSO and auditor reviews.

Supported gap analysis efforts and helped monitor closure of recurring audit findings.

IT Analyst – Compliance & Reporting, Amerisave Mortgage Company 2020 – 2022

Assisted with documentation for SOC 2 and ISO 27001 audits, including policies and control evidence.

Gathered audit logs, screenshots, and system configuration notes for internal auditors.

Maintained compliance documentation repositories and tracked remediation efforts.

Produced Excel reports summarizing compliance trends and audit results.

IT Support – Systems & Operations, Olde Atlanta Golf Club 2016 – 2022

Authored SOPs for device checks, shift handoffs, and incident reporting.

Assisted with server upgrades and system migrations with zero downtime.

Maintained network/access control documentation and operational policies.

EDUCATION & CERTIFICATIONS

Bachelor of Science in Cloud Computing Western Governors University (In Progress)

In Progress: CompTIA A+ CompTIA Network+ Security+

Contact this candidate