Hannah Ifekoya

• Supported enterprise data governance and risk oversight by reviewing first-line deliverables across cloud and on-premise environments for SOC 1/SOC 2 compliance.
• Conducted detailed control testing and risk assessments using Archer/Scope Manager, ensuring alignment with internal data governance standards and industry regulations.
• Partnered cross-functionally with cybersecurity, dev teams, and third-party auditors to validate remediation plans and ensure sustainable fixes.
• Led verification efforts on failed or overdue controls—evaluating RCA reports and evidencing sustainable resolution.
• Oversaw the creation of metric dashboards for key control health indicators, challenging assumptions and refining methodologies for clarity and compliance.
• Maintained a strong command of DCAM-aligned principles, leveraging them to support effective data governance and control evaluation.
• Analyzed data trends to support decision-making processes and enhance operational efficiency.
• Improved internal knowledge sharing by developing comprehensive documentation outlining standard operating procedures for various tasks.

Key Tools: RSA Archer, ServiceNow GRC, AWS (IAM/S3), SharePoint, MySQL

• Served in a second-line advisory capacity assessing internal data management controls and recommending improvements to control design.
• Provided risk oversight on cloud migrations, ensuring encryption, access controls, and least-privilege principles were implemented and evidenced.
• Supported BAU risk and compliance activities including vulnerability analysis, findings remediation, and security documentation review.
• Acted as liaison between technical teams and executive stakeholders to communicate data issues, verify remediation efforts, and align on sustainable governance strategies.
• Regularly collaborated on metric development and process enhancement related to control health and operational risk metrics.
• Developed detailed reports outlining compliance findings and recommendations for enhancement.
• Facilitated cross-functional collaboration to address complex compliance issues, fostering open communication and efficient problemsolving.

Key Tools: Splunk, Tableau, AWS Config, NIST 800-53

• Audited internal data systems and conducted issue verification on regulatory gaps related to personally identifiable information (PII) and cloud compliance.
• Created control testing documentation and supported root cause analysis (RCA) with engineering teams to ensure long-term remediation.
• Engaged in risk-based evaluations of control design and effectiveness across financial and healthcare environments.
• Tracked KPIs and KRIs, feeding them into executive-level dashboards for risk committee review.
• Analyzed data discrepancies to ensure accuracy and integrity of information across databases.
• Collaborated with cross-functional teams to streamline data collection procedures and improve efficiency.
• Conducted regular audits of datasets to identify inconsistencies and recommend corrective actions.