Summary
Overview
Work History
Education
Skills
Certification
Additional Information
Timeline
Generic

Gbemisola Kenneth

DALLAS,TX

Summary

Experienced Third-Party Risk and GRC Analyst, with 6 + years of expertise in conducting comprehensive risk assessments in the financial, healthcare and retail sectors. Skilled in developing and executing governance, risk, and compliance strategies, with a strong focus on third-party risk management and regulatory compliance. Proficient in evaluating vendor risk, mitigating potential threats, and ensuring alignment with industry standards and frameworks such as NIST CSF and ISO 27001. Adept at enhancing cybersecurity policies and maintaining secure, compliant business operations.

Overview

6
6
years of professional experience
1
1
Certification

Work History

Third Party Risk Security Analyst

Nix Healthcare System
San Antonio
03.2021 - Current
  • Conduct Third-Party Risk Assessments using client’s Risk Assessment framework
  • Identifies and recommends appropriate measures to manage and mitigate risks and reduce potential impacts on information resources to a level acceptable to the organization
  • Identifies and reports on new and emerging security risk and risk trends, including participating in risk remediation solution discussions and recommending updates to policy and standard
  • Documents third party issue appropriately for Issue Management Team attention
  • Monitors and tracks any outstanding risks with third parties and/or internal stakeholders, contributing to Enterprise Risk Register processes
  • Works on specific risk-related projects as directed by management
  • Conduct risk assessments to help identify and describe the operational, reputational, financial, and compliance risks affecting SEI’s businesses
  • Evaluate, assess, and quantify the potential impact of risks to SEI’s businesses
  • Report risks in the manner appropriate for each target audience, highlighting the relevant likelihood and severity of each risk
  • Assist in determining the most appropriate response to identified risks (avoid, share, reduce, accept)
  • Understand SEI’s Corporate “risk appetite” (i.eThe level of risk SEI is prepared to accept) and work in a manner that supports adherence to it
  • Keep abreast of business and technology trends, particularly in the areas of business resilience, third party risk, cybersecurity, information governance, and identity management
  • Assists the Third Party Risk Program Manager/Officers to implement and educate on the policies, standards, guidelines, tools, models, systems, and procedures required to support the Program
  • Coordinates with the Third Party Program Manager/Officers to maintain the third party inventory, risk assessment information, contracts, action plans, watch list, service level agreements, issues, and required documents within the GRC system, SharePoint, and document management system.

Cybersecurity Specialist

Wayfair Retail
06.2018 - 02.2021
  • Developed and implemented PCI-DSS compliance strategies, achieving and maintaining full compliance status
  • Conducted AI compliance assessments and DPIA for new retail technologies, ensuring alignment with GDPR requirements and reducing data breach risks by 20%
  • Implemented SIEM solutions and conducted real-time monitoring, reducing incident response time by 50%
  • Led disaster recovery planning efforts, resulting in a 75% reduction in downtime during system outages
  • Enhanced asset management processes, leading to a 15% increase in asset visibility and control
  • Conducted regular Compliance Audits to ensure all company operations were in line with industry standards and regulations
  • Conducted successful NERC CIP assessments, ensuring compliance with critical infrastructure protection standards
  • Developed comprehensive Security Policies, effectively minimizing potential risks and vulnerabilities
  • Led a team in implementing PCI DSS standards as part of the organization's risk management strategy
  • Interpreted and translated Regulatory Requirements into technical specifications to strengthen the firm's governance, risk and compliance (GRC) program
  • Utilized data analysis tools to evaluate internal controls and ensure compliance with regulatory requirements
  • Implemented stringent data integrity checks that ensured the accuracy and consistency of information across multiple systems
  • Participated in the planning and execution of External Audits to minimize risks
  • Managed and maintained the RSA Archer platform, ensuring optimal performance and alignment with GRC requirements
  • Utilized Access Controls techniques to facilitate risk management and improve security measures
  • Developed and enforced robust Audit Procedures that enhanced the company's governance, risk and compliance framework
  • Utilized strong time management skills to effectively juggle multiple projects and tasks
  • Demonstrated Adaptability through swiftly learning new GRC software to enhance company compliance standards
  • Applied strong interpersonal skills in collaborating with cross-functional teams to successfully identify and mitigate risks
  • Developed effective regulatory reporting strategies in compliance with Regulatory Standards.

Education

BSc Business Management - Business Administration and Management

Lead University

Skills

  • NIST
  • ISO 27001 Compliance
  • Vulnerability Management
  • Incident Response
  • SIEM
  • IAM
  • Risk Assessment
  • Third-Party Risk Management
  • Policy development
  • Threat Intelligence
  • Asset Management
  • EGRC Solutions
  • RiskRhino
  • SOX
  • Security Policies
  • Compliance Audits
  • PCI DSS
  • GRC Software
  • Regulatory Requirements
  • Network Security
  • IT Security
  • Data Analysis
  • Data Integrity
  • External Audits
  • RSA Archer
  • SAP GRC
  • ServiceNow GRC
  • Access Controls
  • Audit Procedures
  • Time Management
  • Adaptability
  • Interpersonal Skills
  • Analytical Thinking
  • Attention To Detail

Certification

  • Certified Information Systems Auditor ( CISA )
  • RiskRhino | Certified eGRC Professional

Additional Information

  • Title: Third party risk security Analyst | GRC Analyst

Timeline

Third Party Risk Security Analyst

Nix Healthcare System
03.2021 - Current

Cybersecurity Specialist

Wayfair Retail
06.2018 - 02.2021

BSc Business Management - Business Administration and Management

Lead University

Similar Profiles

CREATE PROFILE
Gbemisola Kenneth