Design Leadership for a Complex Cyber GRC Platform
As Head of UX/UI Design, I led the full product lifecycle of Centraleyes, a SaaS enterprise platform that enables global organizations to assess cyber risk, ensure regulatory compliance, and make data-driven decisions. Over 7 years, I scaled the platform into a robust, enterprise-ready solution, adopted by hundreds of organizations worldwide.
UX/UI Development Stages
1
Explore
-
Stakeholder alignment
-
Regulatory standards
-
User identification
2
Research
-
User interviews
-
Industry trends
-
Competitor analysis
3
Analyze
-
User workflows
-
Feedback prioritization
-
Personas and journeys
4
Design
-
Wireframes
-
High-fidelity prototypes
-
Design system
5
Testing
-
Usability testing
-
A/B testing
-
Iteration
The Challenge & Strategic Approach
Centraleyes set out to disrupt the traditional Governance, Risk, and Compliance (GRC) market with a cloud-based platform.
The challenge:
-
Deliver rapid onboarding (from weeks to a single day)
-
Provide real-time dashboards and automated compliance workflows
-
Ensure scalability for thousands of global users
Strategic Approach:
I led a holistic UX strategy, combining user research, competitive analysis, and agile collaboration with engineering. The focus was on modular design, clear information architecture, and system scalability to drive adoption.
Impact at a Glance:
Faster Onboarding
Reduced onboarding from weeks to 1 day
Workflow Efficiency
Improved task completion
by >70% in critical workflows
Scalable Adoption
Delivered a modular platform adopted by thousands of users worldwide
Main competitors on which the research is based:
Competitor Analysis
To gain insights into the market, I conducted a thorough competitor analysis, focusing on:
-
Leading cyber risk management and GRC (Governance, Risk, and Compliance) platforms.
-
Key differentiators such as ease of use, scalability, automation, and dashboard design.
-
Identifying gaps in existing solutions helped position Centraleyes as an innovative and user-friendly alternative.
Research & Insights
Competitive Landscape:
Identified gaps in legacy GRC solutions, complexity, lack of automation
poor usability.
User Research:
Conducted 40+ interviews and usability tests with CISOs, risk managers,
and compliance officers.
67%
needed a way to manage multiple entities or clients from a single platform.
70%
Prefer platforms with quick onboarding, ideally within one day
78%
Users want automated data collection and reporting to boost efficiency
85%
Utilize real-time dashboards and reports for improved strategic decisions
Strategy & Key Decisions
-
Built a modular design system to support fast scaling and reusability
-
Designed progressive onboarding flows, reducing friction for first-time users
-
Introduced data-driven dashboards for real-time visibility
-
Defined multi-tenant architecture UX patterns to support enterprise clients
-
Integrated third-party risk tools directly into workflows
User Roles & Needs
Through research, I identified three primary roles using the platform, each with distinct needs and decision-making contexts:
CISOs
Require executive-level dashboards with KPIs to communicate risk posture to the board
Compliance Officers
Need streamlined workflows to track standards (ISO, SOC2, GDPR) and generate audit-ready reports.
Risk Managers
Focused on daily assessments, vendor risk management, and remediation task tracking.
Insight: These roles highlighted the need for a multi-layered design, balancing high-level executive visibility with detailed, actionable workflows.
Competitor Analysis
To gain insights into the market, I conducted a thorough competitor analysis, focusing on:
-
Leading cyber risk management and GRC (Governance, Risk, and Compliance) platforms.
-
Key differentiators such as ease of use, scalability, automation, and dashboard design.
-
Identifying gaps in existing solutions helped position Centraleyes as an innovative and user-friendly alternative.
Target Audience Insights
One key target was:
CISOs: Require executive-level dashboards with KPIs to communicate risk posture to the board
Process & User Experience
Information Architecture & User Flow
I designed a comprehensive user flow ensuring seamless navigation:
 UpperdeckReal-time risk and compliance insights |  1st Party Risk ManagementInternal risk assessment and tracking tools |  3rd PartySupply chain risk monitoring and mitigation |
|---|---|---|
 BoardDynamic, visually appealing stakeholder reports |
Competitor Analysis
To gain insights into the market, I conducted a thorough competitor analysis, focusing on:
-
Leading cyber risk management and GRC (Governance, Risk, and Compliance) platforms.
-
Key differentiators such as ease of use, scalability, automation, and dashboard design.
-
Identifying gaps in existing solutions helped position Centraleyes as an innovative and user-friendly alternative.
Wireframing & Prototyping
Created wireframes and prototypes, aligning with user workflows and compliance requirements.
UI Design & Visual System
I developed a comprehensive design system including the following:
Competitor Analysis
To gain insights into the market, I conducted a thorough competitor analysis, focusing on:
-
Leading cyber risk management and GRC (Governance, Risk, and Compliance) platforms.
-
Key differentiators such as ease of use, scalability, automation, and dashboard design.
-
Identifying gaps in existing solutions helped position Centraleyes as an innovative and user-friendly alternative.
Outcomes
-
The Centraleyes platform delivered:
-
Streamlined onboarding in under 24 hours
-
Real-time dashboards with automated compliance tracking
-
Multi-entity risk and compliance management
-
Integrated third-party vendor risk monitoring
-
Adoption across thousands of organizations worldwide
Leadership & Collaboration
As Head of Design, I:
-
Established a Design System ensuring consistency across the platform
-
Built and mentored a cross-functional design team aligned with product and engineering
-
Drove UX rituals (design reviews, usability testing, feedback loops)
-
Collaborated directly with engineering to refine performance, micro-interactions, and QA processes
Reflection
Leading design at Centraleyes reinforced the value of strategic UX in highly technical domains.
-
Design is a driver of adoption, not just aesthetics.
-
Scalable systems require both vision and rigorous execution.
-
Cross-functional collaboration is the foundation of product success.
This project reflects my ability to balance complexity with clarity, guiding both product and team toward impactful results.
