Summary

Overview

Work History

Education

Skills

Certification

Timeline

Jordan Gyimah

Summary

Seasoned IT compliance professional with9 years of experience in managing compliance programs, regulatory requirements, and risk assessments. Proficient in NIST frameworks, conducting security evaluations, and developing vendor risk mitigation strategies. Seeking a Director of IT Compliance, Audit, and Risk role to leverage expertise in enhancing compliance posture and risk management processes.

Knowledgeable Risk Manager equipped with strategic planning and program leadership abilities honed in [Type] industry environments. Establishes strong and successful policies to mitigate risk at each level and establish clear procedures for assessments, prevention and containment. Familiar with regulatory requirements to maintain strict controls.

Risk management professional with comprehensive understanding of financial risk assessment and mitigation. Adept at identifying and analyzing potential risks, implementing robust risk management strategies, and fostering collaboration to achieve organizational goals. Known for adaptability and reliability in dynamic environments, combined with strong analytical skills and keen eye for detail.

Overview

years of professional experience

Certification

Work History

Senior Third-Party Risk Analyst/ IT Auditor

Oasis Living Center

10.2020 - Current

Analyze and categorize inherent risks of new vendors to guide security assessments, ensuring alignment with organizational requirements
Conduct comprehensive security evaluations, including reviewing Standard Information Gathering (SIG) questionnaires and analyzing SOC2 reports, penetration test results, and policies to identify vendor vulnerabilities
Monitor and track the resolution of critical and high-severity vendor risk findings, providing mitigation recommendations and updating the risk register
Collaborate with Legal and vendor relationship managers to address security concerns in contracts and resolve issues with uncooperative vendors
Maintain and update internal policies and procedures, contribute to organizational compliance efforts, and facilitate security awareness training

Third Party Risk/Compliance Analyst

Kellogg, Brown & Root

08.2015 - 09.2020

Conducted comprehensive security risk assessments for new and existing third-party vendors, ensuring alignment with information security controls through detailed analysis of Vendor Security Questionnaires (VSQs) and Standard Information Gathering (SIG) responses
Analyzed critical vendor-provided documentation, including Service Organization Control (SOC) reports, vulnerability scans, and penetration tests, to identify and address gaps or exceptions in security measures
Coordinated and conducted onsite and virtual risk assessments of third-party vendors, focusing on their compliance with relevant regulations, policies, and internal controls, and maintained the third-party risk management (TPRM) lifecycle activities
Reviewed and updated the company's Risk Register, evaluated vendors' corrective action plans, and collaborated with control owners to mitigate risks identified during audit activities, escalating unresolved supplier issues to senior management for resolution

Education

Higher National Diploma - Auto/diesel Mechanic

Kumasi Technical Institute

06.1988

Skills

Vendor Assessment
Risk Mitigation
Analytical Skills
Problem Solving Skills
Time Management
Hitrust/ Hipaa/ Nist/ Iso27000
Microsoft Office365
Team Building
Oral and Writing Communication
Mitigation Strategy
IT Control Testing
Risk Assessment

Internal Audit Standards
Communication
Leadership
Strategy
Governance
Project Management
Compliance Management
Operational risk
Tableau visualization
Microsoft Excel
Risk mitigation
Risk analysis training

Certification

CompTIA Security+ certified
ISACA CISA certified
ISACA CISM certified

Timeline

Senior Third-Party Risk Analyst/ IT Auditor

Oasis Living Center

10.2020 - Current

Third Party Risk/Compliance Analyst

Kellogg, Brown & Root

08.2015 - 09.2020

Higher National Diploma - Auto/diesel Mechanic

Kumasi Technical Institute

Jordan Gyimah

Summary

Overview

Work History

Senior Third-Party Risk Analyst/ IT Auditor

Third Party Risk/Compliance Analyst

Education

Higher National Diploma - Auto/diesel Mechanic

Skills

Certification

Timeline

Senior Third-Party Risk Analyst/ IT Auditor

Third Party Risk/Compliance Analyst

Higher National Diploma - Auto/diesel Mechanic

Similar Profiles

Scotland RossScotland Ross

Deborah MyersDeborah Myers

Ethan EricssonEthan Ericsson

Kharlifa AbbeyKharlifa Abbey

Harini Sree BoinpallyHarini Sree Boinpally