Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Affiliations
Timeline
Generic

KAYODE AGBOOLA

Summary

I am a cybersecurity and risk management expert with 15+ years of experience leading compliance audits, implementing security frameworks (ISO 27001, NIST, CIS), and optimizing business continuity for global organizations. Certified in CISSP, CISA, CRISC, and CISM with a track record of auditing 500+ companies across healthcare, finance, aviation, and manufacturing. Adept at aligning IT controls with regulatory standards (GDPR, HIPAA, PCI-DSS) and mentoring teams to achieve operational resilience.

Overview

21
21
years of professional experience
1
1
Certification

Work History

Digital Assurance Client Manager: Senior Information Security Auditor

BRITISH STANDARD INSTITUTION-(BSI) Group Inc
11.2022 - Current
  • Lead and direct comprehensive internal/external control assessments for 500+ organizations across achieving 100% adherence to ISO 27001, 9001, 22301, 27701,27017,27018, SOC 1/2/3, NIST, CSA STAR, and TISAX frameworks which reduce compliance violations by 40% annually.
  • Establish enterprise-wide information security policies and controls that align with business objectives and regulatory requirements.
  • Develop and implement enterprise risk management frameworks, such as ISO 27001, NIST RMF, and CIS to ensure compliance with industry standards.
  • Identify and ascertain the assurance and effectiveness of technological controls and gap analysis, perform testing, and walkthroughs and ensure appropriate testing procedures across the overall management systems.
  • Ensures that organizations are handling Personally Identifiable Information (PII) in accordance with applicable relevant laws and regulations.
  • Prepare executive-level reports on Confidentiality, Integrity and Availability of Information Security.
  • Supporting the delivery of Third-party engagement audits and interview lead Point of Contact (POC) among the teams leading to the issuance of SOC 1, SOC 2 and SOC 3 reports.
  • Ensure compliance with regulatory requirements such as GDPR, GLBA, CCPA, CPRA, HIPAA, and PCI-DSS, and review any emerging cybersecurity threats and regulatory requirements.
  • Responsible for monitoring and analyzing security event logs (SIEM), identifying potential security incidents (IDS/IPS), Data Loss Prevention (DLP), Endpoint Detection and Response (EDR) tools, and implementing corrective actions.
  • Evaluate the integrity and accuracy of data processing, bias and legality in Artificial Intelligence (AI) models.
  • Ensure Artificial Intelligence (AI) systems align with applicable relevant laws and regulations such as data encryption, anonymization, privacy and access controls for the AI datasets.
  • Conduct cloud security assessments (AWS, Azure, Fedramp) and third-party vendor evaluations to integrate and ensure cloud security.
  • Oversee the management of IT Systems and infrastructure, including information backup and recovery processes.
  • Design and deliver training programs for senior management on ISO 22301 Business Continuity Management System by emphasizing the leadership’s role in promoting a culture of awareness in business continuity.
  • Coach and mentor private individuals on understanding the scope of implementing risk management, auditing and business continuity best practices in promoting career growth.

Information Security Auditor

INDEPENDENCE AMERICAN INSURANCE COMPANY
03.2022 - 07.2022
  • Performed cybersecurity audits to measure the effectiveness of the company’s cybersecurity.
  • Performed testing and walkthrough procedures to ensure company’s compliance with Sarbanes-Oxley (SOX) processes.
  • Planned audits and gap analyses for compliance with the company’s policies and cybersecurity and privacy requirements such as PCI, NACHA, HIPAA, ISO 27001 and 23 NYCRR 500.
  • Conducted audit interviews and request evidence needed for performing audit.
  • Recommended to the Chief Information Security Officer (CISO) the identification of risk, assessing and providing remediation in mitigating the risks.
  • Evaluated internal security systems and ensuring compliance with applicable laws and regulations.
  • Mapping and writing technical reports that analyze audit results.

Risk Management/ Compliance Analyst

Texas Dept. of Criminal Justice
09.2018 - 03.2022
  • Supported Risk identification, assessment, and reporting of risks across the unit.
  • Managed the ongoing development and day- to- day management of the prison service Risk management policy and procedures.
  • Advised on risk-related issues as they arise.
  • Provided guidance and assistance to Risk owners in every area, in understanding, monitoring, and managing risk on an ongoing basis.
  • Reported to the supervisors on all Risk related issues.
  • Liaised with all levels of Prison Service Management effectively to ensure that regulatory Compliance (CJIS) and other risks are identified, and that information (including Risk and controls) are incorporated into the Risk register.
  • Supported the management of governance and regulatory requirements and obligations of the Service.
  • Worked with control owners and operators to ensure quality, consistency, and operability of new and existing controls.
  • Conducted compliance risk reviews as required by the agency.

IT Auditor Consultant

H.C.A Services LLC, Dallas
07.2017 - 08.2018
  • Reviewed IT General Controls (ITGC) in various applications, databases, operating systems and network devices.
  • Performed and documented audit activities in accordance with professional standards such as COBIT and COSO internal control frameworks.
  • Performed testing and walkthrough procedures to ensure company’s compliance with Sarbanes Oxley (SOX) processes.
  • Performed (SOC)/SSAE 18 audit and Review, using COBIT and NIST 800- 53 frameworks.
  • Executed ITGC testing for (SOC)/SSAE18 reports in compliance.
  • Audited Windows and UNIX logical access controls and administrative access review.
  • Performed walkthrough of controls and evaluate operating effectiveness of controls.
  • Assessed IT internal controls as part of financial statement audit, Internal and operational audits, attestation engagement and Audit readiness.
  • Provided recommendations for remediation of the identified risks and vulnerabilities.
  • Tested compliance with company policies and procedures to ensure it conforms to industry standards.
  • Participated in special projects such as Segregation of Duties (SOD) business challenge projects and identify conflicts or inadequate internal controls and provide recommendations.
  • Evaluated internal compliance testing programs for completeness.
  • Identified and implemented continuous process improvement aimed at enhancing excellent customer service.
  • Maintained and updated appropriate work papers on result of failed controls, testing performed and appropriate remediation.

Manager, Operations Control Center

Skyway Aviation Handling Company (SAHCOL), Lagos state, Nigeria
09.2010 - 06.2017
  • Managed running the operation control center including delivering daily management of the department related to operations and flights dispatch.
  • Overseeing the Third-party service providers against the on-time departure and on-time arrival of operational flights.
  • Ensured close collaboration with the maintenance control for flight scheduling, maintenance events and Aircraft on the Ground (AOG) situations.
  • Ensured the on-time provision of operational equipment needed for all flights.
  • Managed the OCC Team in support of efficient oversight and supervision of day-to-day operations, in respect to the daily operation requirements related to the Flight/Ground operations customer and Dispatch liaison.
  • Reviewed the flight plan provided by the flight dispatcher, and ensured it complies with the national and international regulations and the customers’ requirements, safety and security.
  • Ensured the appropriate Standards of operation (SOP) relating to safety and security are achieved in line with the ICAO and ISO standards.
  • Monitored and reported operational performance in support of performance management and continuous improvement across the airlines and the Handling company.
  • Conducted periodical audits of the Handling company’s processes and procedures, and recommended controls to mitigate any risk identified.

Internal Auditor

Bellview Airlines Limited, Lagos state, Nigeria
09.2004 - 08.2009
  • Conducted financial audits, reviewed various airline processes including operations, sales, maintenance and human resources.
  • Prepared fiscal financial reports for the stakeholders to identify and report on the financial position in ensuring continual improvements of the business operations.
  • Monitored and followed up on any audit recommendations to ensure effective implementation.
  • Ensured compliance with all regulatory requirements, airline policies, SOPs and industry standards (ICAO, NCAA etc.).

Education

Post Graduate Diploma - Transport Management

Ladoke Akintola University of Technology

BSC - Business Administration

Rufus Giwa Polytechnic

Skills

  • Risk Assessment/Management
  • CSA STAR Cloud Systems
  • Artificial Intelligence (AI)
  • SOC 1, 2, 3 Audit Reports
  • PCI-DSS Security Processes
  • Mergers & Acquisitions
  • NIST 800-53 Security Controls
  • Control Testing & Review
  • ISO 9001 Quality Management System
  • ISO 20000 Information Technology Management System
  • TISAX Information Security Risk Assessment for Automobile
  • Control Objects for Information & Related Technology
  • ISO 9001, ISO 22301, ISO 27017, 27018, ISO 27701, ISO 31000, PII
  • CSA-STAR, NIST-CSF, GDPR, CIS, CCPA, CMMC
  • Cybersecurity
  • Internal Audits
  • Sarbanes-Oxley 404
  • Team Management
  • HIPPA
  • NYCRR 500

Certification

  • Certified Information Systems Security Professional (CISSP) issued by ISC2
  • Certified Risk Information System Control (CRISC) issued by ISACA
  • Certified Information System Auditor (CISA) issued by ISACA
  • Certified Information Security Manager (CISM), issued by ISACA
  • ITSM, BSI-ISO/IEC 20000, issued by BSI
  • ISMS/Lead Auditor, BSI-ISO 27001:2022, issued by BSI
  • QMS/Lead Auditor, BSI-ISO 9001:2015, issued by BSI
  • Privacy Requirements, BSI-ISO 27701:2019, issued by BSI
  • Business Continuity Management System, BSI-ISO22301:2015, issued by BSI
  • Artificial Intelligence, BSI- ISO/IEC 42001:2023, issued by BSI
  • TISAX Auditor Training Certificate, issued by BSI
  • FAA Flight Dispatch License (FAA)

Accomplishments

  • Global Lead Auditor – Spearheaded compliance audits for ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 22301 (BCMS), ensuring adherence to international security and quality standards.
  • Business Continuity & Disaster Recovery Architect – Developed and implemented high-level recovery plans to minimize downtime, enabling organizations to resume critical operations swiftly post-disruption.

Affiliations

  • Information System Audit & Control Association (ISACA)
  • International Information System Security Certification Consortium, Inc (ISC2)

Timeline

Digital Assurance Client Manager: Senior Information Security Auditor

BRITISH STANDARD INSTITUTION-(BSI) Group Inc
11.2022 - Current

Information Security Auditor

INDEPENDENCE AMERICAN INSURANCE COMPANY
03.2022 - 07.2022

Risk Management/ Compliance Analyst

Texas Dept. of Criminal Justice
09.2018 - 03.2022

IT Auditor Consultant

H.C.A Services LLC, Dallas
07.2017 - 08.2018

Manager, Operations Control Center

Skyway Aviation Handling Company (SAHCOL), Lagos state, Nigeria
09.2010 - 06.2017

Internal Auditor

Bellview Airlines Limited, Lagos state, Nigeria
09.2004 - 08.2009

Post Graduate Diploma - Transport Management

Ladoke Akintola University of Technology

BSC - Business Administration

Rufus Giwa Polytechnic

Similar Profiles

  • KAYODE AGBOOLA-

    KAYODE AGBOOLA-KAYODE AGBOOLA-

    Senior Information Security Auditor at BRITISH STANDARD INSTITUTION-(BSI) Group IncSenior Information Security Auditor at BRITISH STANDARD INSTITUTION-(BSI) Group Inc

  • Abhishek Dutta

    Abhishek DuttaAbhishek Dutta

    Business Development Manager at BSI - British Standard InstitutionBusiness Development Manager at BSI - British Standard Institution

  • Jeffrey Standifer

    Jeffrey StandiferJeffrey Standifer

    Senior Accounts Billing Analyst (Contract) at BSISenior Accounts Billing Analyst (Contract) at BSI

  • Viral Parikh

    Viral ParikhViral Parikh

    Senior Associate Information Security Auditor at ANB Solutions Pvt.LtdSenior Associate Information Security Auditor at ANB Solutions Pvt.Ltd

  • Sheerin Sirajudeen

    Sheerin SirajudeenSheerin Sirajudeen

    Senior Information Security Manager – Information Cyber Security at Standard Chartered Global BusinessSenior Information Security Manager – Information Cyber Security at Standard Chartered Global Business

CREATE PROFILE
KAYODE AGBOOLA