Lisa Young is a GRC security professional. Her current role is Third-Party Risk Lead. She started her career doing mechanical drafting and design and decided she was bored and ended up working in information technology. She has managed to work in computer networking, implementing health care software, customer support, supporting product development teams, performing application testing, product security risk assessments, managing a physical security system, supporting incident response and contingency planning, and has worked in all areas of security governance, risk, and compliance including leading SOC audits and supporting FedRAMP readiness assessments. She holds a Bachelor's degree in Computer Networking from Strayer University and a Graduate Certificate in Cybersecurity from Penn State and her certifications include - CISSP | ITIL | Six Sigma Green Belt | FAIR [Factor Analysis of Information Risk]