"The club membership sub has been the biggest ROI I've ever had. Like, this is absolutely insane, seeing everything that's happened since I got wind of the club last Fall." — Dex Copeland

Meet Our Leadership

The people driving the mission to transform GRC through engineering, community, and education.

AJ Yawn
Executive Chairman & Founder

AJ Yawn

AJ's had an unconventional career path: D1 athlete, Army Captain, cybersecurity entrepreneur, and now, GRC Engineering Lead at NR Labs and GRC revolutionary. After leading compliance for major tech companies, AJ launched a cybersecurity startup mid-pandemic and learned that the best solutions put people first. Now he's focused on transforming GRC through engineering and AI because compliance should be about efficiency and trust, not just checking boxes. AJ started the GRC Engineering Club so people can learn at scale, build community, grow their skillsets, help one another, and push the industry forward.

  • Established author & LinkedIn Learning instructor (195K+ learners)
  • SANS Institute instructor
  • Based in Puerto Rico, fully invested in building there
  • Ironman training enthusiast
Connect on LinkedIn
Abdie Mohamed
President

Abdie Mohamed

Abdie is a cloud engineer and compliance specialist on a mission to transform how compliance meets engineering. Born and raised in San Diego, California, he brings expertise in cloud, GRC, and FinOps with a passion for growth. He serves the GRC Engineering Club, a thriving Patreon community where cloud professionals learn to bridge traditional compliance work with modern engineering practices. As a public speaker with an emphasis on leadership development, Abdie dedicates his life to building other leaders.

  • Cloud engineer & compliance specialist
  • Public speaker focused on leadership development
  • Expert in AI governance, security controls, and compliance automation
  • Passionate about community and mentorship
Connect on LinkedIn
James Tabron, CISSP
Vice President

James Tabron, CISSP

James Tabron is a CISSP-certified GRC Engineering Director who uniquely combines 6 years of GRC experience with 4.5 years of software engineering leadership. He's built enterprise GRC programs from scratch, including SOC 2 and ISO 27001, across multiple verticals, leading teams at the highest levels throughout his two-decade career spanning GRC and IT. Today, James is at the forefront of AI-driven compliance, actively building AI agents that automate the most painful and time-consuming SOC 2 controls.

  • CISSP-certified GRC Engineering Director
  • 6 years GRC + 4.5 years software engineering leadership
  • Built enterprise SOC 2 and ISO 27001 programs from scratch
  • Pioneer in AI-driven compliance automation
Connect on LinkedIn
Ashley Pearce
Head of Career Ops

Ashley Pearce

Ashley is the founder and owner of GRC Playground, where she's built comprehensive labs serving everyone from beginners to advanced analysts. As a Senior InfoSec Analyst at Rise8, she helps security teams accelerate production by embedding security and automation from day one, directly enabling the military to build and deploy secure software faster. Ashley has become a cornerstone of the GRC community through her mentorship of analysts pivoting into GRC Engineering roles.

  • Founder of GRC Playground
  • Senior InfoSec Analyst at Rise8
  • Author of the RMF Guide for ATO and cATO
  • Mentors analysts transitioning to GRC Engineering
Connect on LinkedIn
Zinet Kemal, M.S.c
Head of Membership

Zinet Kemal, M.S.c

Zinet is a Senior Cloud Security Engineer who switched careers from law to cybersecurity and never looked back. She wrote children's books about cybersecurity because she saw a gap and filled it. From "Oh, No ... Hacked Again!" to "See Yourself in Cybersecurity," her books are in schools, homes, and libraries helping kids understand online safety. 125K+ people watched her TEDx talk on keeping children safe online. She's a LinkedIn Learning instructor with 12+ awards.

  • Senior Cloud Security Engineer
  • Author of children's cybersecurity books
  • TEDx speaker (125K+ views)
  • LinkedIn Learning instructor with 12+ awards
Connect on LinkedIn
Ethan Troy
Head of AI Research

Ethan Troy

Ethan brings a rare combination of offensive security depth, audit rigor, and hands-on engineering experience to the GRC Engineering Club. As a Principal at Fortreum and independent security researcher at hackIDLE, he lives at the intersection of red teaming, AI security, and compliance. His background spans GRC audit and risk assessment for North Dakota IT, audit advisory and supply chain security board membership at Blue Cross Blue Shield, vulnerability scanning and controls assessment at Coalfire Federal, consulting at A-LIGN, smart contract security audits in the blockchain space, and service as a 68W Healthcare Specialist in the National Guard. Right now, Ethan is focused on offensive AI security (red teaming LLMs, adversarial ML, AI workload attack surfaces), Kubernetes security for AI workloads, infrastructure hardening, and GRC engineering including compliance automation, FedRAMP tooling, and OSCAL.

  • Principal at Fortreum & independent security researcher at hackIDLE
  • Expertise in red teaming LLMs, adversarial ML, and AI workload attack surfaces
  • Background in FedRAMP, OSCAL, and compliance automation
  • 68W Healthcare Specialist, National Guard veteran
Connect on LinkedIn
Dr. Omar Sangurima, CISSP
Podcast Lead

Dr. Omar Sangurima, CISSP

Dr. Omar Sangurima is the Head of Program Management and Cyber Third-Party Risk Management at Memorial Sloan Kettering Cancer Center (MSKCC), where they are actively spearheading the development of a cutting-edge TPRM capability. Armed with a doctorate, three master's degrees, and a recent sweep of rigorous industry certifications -including the CPHRM, CTPRA, COSO ERM, and CHFP -Dr. O brings a deep, multi-disciplinary well of expertise to the risk and security landscape. Beyond their day-to-day leadership, Omar is a dedicated educator and community builder, serving as a Board Secretary and an instructor for the MSK-ARGO Applied Health Informatics Certificate Program.

  • Head of Program Management & Cyber TPRM at Memorial Sloan Kettering Cancer Center
  • Doctorate + three master's degrees with certifications including CISSP, CPHRM, CTPRA, COSO ERM
  • Board Secretary & instructor for the MSK-ARGO Applied Health Informatics Certificate Program
  • Host of the Official GRC Engineering Club Podcast
Connect on LinkedIn
Lauren Alex-Igwe (Nwegbo)
GRC Events Lead

Lauren Alex-Igwe (Nwegbo)

Lauren is a seasoned GRC leader and compliance automation engineer who builds systems that keep organizations continuously audit-ready without sacrificing real security. She focuses on whether controls are actually working as designed, mitigating risk as intended, and producing defensible evidence. Her approach embeds compliance directly into infrastructure, cloud architectures, and AI systems through automated control testing, continuous monitoring, and telemetry integration. Lauren serves as Director of Compliance Automation at ResilientTech Advisors and is certified as an ISO 27001 and ISO 42001 Lead Auditor with a specialized focus on AI governance.

  • Director of Compliance Automation at ResilientTech Advisors
  • ISO 27001 & ISO 42001 Lead Auditor with AI governance specialization
  • Expert in automated control testing, continuous monitoring, and telemetry integration
  • BS in Computer Systems & Networking Communications from Texas State University; pursuing MBA
Connect on LinkedIn
Nick McLaren
Head of Community Ops

Nick McLaren

As an AVP and Senior Cloud Security Engineer within Truist's Data Protection Organization, Nick serves as a hands-on technical lead and problem-solver across automation, infrastructure, and cloud security initiatives. He designs and delivers end-to-end solutions that protect sensitive data across AWS and Azure -building infrastructure with Terraform, developing automation with Python, and integrating third-party security tools that extend visibility and control beyond native cloud capabilities. Nick holds an MS in Cybersecurity from Kennesaw State University and is pursuing a Doctor of Science in Cybersecurity at Marymount University, focusing on cloud penetration testing and risk management theory. A former Lead Instructor in Cybersecurity at ThriveDX, he brings a mentorship mindset and a builder's mentality to every initiative.

  • AVP & Senior Cloud Security Engineer at Truist's Data Protection Organization
  • Expert in Terraform, Python automation, and AWS/Azure cloud security
  • Pursuing Doctor of Science in Cybersecurity at Marymount University
  • Former Lead Instructor in Cybersecurity at ThriveDX
Connect on LinkedIn

Led by Practitioners, Built for the Community

Our leadership team brings real-world GRC engineering experience. Join us and grow alongside industry leaders.