Cybersecurity & GRC Specialist
📄 View Resume 📫 Contact Me
Get to know a little about the man behind the screen. Learn more about my passions, interests, and my journey into Cybersecurity Governance, Risk, and Compliance (GRC). On this page, you’ll find a mix of personal insights and professional experiences that have shaped who I am inside and outside of the professional world.
Hi, I’m Justin Min—a GRC Analyst and Cybersecurity professional with a passion for structure, strategy, and self-improvement. When I’m not control mapping and reviewing frameworks, I’m usually studying or diving into one of my many hobbies. I try to keep a balance in life, but I’d be lying if I said I don’t see cybersecurity GRC constantly all around me.
One of my staple hobbies is fitness. I have been consistently weightlifting for over 10 years and recently have been getting into some cardio. I used to run 10km every morning, but have been really getting into swimming lately. I love getting my heart pumping and pushing myself to see how far I can go. Not only do I enjoy the action, but I enjoy the process, knowing that I am working towards a better future day-by-day. This also parallels my journey in cybersecurity grc where my passion for the field and dedication to continuous learning brings me one step closer every day towards my goals.
I also enjoy culinary arts; the satisfaction you get from making a dish is almost as good as getting to eat it after! I find it fascinating how one ingredient can turn into an endless amount of recipes, with different cuisines all preparing it in their own unique way. Take a carrot for example. Pretty plain, right? You could eat it raw, boil it in saltwater, oven-roast it, but it probably wouldn’t be your first pick if you’re hungry. Now, add a little pastry dough, brown sugar, and some butter, and now you have a savory french carrot tart for dinner. Or perhaps throw in some glass noodles, beef, sesame oil and a little soy sauce, and you have just made a classic korean noodle dish called japchae. Pairing this one ingredient, the carrot, with a few more components creates dishes tailored towards a different type of cuisine but ultimately satisfying one common denominator; hunger. Knowing which ingredients will make what to satisfy someone’s craving is exactly how I satisfy a company’s risks; I assess what they’re craving (control gaps and risk), which cuisine they want (frameworks), and then I gather the ingredients and make the dish (risk mitigation and remediation) and serve it to them (executive reporting).
My motivation is heavily influenced by my parents, who immigrated to the U.S. and left everything behind to provide our family a future they didn’t get to have. Their resilience and sacrifice drive my work ethic, my commitment to growth, and my determination to give everything I do my 110%.
At my core, I am driven by a desire to bring harmony in a world of chaos. Whether in the gym, the kitchen, or a corporate risk assessment, I am always analyzing, refining, and working toward a more secure and efficient future. All with a smile on my face.
Throughout my academic and early professional career, I’ve accumulated a wide variety of technical and soft skills that help me succeed in Governance, Risk, and Compliance (GRC). These skills allow me to perform control mapping, manage vulnerability, review security posture, and understand frameworks. I also possess the abilities to speak clearly and effectively, document efficiently, collaborate with teams, and think critically on a deeper level.
I have built practical experience configuring ServiceNow for GRC applications, mapping controls to NIST SP 800-53 and ISO 27001, and conducting gap analyses. My technical literacy—validated by my CompTIA Security+—allows me to understand the “how” of security controls, while my business acumen allows me to address the “why”. I possess the ability to translate the architecture of trust and technical jargon into business value, ensuring that organizations don’t just pass audits, but actually reduce risk. I am proficient in audit walkthroughs, evidence collection, and risk register management, making me an immediate asset to any compliance team.
I am deeply committed to the strategic side of cybersecurity, ensuring that organizations can operate safely in a high-threat landscape. My core values—Integrity, Precision, and Resilience—shape my approach to all aspects of my life.
For a deeper reflection on my values, methodology, and what drives me professionally, you can read my full professional statement here: Read my Professional Statement.
Looking ahead, my long-term career objective is to ascend to executive leadership as a Chief Information Security Officer (CISO). I aim to be the bridge between technical security teams and the boardroom, driving security strategies that enable business growth rather than hindering it.
To achieve this, I am actively pursuing advanced certifications, including the CISA (Certified Information Systems Auditor) and eventually the CISSP and CISM. I plan to further sharpen my skills in security architecture and continue specializing in automating compliance workflows to reduce the manual burden of audits, allowing teams to focus on real-time risk mitigation.
Feel free to connect with me:
Thank you for visiting my page!