Summary

Overview

Work History

Education

Skills

Certification

Timeline

Hi, I’m

Joshua Obiossai

San Antonio,Texas

Summary

Highly motivated and results-oriented GRC Analyst with expertise in information security frameworks (ISO 27001, NIST 800 series, COBIT) and a proven track record of collaborating with business units to achieve compliance objectives. Adept at conducting complex risk assessments, managing third-party vendor security, and streamlining audit processes (HITRUST, SOC 2, PCI DSS). Skilled in utilizing industry-standard GRC tools (e.g., RSA Archer, OneTrust) to manage data, track progress, and generate reports.

Overview

years of professional experience

Certification

Work History

United Health Group

GRC Analyst

03.2022 - Current

Job overview

Led comprehensive risk assessments of high-risk vendors, analyzing security posture and identifying potential vulnerabilities
Streamlined audit processes for HITRUST, SOC 2, and PCI DSS, ensuring timely completion and regulatory compliance
Collaborated with teams to refine incident response protocols and proactively manage policy/control exceptions
Monitored vendor performance against contracts, SLAs, and industry standards, escalating critical issues and recommending mitigation strategies
Maintained comprehensive risk data in OneTrust and ensured complete data upload for accurate reporting
Utilized standardized methods (SIG and IRQ) for accurate risk assessments and JIRA for efficient task management.

Wells Fargo

Third-Party Risk Analyst

06.2019 - 02.2022

Job overview

Conducted risk and control assessments for medium and high-risk vendors, evaluating their security posture through SOC reports, penetration tests, and BCP/DR/IRP plans
Analyzed vendor financial health, regulatory compliance, and potential risks through due diligence on financial statements, credit reports, legal contracts, and business licenses
Collaborated with stakeholders to navigate risks across critical areas (supply chain, distribution channels, regulations), proactively identifying and documenting potential threats
Developed standardized methods for collecting vendor data, improving efficiency and data accuracy, and successfully expanded the program internationally
Utilized RSA Archer to track progress, manage findings, and generate risk metrics for senior leadership.

MoneyGram

Cybersecurity Analyst

03.2016 - 05.2019

Job overview

Led evidence collection for annual NIST 800-53 assessments, ensuring all control requirements were met and reports presented a clear picture of compliance
Conducted analysis on logs, reports, and configuration data to identify potential security issues
Developed and managed a comprehensive system for both internal and external access control
Provided training and support to internal stakeholders on NIST 800-53 requirements and evidence collection procedures.
Enhanced network security by implementing advanced threat detection and prevention systems.
Reduced risk of cyber attacks by conducting regular vulnerability assessments and penetration testing.
Improved incident response times by developing and maintaining cybersecurity playbooks for common attack scenarios.
Ensured compliance with industry regulations by performing comprehensive audits on existing security policies and procedures.
Collaborated with IT teams to integrate security measures into the development and deployment of new applications.
Streamlined communication during incidents by establishing clear protocols for reporting potential threats or breaches in a timely manner.

Education

Lagos State University

Bachelor of Arts

Skills

GRC Frameworks: ISO 27001, NIST 800 series, COBIT, PCI DSS, HIPAA
Risk Management: Risk Assessment (Threat Analysis, Vulnerability Management), Risk Mitigation Strategies
Vendor Management: Third-Party Risk Management, Vendor Risk Assessments, Contract Management

Audit & Compliance: HITRUST, SOC 2, PCI DSS, Internal Audits, Gap Analysis, Remediation Plans
Data Analysis & Reporting: Data Collection, Reporting Tools (OneTrust, RSA Archer)
Technical Skills: RSA Archer, OneTrust, Knowbe4, JIRA, ServiceNow

Certification

Certified Information Systems Auditor (CISA)
CompTIA Security+
CISM-In-View

Timeline

GRC Analyst

United Health Group

03.2022 - Current

Third-Party Risk Analyst

Wells Fargo

06.2019 - 02.2022

Cybersecurity Analyst

MoneyGram

03.2016 - 05.2019

Lagos State University

Bachelor of Arts

Similar Profiles

TIFFINEY JOHNSONTIFFINEY JOHNSON
Provider Customer Service Representative at United Health GroupProvider Customer Service Representative at United Health Group
RICHARD C. JORDANRICHARD C. JORDAN
Inside Sales Representative at United Health GroupInside Sales Representative at United Health Group
HEATH N. WORTHINGTONHEATH N. WORTHINGTON
Patient Advocate at United Health GroupPatient Advocate at United Health Group
Nuermaimaiti YilayiayiNuermaimaiti Yilayiayi
Test Automation Engineer at United Health GroupTest Automation Engineer at United Health Group
Daniel GuillenDaniel Guillen
Diesel Technician at Loves Travel CenterDiesel Technician at Loves Travel Center

CREATE PROFILE

Summary

Overview

Work History

United Health Group

Job overview

Wells Fargo

Job overview

MoneyGram

Job overview

Education

Lagos State University

Skills

Certification

Timeline

GRC Analyst

Third-Party Risk Analyst

Cybersecurity Analyst

Lagos State University

Similar Profiles

TIFFINEY JOHNSONTIFFINEY JOHNSON

RICHARD C. JORDANRICHARD C. JORDAN

HEATH N. WORTHINGTONHEATH N. WORTHINGTON

Nuermaimaiti YilayiayiNuermaimaiti Yilayiayi

Daniel GuillenDaniel Guillen