Sign up to save your podcasts
Or
Share Governance, Risk & Compliance (GRC) Engineering with Ayoub Fandi | EP. 24
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Governance, Risk & Compliance (GRC) Engineering with Ayoub Fandi | EP. 24
A conversation with Ayoub Fandi, a Staff Security Assurance Engineer at Gitlab and host of the GRC Engineering Podcast, as we discuss transforming GRC from a cost center into a strategic product through automation and engineering. Ayoub shares his journey from aspiring economist to successful cybersecurity professional. We explore whether GRC is technical and introduce GRC engineering, which uses engineering practices to enhance governance, risk, and compliance. We highlight the shift in GRC professionals' backgrounds and how technical skills improve GRC workflows. We also emphasize the importance of cybersecurity knowledge in GRC roles and what it means to operate at the staff level. This conversation offers invaluable insights for aspiring staff engineers, including advice on getting into GRC and building a career in GRC Engineering.
→ Ayoub's LinkedIn
→ Governance, Risk, and Compliance (GRC) for the Cloud-Native Revolution Course
→ GRCEngineeringPodcast
→ GRC Engineering Newsletter
_____________
RELATED EPISODES
🎙️ For further insights on GRC, watch or listen to Episode 12 with Izzy Vixsama from Datadog
_____________
SPONSORS
👨🏾💻 Enhance your coding skills for cybersecurity with Code Crafters
🦾 Enhance your health to manage your challenging cybersecurity career with Ultrahuman
_____________
⚡️JOIN 6,000+ CWX MEMBERS ON DISCORD
📰 SUBSCRIBE TO THE CYBERWOX UNPLUGGED NEWSLETTER
🥶 WINTER MERCH
_____________
🧬 CYBERWOX RESOURCES
🔹 Cyberwox Cybersecurity Notion Templates for planning your career
🔹 Cyberwox Best Entry-Level Cybersecurity Resume Template
🔹 Learn AWS Threat Detection with my LinkedIn Learning Course
_____________
📱 LET'S CONNECT
→ IG
→ Threads
→ Substack
→ Tiktok
Email: [email protected]
_____________
#️⃣ Relevant Hashtags#cybersecurity #hacking #bootcamp #threatdetection #cloudcomputing #cloudsecurity #technology #tech #dallas #texas #cloud
_____________
⚠️DISCLAIMER
This description has some affiliate links, and I may receive a small commission for purchases made through these links. I appreciate your support!
_____________
⏰TIMESTAMPS
00:00 Intro
02:50 Getting Started
03:36 Ayoub's Background
10:33 GRC - Business & Cybersecurity
14:25 The Evolution of GRC
21:09 GRC is Boring
23:24 Security Assurance
26:49 GRC is NOT Technical
31:12 Cyberwox Resource
33:11 Cloud & GRC
33:55 GRC Engineering
41:28 Automation in GRC
46:14 Staff Level GRC Work
49:26 Getting into GRC
53:52 Learning GRC Skils
56:10 GRC for the Cloud-Native Revolution Course
59:03 The GRC Engineering Podcast
01:03:04 Final Thoughts
01:04:12 Outro
View all episodes
By CYBERWOXA conversation with Ayoub Fandi, a Staff Security Assurance Engineer at Gitlab and host of the GRC Engineering Podcast, as we discuss transforming GRC from a cost center into a strategic product through automation and engineering. Ayoub shares his journey from aspiring economist to successful cybersecurity professional. We explore whether GRC is technical and introduce GRC engineering, which uses engineering practices to enhance governance, risk, and compliance. We highlight the shift in GRC professionals' backgrounds and how technical skills improve GRC workflows. We also emphasize the importance of cybersecurity knowledge in GRC roles and what it means to operate at the staff level. This conversation offers invaluable insights for aspiring staff engineers, including advice on getting into GRC and building a career in GRC Engineering.
→ Ayoub's LinkedIn
→ Governance, Risk, and Compliance (GRC) for the Cloud-Native Revolution Course
→ GRCEngineeringPodcast
→ GRC Engineering Newsletter
_____________
RELATED EPISODES
🎙️ For further insights on GRC, watch or listen to Episode 12 with Izzy Vixsama from Datadog
_____________
SPONSORS
👨🏾💻 Enhance your coding skills for cybersecurity with Code Crafters
🦾 Enhance your health to manage your challenging cybersecurity career with Ultrahuman
_____________
⚡️JOIN 6,000+ CWX MEMBERS ON DISCORD
📰 SUBSCRIBE TO THE CYBERWOX UNPLUGGED NEWSLETTER
🥶 WINTER MERCH
_____________
🧬 CYBERWOX RESOURCES
🔹 Cyberwox Cybersecurity Notion Templates for planning your career
🔹 Cyberwox Best Entry-Level Cybersecurity Resume Template
🔹 Learn AWS Threat Detection with my LinkedIn Learning Course
_____________
📱 LET'S CONNECT
→ IG
→ Threads
→ Substack
→ Tiktok
Email: [email protected]
_____________
#️⃣ Relevant Hashtags#cybersecurity #hacking #bootcamp #threatdetection #cloudcomputing #cloudsecurity #technology #tech #dallas #texas #cloud
_____________
⚠️DISCLAIMER
This description has some affiliate links, and I may receive a small commission for purchases made through these links. I appreciate your support!
_____________
⏰TIMESTAMPS
00:00 Intro
02:50 Getting Started
03:36 Ayoub's Background
10:33 GRC - Business & Cybersecurity
14:25 The Evolution of GRC
21:09 GRC is Boring
23:24 Security Assurance
26:49 GRC is NOT Technical
31:12 Cyberwox Resource
33:11 Cloud & GRC
33:55 GRC Engineering
41:28 Automation in GRC
46:14 Staff Level GRC Work
49:26 Getting into GRC
53:52 Learning GRC Skils
56:10 GRC for the Cloud-Native Revolution Course
59:03 The GRC Engineering Podcast
01:03:04 Final Thoughts
01:04:12 Outro