Security Governance & Strategy

---

Cody Keller, CISSP, CISM Manager of Security Governance & Operations

I bridge the gap between technical security operations and business risk strategy. With over 5 years of tenure driving GRC initiatives, I specialize in building audit-ready security programs (SOC2, ISO 27001) and managing high-performance teams.

My focus is on scalable governance, AI security, and operational resilience.

High-Assurance Compliance Strategy I specialize in modernizing compliance programs for regulated industries. I have directed end-to-end lifecycles for high-assurance frameworks including SOC 2 Type 2, HIPAA, CJIS, TX-RAMP, and SOX ITGC. My approach moves beyond “checking the box” to build continuous, audit-ready governance models.

Enterprise AI Governance Innovation requires guardrails. I lead the safe adoption of Generative AI by establishing Acceptable Use Policies (AUP) and AI Risk Assessment frameworks. I help organizations balance the speed of AI with data privacy and IP protection.

Operational Risk & Resilience From Third-Party Risk Management (TPRM) to Incident Response, I build systems that quantify risk for leadership. By leveraging automation and data-driven insights, I turn security operations into a business enabler that accelerates sales velocity

---