LeeRayl

@[email protected]
338 Followers
210 Following
7.5K Posts
InfoSec Manager, vCISO ish
US Coast Guard Veteran
Service Disabled Small Business Owner

Outlaw 🤠
Punk Alt Folk Garage Rock
Harley's, Trikes, and Touring
#Starfield #Fallout random sims

Very Neurodivergent with Doctors note

Living On Duwamish Land among the Salish Sea Tribes
Who’s Land do you live on https://native-land.ca/
LinkedInhttps://www.linkedin.com/in/leerayl
JetCity Techhttps://jetcity.tech
GitHubhttps://github.com/leerayl
Signalleerayl33
LeeRayl8h ago
Maria Langer | 📝💎🌵🛥️14h ago
I’m looking for someone with a #sewing machine capable of doing #embroidery. I want to have tags made on canvas with a length in feet embroidered onto the tag in bold numbers about 2 inches tall. For example, 35’ or just 35. The tag edges must be finished and I will be adding a grommet. I'll need 11 of these with varying lengths. I'll pay a reasonable price. I’d rather hand this off to a craftsperson than find a fancy embroidery shop to do it. Please boost for exposure. #SupportArtistsAndMakers
Show threadLeeRayl1d ago
I feel like the lights came on, I have been active and getting stuff done, even took 2 phone calls by choice. Even not sleeping great, tired but engaged in stuff. Took Covid tests all negative so I have no clue what the heck was happening for close to two months but glad to be feeling more like myself.
Show threadLeeRayl2d ago

It’s also funny to me that someone on LinkedIn claimed to be the first to coin GRC engineering.

We just did the work not make up titles for a long as time.

GRC Engineering is not really a thing. We just call that engineering. In fact I will go one further and say that GRC Engineering is not a thing as GRC and Engineering are and will always be separate disciplines, as one must be able to provide oversight….

No dude, you didn’t coin anything but I do think your writing about GRC and evidence collection with continuous delivery is cool. We just used to call it integration and tooling.

LeeRayl2d ago

Heh, that company I did work for last year has a GRC Engineer role open.

I applied, it’s a cool company.

LeeRayl3d ago
rsalz3d ago
Delta Airlines is suspending all congressional perks, including special congressional service desk, until TSA is funded. Hope others follow!
LeeRayl3d ago
After a month of feeling like death with no real symptoms other than depression with occasional flu like symptoms I feel a lot better. I hope it’s gone cause it was messing me up.
Show threadLeeRayl4d ago

Because I do silly stuff, I went to the Delve.co career site and they list a Senior GRC specialist role for hire.

Now I am not gonna kick them while they are down but maybe that should have been a hire a long time ago….

Maybe hiring GRC experts is a good thing for your GRC tool/platform when building trust as a new player in the space.

Pretty sure AI would have told you that….

A breach of trust is still a breach. Reputation in a trust industry is all you got.

#InfoSec

LeeRayl4d ago

RE: https://mstdn.science/@memerman/116280030788276149

The Cherry blossoms are out in force across the region. Saw 2 beautiful blooming trees yesterday.

LeeRayl4d ago

Hey #InfoSec family

My heart was lifted this morning reading about the Delve issues and I am ready for it.

I just posted to LinkedIn that I am available to help organizations using tools like Delve, Vanta, Drata, etc… to evaluate their current GRC programs and help them make Risk based decisions on assurances and assessments.

GRC is my jam, compliance is my happy place, controls, I love them, and I have time.

Heck, maybe you’re stuck in this position and need someone to help get back on track, I got you.

So many companies are about to get rocked through TPRM and the “Show me your SOC 2” is not going to be enough.

If you have ever had to meet the GRC requirements of a big financial company or other highly regulated industry, you know the time required to meet the need, your clients will start demanding the same.

Oh, and the insurance industry must be losing their minds now that there is a massive question on security and liability.

Anyway here’s my LinkedIn post if you want to share it, or use it to reach out. https://www.linkedin.com/posts/leerayl_if-your-team-iswas-using-delve-or-any-of-share-7441904958955962369-yaU-

If your team is/was using Delve or any of the “GRC Platforms” and realize the current state of GRC platforms providing assurances is bunk, I can help. I have watched the space for years, worked with… | Lee Rayl

If your team is/was using Delve or any of the “GRC Platforms” and realize the current state of GRC platforms providing assurances is bunk, I can help. I have watched the space for years, worked with many of them, and understand the appeal but they have created a market for themselves that do not serve you. I am a Certified InfoSec Manager, GRC Engineer, InfoSec Program Manager with SOC 2, ISO 27xxx, ISO 42001, TISAX, and FedRAMP/NIST CSF, RMF, AI RMF, 800 53, GDPR, HIPAA, and EU AI Act. I am available to help you find the right level of compliance within your governance requirements to help you move into a more complete and comprehensive solution for your organization. I believe this work is important and requires more than a SaaS solution, it requires humans, tools, and collaboration to prove compliance and meet emerging governance challenges. Before you find out your SOC 2 is worthless because it was rubber stamped by a partner of your software, let me help you get on track, find a good firm that uses professional auditors, and build the assurance model you thought you were getting with that GRC tool. I am currently available to help.

LinkedIn
LeeRayl5d ago
Got out of the house and went for a walk. Lots of raptors out today. Most impressive was the osprey, biggest I have seen on the west coast. Flew next to a bald eagle and it was twice the eagles size.