i.am.kevin.rigo status: active
operator profile

Kevin Rigo

Senior GRC Analyst

I work in Governance, Risk and Compliance (GRC), with an increasing focus on IT Risk Management. My role involves identifying and assessing risks, implementing appropriate controls, and ensuring that the organization's security practices can be demonstrated and validated during audits and assessments.

[ LinkedIn ] [ Email ]
Kevin Rigo
id: i.am.kevin.rigobudapest, hu
10+
years in security
GRC
Governance, Risk, and Compliance
IT risk
current focus
Certified
ISO 27001 Lead Auditor, ITIL Foundation
about

How I got into this: mostly by accident. I've been interested in computers and security since I was a kid, but my career took the scenic route. A few unrelated jobs, a lot of curiosity, and eventually the hobby started paying the bills.

These days I work in vendor and third-party risk, audit readiness, phishing and security awareness programs, and coordinating vulnerability assessments and penetration tests. Lately I've been leaning more into IT risk management: identifying risks early, quantifying them, and getting them in front of the people who can do something about them.

Outside of work, I enjoy photography, play guitar, and listen to a lot of metal. I also share my home with Zoey, a French bulldog who believes she's in charge, and my wife Petra, who may actually be in charge.

roleSenior GRC Analyst
focusIT Risk Management
basedBudapest, Hungary
langHungarian (native), English (advanced)
certISO 27001 Lead Auditor, ITIL Foundation
work log2015 to now
012026 / NOW
Senior GRC Analyst
GoTo Technologies
Perform AI risk assessments and conduct third-party, vendor and infrastructure risk reviews. Deliver risk documentation supporting compliance across SOC 2, ISO 27001, HIPAA and NIS2.
022024 / 2026
Cybersecurity PMO
Galileo Global Education
Coordinated cybersecurity initiatives across 20+ countries, working closely with CISOs and executive stakeholders to align security strategy with business goals. Led vulnerability management improvements by implementing Tenable for in-house scanning, supporting penetration testing, maturity assessments, and executive risk reporting.
032022 / 2024
Senior IT Security Risk and Compliance Analyst
Cushman and Wakefield
Led IT risk management activities, handled client audits and security questionnaires, and performed third-party and vendor risk assessments to support enterprise compliance requirements.
042022
IT Security and Data Privacy Compliance Manager
Randstad Sourceright
Managed third-party and vendor risk assessments with a focus on IT security and data privacy compliance.
052020 / 2022
IT Security Risk and Compliance Analyst
Cushman and Wakefield
Conducted third-party and vendor risk assessments, supported IT security training and awareness programs, and coordinated global phishing simulation campaigns.
062018 / 2019
Junior IT Security Specialist
British Telecom
Supported ISO 27001 security risk assessment tooling, coordinated Cisco IOS upgrade activities, and delivered IT security training and awareness initiatives.
072016 / 2018
IT Security Analyst
Citi
Managed and produced vulnerability assessment reports, tracked and reported remediation and compliance activities across critical systems, and provided service desk support for security-related issues.
082015 / 2016
Security Policy Coordinator
IBM
Managed security policy compliance reviews, conducted technical specification assessments across multiple platforms (AIX, Windows Server, AS/400), produced KPI and workload analysis reports, and administered user access management.
stack

frameworks

ISO 27001SOC 2PCI-DSSHIPAANIST 800-53NIS2ITIL

tools

AuditBoardThoropassOneTrustServiceNow GRCBlack KiteTenableNessusJiraPower BIClaude Code

sectors

financetelecomreal estatestaffingeducationSaaS
certifications
[ cert ]

ISO 27001 Lead Auditor

Certop IT Solutions Ltd.
issued 2024
[ cert ]

ITIL Foundation

EXIN
issued 2016
[ degree ]

Economist, Business Administration and Management

Kodolányi János University
2022 to 2025 / grade: Excellent
off the clock
Photograph by Kevin Rigo
Photograph by Kevin Rigo
Zoey, the French bulldog
Petra
Kevin and Petra
contact

Say hi.

If you want to talk security, risk and audits, or just argue about bands, I am around. I also take on select consulting work from time to time, so if something lines up, feel free to reach out. Easiest to find me on LinkedIn or email.

LinkedIn/in/kevin-rigo Email[email protected] GitHubi-am-kevin-rigo Instagrami.am.kevin.rigo YouTube@i_am_kevin_rigo TikTok@i.am.kevin.rigo