Skip to content

Add profile: John Bommeraveni Joseph (@Johnbjoseph-cybersec) #39

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
github-actions wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add profile: John Bommeraveni Joseph (@Johnbjoseph-cybersec) #39

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
91 changes: 91 additions & 0 deletions engineers/Johnbjoseph-cybersec.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
---
name: "John Bommeraveni Joseph"
github: "Johnbjoseph-cybersec"
specializations:
- "Audit & Assurance"
- "Compliance Automation"
- "Identity & Access Management"
- "Privacy"
- "Risk Management"
- "Security Governance"
- "Third-Party Risk"
- "Vulnerability Management"
- "AI Governance"
- "Cloud Governance"
title: "GRC Analyst"
location: "Dubai, UAE"
linkedin: "https://www.linkedin.com/in/john-bj/"
blog: "https://johnbjoseph-cybersec.github.io/"
frameworks:
- "GDPR"
- "HIPAA"
- "ISO 27001"
- "ISO 42001"
- "NIST AI RMF"
- "NIST CSF"
- "NIST RMF"
- "PCI-DSS"
- "SOC 2"
languages:
- "JavaScript"
- "PowerShell"
- "Python"
- "AWS"
- "Qualys"
- "Kali Linux"
- "Wazuh"
- "Splunk"
certifications:
- "ISO 27001 Lead Auditor"
- "ISO 42001 Lead Auditor"
- "Certified Cybersecurity Educator Professional (CCEP)"
- "Qualys Certified Specialist – Vulnerability Management, Detection, and Response (VMDR)"
- "Amazon Web Services Solutions Architect - Associate"
- "Amazon Web Services Cloud Practitioner"
- "Governance, Risk, Compliance, and Data Privacy"
- "PrivacyOps"
available_for:
- "mentoring"
- "speaking"
- "consulting"
- "open-source"
- "hiring"
- "freelance"
- "collaboration"
projects:
- name: "GRC Practice Lab"
url: "https://johnbjoseph-cybersec.github.io/grc-lab.html"
description: "Built and launched an interactive browser-based GRC simulator designed to help aspiring and working professionals practice real-world governance, risk, and compliance workflows. The lab includes dashboards, assets, risks, controls, vendors, issues, reporting, and guided learning experiences and projects that make GRC more hands-on and practical. Since launch, it has grown to 3.5K+ active users, 116K+ events, 60K+ views, and an average session duration of 8m 40s."
---

## About Me

I moved into cybersecurity GRC after spending more than 10 years in HR, recruitment, and people-focused roles. That background shaped how I approach security today.

As I transitioned into cybersecurity, I built hands-on technical skills alongside GRC and ranked in the Top 1% on TryHackMe, reaching Diamond League. That experience gave me a much stronger understanding of how technical security connects with governance, risk, and compliance in the real world.

While learning GRC, I kept seeing the same problem: people could explain risk registers, controls, evidence, and audits, but they rarely had a place to actually practice them. That gap led me to build the Free GRC Practice Lab, an interactive browser-based simulator designed to make GRC more practical, visual, and hands-on.

In under 45 days since launch, the GRC Practice Lab has grown to 3.5K+ active users, generated 116K+ events, reached 60K+ views, and maintained an average session duration of 8m 40s, validating strong demand for hands-on GRC learning.

Today, I’m focused on product-driven GRC, control design, risk analysis, audit readiness, and building better learning experiences for the cybersecurity community.

## Experience Highlights

- Built and launched the GRC Practice Lab.
- Created hands-on workflows for risk, controls, compliance, and reporting.
- Turned complex GRC concepts into practical learning experiences.
- Grew the platform to 3.5K+ active users, 116K+ events, and 60K+ views.
- Used analytics and user feedback to improve engagement and usability.
- Combined GRC knowledge with UX and product thinking.
- Published and continuously improved the lab on GitHub Pages.
- Built to make GRC more practical, accessible, and engaging.

## Get in Touch

You can connect with me on LinkedIn, explore my projects on GitHub, follow my YouTube channel GRC Made Simple, or reach me by email.

LinkedIn: https://www.linkedin.com/in/john-bj/
GitHub: https://github.com/Johnbjoseph-cybersec
YouTube: https://www.youtube.com/@GRCMadeSimple
Email: johnbjoseph.cybersec@gmail.com