Summary
Overview
Work History
Education
Skills
Accomplishments
Affiliations
Timeline
Generic

KAYODE AGBOOLA-

CISSP,CISM,CRISC,CISA,ISO Lead Auditor
Forney,TX

Summary

Seasoned cybersecurity and risk management professional with over 15 years of experience leading compliance audits. Specializes in ISO 27001 Implementation, NIST Risk Management Framework, SOC Reporting Processes, and Enterprise Risk Assessment Models (ISO 31000). Skilled in Vulnerability Assessment Techniques and knowledgeable in Compliance Regulations such as GDPR, HIPAA, and PCI-DSS. Holds prestigious certifications including CISSP, CISA, CRISC, CISM, ISO LA, and FAA Flight Dispatch License. Results-oriented audit expert with strong analytical abilities and deep understanding of financial regulations. Recognized for identifying inefficiencies, ensuring accurate reporting, and strengthening internal controls. Reliable team player focused on collaboration, adaptability, and achieving objectives in fast-paced environments. Proficient in risk assessment methodologies, data analysis techniques, and various audit software tools.

Overview

21
21
years of professional experience
22
22
years of post-secondary education

Work History

Senior Information Security Auditor

BRITISH STANDARD INSTITUTION-(BSI) Group Inc
Herndon, VA
11.2022 - Current
  • Lead comprehensive internal/external audits for organizations across achieving adherence to ISO 27001, 9001, 22301, 27701,27017,27018, SOC 1/2, NIST, CSA STAR, and TISAX frameworks which reduce compliance violations by 40% annually.
  • Establish enterprise-wide information security policies and controls that align with business objectives and regulatory requirements.
  • Implement enterprise risk management frameworks, such as ISO 27001, NIST RMF, and CIS to ensure compliance with industry standards.
  • Ascertain the assurance and effectiveness of technological controls and gap analysis, perform testing, walkthrough and ensure appropriate testing procedures across the overall management systems.
  • Champion the implementation of data protection strategies, which fortified Personally Identifiable Information (PII) handling practices, leading to zero reported compliance breaches across audited organizations.
  • Prepare executive-level reports on Confidentiality, Integrity and Availability of Information Security.
  • Ensure compliance with regulatory requirements such as GDPR, GLBA, CCPA, CPRA, HIPAA, and PCI-DSS, and review any emerging cybersecurity threats and regulatory requirements.
  • Develop client's security incident response time by 30% through the configuration of Intrusion Detection/Prevention Systems (IDS/IPS); created detailed reports for management to address critical vulnerabilities.
  • Evaluate the integrity and accuracy of data processing, bias and legality in Artificial Intelligence (AI) models.
  • Ensure Artificial Intelligence (AI) systems align with applicable relevant laws and regulations such as data encryption, privacy and access controls for the AI datasets.
  • Spearhead third-party vendor risk assessments to evaluate security protocols, resulting in a 25% decrease in identified cloud vulnerabilities across AWS, Azure, and Fed Ramp environments.
  • Pilot IT systems and infrastructure management, establishing data backup and recovery processes in compliance with ISO 27001 standards, crucial to maintaining certifications.
  • Develop business continuity strategies through ISO 22301 training, enabling a seamless shift to remote work during a simulated crisis and underscoring executive roles in business continuity awareness.
  • Lead a cybersecurity awareness program for individuals, and implementing risk management, auditing and business continuity best practices in promoting career growth.

Information Security Auditor

INDEPENDENCE AMERICAN INSURANCE COMPANY
Raleigh, NC
03.2022 - 07.2022
  • Performed cybersecurity audits to measure the effectiveness of the company's cybersecurity.
  • Performed testing and walkthrough procedures to ensure company's compliance with Sarbanes-Oxley (SOX) processes.
  • Planned audits and gap analyses for compliance with the company's policies and cybersecurity and privacy requirements such as PCI, NACHA, HIPAA, ISO 27001 and 23 NYCRR 500.
  • Conducted audit interviews and request evidence needed for performing audit.
  • Recommended to the Chief Information Security Officer (CISO) the identification of risk, assessing and providing remediation in mitigating the risks.
  • Evaluated internal security systems and ensuring compliance with applicable laws and regulations.
  • Formulated detailed technical reports highlighting non-compliance issues, triggering prompt corrective actions and adherence to regulatory standards, resulting in zero compliance violations.

IT Auditor Consultant

H.C.A Services LLC
Dallas, TX
07.2017 - 08.2018
  • Company Overview: Dallas
  • Performed and documented audit activities in accordance with professional standards such as COBIT and COSO internal control frameworks.
  • Performed testing and walkthrough procedures to ensure company's compliance with Sarbanes Oxley (SOX) processes.
  • Performed (SOC)/SSAE 18 audit and Review, using COBIT and NIST 800- 53 frameworks.
  • Validated IT general controls (ITGC) for 10+ Service Organization Control (SOC) reports, guaranteeing compliance with SSAE 18 standards and minimizing potential audit findings by 15% within the scope.
  • Audited Windows and UNIX logical access controls and administrative access review.
  • Performed walkthrough of controls and evaluate operating effectiveness of controls.
  • Assessed IT internal controls as part of financial statement audit, Internal and operational audits, attestation engagement and Audit readiness.
  • Validated IT general controls (ITGC) for 10+ Service Organization Control (SOC) reports, guaranteeing compliance with SSAE 18 standards and minimizing potential audit findings by 15% within the scope.
  • Verified adherence to Sarbanes-Oxley (SOX) and Payment Card Industry Data Security Standard (PCI DSS) frameworks across IT infrastructure, decreasing potential non-compliance penalties and strengthening data protection protocols.
  • Championed a streamlined approach to audit workflows by training 5 junior auditors on new compliance testing methodologies that reduced testing time by 25% weekly.
  • Identified and implemented continuous process improvement aimed at enhancing excellent customer service.
  • Maintained and updated appropriate work papers on result of failed controls, testing performed and appropriate remediation.
  • Dallas

Risk Management/ Compliance Analyst

Texas Dept. of Criminal Justice
Dallas, TX
09.2018 - 03.2022
  • Spearheaded a cross-functional risk assessment initiative, engaging the three most senior leaders, and aligning risk management with strategic objectives.
  • Managed the ongoing development and day-to-day management of the prison service Risk management policy and procedures.
  • Steered risk mitigation strategies for potential breaches, counseling stakeholders on policy implications and implementing preventative protocols that slashed incident occurrence by 15% within the first quarter.
  • Defined guidance and assistance to Risk owners in every area, in understanding, monitoring, and managing risk on an ongoing basis.
  • Escalated 75+ critical risk findings to supervisory authorities within a strict 24-hour timeframe, facilitating swift corrective actions and minimizing potential impact on prison service operations and regulatory compliance.
  • Orchestrated monthly compliance meetings with prison wardens and senior staff, embedding CJIS and security protocols into daily facility operations, leading to zero compliance breaches.
  • Enhanced Prison Service's regulatory obligations by facilitating training for 50+ staff members on updated CJIS protocols, leading to improved understanding and consistent application.
  • Fortified existing security controls by collaborating with 15+ control owners, streamlining workflows, and increasing operability, leading to zero critical audit findings in the yearly compliance review.
  • Prepared detailed reports and presented findings from compliance risk reviews to agency stakeholders; communicated recommendations to bolster adherence to regulatory mandates and standards.

Manager, Operations Control Center

Skyway Aviation Handling Company (SAHCOL)
Lagos, Nigeria
09.2010 - 06.2017
  • Company Overview: Lagos state, Nigeria
  • Managed running the operation control center including delivering daily management of the department related to operations and flights dispatch.
  • Championed a new communication protocol that streamlined coordination with service providers, achieving a consistent 99% on-time departure rate for all flights during peak seasons.
  • Ensured close collaboration with the maintenance control for flight scheduling, maintenance events and Aircraft on the Ground (AOG) situations.
  • Ensured the on-time provision of operational equipment needed for all flights.
  • Managed the OCC Team in support of efficient oversight and supervision of day-to-day operations, in respect to the daily operation requirements related to the Flight/Ground operations customer and Dispatch liaison.
  • Expedited pre-flight reviews, scrutinizing fuel load, weather conditions, and route optimization, decreasing potential in-flight diversions and directly enhancing customer arrival satisfaction scores.
  • Instituted rigorous safety and security SOP, aligning with ICAO and ISO standards, and boosting on-time flight departures through efficient ground operations, improving customer satisfaction.
  • Expedited regular audits of the Handling company's processes, offering key recommendations for risk mitigation and process improvements; reports led to a reduction in operational incidents annually.
  • Conducted periodical audits of the Handling company's processes and procedures, and recommended controls to mitigate any risk identified.
  • Lagos state, Nigeria

Internal Auditor

Bellview Airlines Limited
Lagos, Nigeria
09.2004 - 08.2009
  • Company Overview: Lagos state, Nigeria
  • Investigated and vetted financial audits, covering airline processes like operations and sales, producing comprehensive reports with actionable insights presented to senior management, influencing strategic decisions.
  • Prepared fiscal financial reports for the stakeholders to identify and report on the financial position in ensuring continual improvements of the business operations.
  • Monitored and followed up on any audit recommendations to ensure effective implementation.
  • Ensured compliance with all regulatory requirements, airline policies, SOPs and industry standards (ICAO, NCAA).
  • Lagos state, Nigeria

Education

PGD - Transport Management

Ladoke Akintola University of Technology
Nigeria
02.1997 - 01.2014

BSC - Business Administration & Management

Rufus Giwa Polytechnic
Nigeria
01.1997 - 12.2001

Skills

Risk Assessment/Management

Control Testing & Review

Cybersecurity

CSA STAR Cloud Systems

ISO 9001 Quality Management System

Internal Audits

Artificial Intelligence (AI)

ISO 20000 Information Technology Management System

Sarbanes-Oxley 404

SOC 1, 2, 3 Audit Reports

TISAX Information Security Risk Assessment for Automobile

PCI-DSS Security Processes

Control Objects for Information & Related Technology

HIPAA

Mergers & Acquisitions

undefined

Accomplishments

  • Global Lead Auditor, Spearheaded compliance audits for ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 22301 (BCMS), ensuring adherence to international security and quality standards.
  • Business Continuity & Disaster Recovery Architect Developed and implemented high-level recovery plans to minimize downtime, enabling organizations to resume critical operations swiftly post-disruption.
  • Enterprise Risk & Controls Expert, assessed 500+ private and government entities, optimizing management systems, access controls, and data protection (at rest, in use, and in transit) through rigorous documentation and review processes.

Affiliations

  • Information System Audit & Control Association (ISACA)
  • International Information System Security Certification Consortium, Inc (ISC2)

Timeline

Senior Information Security Auditor

BRITISH STANDARD INSTITUTION-(BSI) Group Inc
11.2022 - Current

Information Security Auditor

INDEPENDENCE AMERICAN INSURANCE COMPANY
03.2022 - 07.2022

Risk Management/ Compliance Analyst

Texas Dept. of Criminal Justice
09.2018 - 03.2022

IT Auditor Consultant

H.C.A Services LLC
07.2017 - 08.2018

Manager, Operations Control Center

Skyway Aviation Handling Company (SAHCOL)
09.2010 - 06.2017

Internal Auditor

Bellview Airlines Limited
09.2004 - 08.2009

PGD - Transport Management

Ladoke Akintola University of Technology
02.1997 - 01.2014

BSC - Business Administration & Management

Rufus Giwa Polytechnic
01.1997 - 12.2001

Similar Profiles

CREATE PROFILE
KAYODE AGBOOLA- CISSP,CISM,CRISC,CISA,ISO Lead Auditor